During the week-end, due to a link placed on the social networking site Reddit.com., the content of the Recording Industry Association of America’s (RIAA) website isn’t at hand of the public anymore.
The Reddit costumers used to share the link that utilized a hole in the SQL database backend. The damage appeared the moment thousands of pointless MD5 checksums and wasting scads of CPU time were generated, because of a slowing down which positioned the database into benchmark mode.
While trying denial-of-service type attack on the website created for those who aren’t keen on music, the Reddit user was unpleased and forced his luck modifying the SQL injection code to drop the tables containing the website content.
RIAA refuses to make a comment although the facts are clear: the content for a large segment of the weekend is nowhere to be found. A statement made by RIAA would have cleared up the situation: the content was either took out by an unidentified bad person or cleaned up when finding an unexpectedly process-intensive database server.
If we think about the RIAA position, we suppose it is surely embarrassed of the entire situation, even though the site solved its problem; the presence of the screenshots proves that they are unable to secure their own servers despite the fact they claim severe controls.
Whatever the opinion one could have, regarding the state of affairs, the final conclusion must be this only: never accept the malicious attacks. Anyone could make mistakes and these attacks rely on them.
