Steve Gibson

A brief note about Steve Gibson, who I briefly mentioned in a previous post:

I was working in Earthlink’s Abuse department when his much-publicized DDoS attack was going on a few years ago. He identified the script kiddie he spoke to, as well as some of the attacking machines, as being on our network. He claimed he talked to someone at Earthlink who refused to do anything about it. He goes on to say:

Hackers take note: Earthlink appears to be a safe haven for your operations. From everything I have seen, Earthlink couldn’t care less WHAT you do, so long as someone pays the bill.

Funny, no one in my department ever heard a word from him: not a message left on our publicly-advertised voice mail line nor a single e-mail sent to either abuse@earthlink.net or security@earthlink.net, the two industry-standard e-mail addresses for reporting this type of thing. With such a pressing problem, you’d think he’d attempt to contact us through the appropriate channels instead of calling the “Director of Corporate Communications” (that title alone should tell you how useless this person is going to be for a problem like this).

Maybe he’s more interested in publicity for himself than actually trying to get these problems fixed?