New York Times site hack shifts attention to registry locks

Mechanism provides relatively easy way to mitigate risk of unauthorized DNS changes, security researchers say

By , Computerworld |  Internet

Since the attacks on The Times, several of the websites using Melbourne IT as a registrar have applied registry locks, Moore said. Among the websites that appear to have put a lock in place are the Huffington Post, Mapquest, Starbucks and Twitter's TweetDeck. However, many other major websites using Melbourne IT have not done so yet, and remain vulnerable.

Matthew Prince, co-founder of CloudFlare, saiddomain registrars generally do not make it easy for website owners to request registry locks, however. "[Locks] make processes like automatic renewals more difficult," Prince said in a blog post. "However, if you have a domain that may be at risk, you should insist that your registrar put a registry lock in place."

Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan or subscribe to Jaikumar's RSS feed. His e-mail address is

See more by Jaikumar Vijayan on

Read more about malware and vulnerabilities in Computerworld's Malware and Vulnerabilities Topic Center.

Originally published on Computerworld |  Click here to read the original story.
Join us:






Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Ask a Question