back to article Perl-clutching hijackers appear to have seized control of 33-year-old programming language's .com domain

Unless the venerable language has finally breathed its last – which is more than a little unlikely – the Perl.com domain was hijacked yesterday. A warning went up on the perl.org infrastructure weblog overnight notifying users that perl.com now directed to a parking site and advised against visiting "as there are some signals …

  1. elDog

    I remember when "whitehouse.com" was nicely changed to a pr0n site

    Definitely a lot easier on this guys eyes than the old White House web pages from back in the naughty nineties.

    Do new domain owners now need to spring for every conceivable TLD combination of their moniker? Way back then I grabbed .com, .net, and .org just to be safe. Now there must be several hundreds. Good business for them that sell that stuff.

    1. disgruntled yank Silver badge

      Re: I remember when "whitehouse.com" was nicely changed to a pr0n site

      If memory serves, whitehouse.gov was the official domain, and some smarties bought up the .com. A friend who then worked in an elementary school library was showing her charges how to use the internet (this would have been 1999 or so) when she discovered the TLD confusion.

      1. davenewman

        Re: I remember when "whitehouse.com" was nicely changed to a pr0n site

        Actually, whitehouse.com was the domain of Whitehouse magazine, named after Mary Whitehouse the leader of the National Viewers and Listeners Association, an anti-sex campaign.

        1. jake Silver badge

          Re: I remember when "whitehouse.com" was nicely changed to a pr0n site

          "Actually, whitehouse.com was the domain of Whitehouse magazine"

          Or not. See: https://en.wikipedia.org/wiki/Whitehouse.com

          So far as I know, David Sullivan's Whitehouse Magazine never had WWW presence.

          1. Dazed and Confused

            Re: I remember when "whitehouse.com" was nicely changed to a pr0n site

            I'm pretty sure that whitehouse.com used to point to the whitehouse magazine site at least it was porn. I used to have to tell people on training classes to make sure they entered whitehouse.gov and not .com as that was not a website they should be accessing on the companies network.

    2. Stuart Castle Silver badge

      Re: I remember when "whitehouse.com" was nicely changed to a pr0n site

      Ideally, they should spring for every conceivable TLD and a few potential misspellings of their name. At least the most likely misspellings.

  2. DCFusor

    Sometimes older is better

    I'm a rather enthusiastic perl user myself, even on things like CGIs running in Raspberry Pis.

    Since I don't use the bleeding edge stuff - just the version that comes with whatever distro....not a problem for me yet.

    Updates to "distro perl" are pretty rare...

    Now, if the baddies get metacpan, we're all in he soup.

    1. firey

      Re: Sometimes older is better

      perl.com is/was just a commercial news/blog site for O'Reilly Media - so it won't have any affect on you getting distro upgrades :-)

  3. GBE

    I used to dislike Perl

    I used to dislike Perl.

    Then I learned PHP in order to maintain a pile of somebody else's code.

    And my feelings for Perl faded into insignificance.

    Then I met begger who had no feet.

    And thought to myself, "at least he doesn't have to maintain PHP code".

    1. karlkarl Silver badge

      Re: I used to dislike Perl

      That is truly beautiful poetry.

      1. Danny 2

        Re: I used to dislike Perl

        With all the will in the world

        Diving for dear life

        When we could be diving for Perl.

        1. karlkarl Silver badge

          Re: I used to dislike Perl

          Heh,

          I was spending far too long trying to turn GBE's into a Haiku. I just couldn't do it!

    2. Anonymous Coward
      Anonymous Coward

      Re: I used to dislike Perl

      We need a new web (and all-round utility belt toolkit) scripting language that:

      • Begins with P (of course)
      • Doesn't have syntax that looks like someone has mashed the symbols keys, or have functions with erratic names and equally erratic arguments, or be super-pernickety about whitespace (when perfectly lovely curly brackets exist)
      • Is fully Unicode-aware from the start
      • Has an animal logo that O'Reilly haven't yet used (that might be the hardest part)

      (Damn right I'm posting this anonymously... ;-D )

      PS: A shame we seemingly don't have access to 'ol' for very pedantic numbered lists, but having now done this as a normal unordered list, I am rather regretting my apparently spaced out formatting choice. Sorry.

      1. Anonymous Coward
        Anonymous Coward

        Re: I used to dislike Perl

        Pava?

        1. Throatwarbler Mangrove Silver badge
          Devil

          Re: I used to dislike Perl

          P++?

          1. katrinab Silver badge
            Unhappy

            Re: I used to dislike Perl

            "P is a programming language for asynchronous event-driven programming and the IoT that was developed by Microsoft and University of California, Berkeley"

            I think all the letters in the alphabet have been taken now.

          2. Dave559
            Pint

            Re: I used to dislike Perl

            I am sure P++ would be an excellent programming language, as it sounds like it requires many long nights in the pub to become an expert in it. That could also be its downside, mind you…

            1. Alan Brown Silver badge

              Re: I used to dislike Perl

              P++ sounds more like some kind of extreme porn activity than a night in the pub

              1. Glen 1
                Trollface

                Re: I used to dislike Perl

                Those things are not mutually exclusive.

                1. sev.monster Silver badge

                  Re: I used to dislike Perl

                  PubPorn? PornHub users need somewhere to go after the latest exodus after all.

      2. Twilight

        Re: I used to dislike Perl

        I agree with all of those except "looks like someone has mashed the symbol keys". Perl's sigils actually massively help code readability once you get used to them - at least in theory, Perl 5 had some weird legacy inconsistencies (fixed in Perl).

  4. disgruntled yank Silver badge

    The punishment is obvious, once they catch the perp

    Make him maintain old Perl code.

    1. stiine Silver badge

      Re: The punishment is obvious, once they catch the perp

      Did you mean 'fix'?

    2. Anonymous Coward
      Anonymous Coward

      Re: The punishment is obvious, once they catch the perp

      My first project was in Perl. Good ole /cgi-bin days...

      Glad we don't use that anymore mind.

      1. Anonymous Coward
        Anonymous Coward

        Re: The punishment is obvious, once they catch the perp

        At least cgi/bin was intelligable by a human, not some web monkey with Kool Aid in a drip who is the only person who can now understand the hideous node.js mashup running the company website backend.

      2. jake Silver badge

        Re: The punishment is obvious, once they catch the perp

        Who is "we", Kemosabe?

        A web site near and dear to you makes heavy use of perl, as do many others. Also, I don't know a single sysadmin worth his/her salt who doesn't use perl in all kinds of ways.

        1. sev.monster Silver badge

          Re: The punishment is obvious, once they catch the perp

          I don't, and I run our entire VMware cluster, the backup solution, and am the primary contact for about or over 50% of our on-prem and cloud infrastructure combined. I am not proud of this.

          I mostly use PowerShell. It's really not that bad. Yes, I used to hate it too. %s/Perl/PowerShell/

          I've learned that programming and scripting languages are basically all the same. Just give me a week with it and a problem to solve. Unless it's a functional language... I still have nightmares about Haskell...

    3. Twilight

      Re: The punishment is obvious, once they catch the perp

      There's nothing wrong or unmaintainable about "old" perl code. However, if you just meant badly-written, I whole-heartedly agree. Well-written perl code is very easy to maintain but, when someone got "clever", watch out...

      1. This post has been deleted by its author

      2. jake Silver badge

        Re: The punishment is obvious, once they catch the perp

        Getting clever in perl is part of the fun ... and a very good way to increase your knowledge of the language.

        But never get clever for real work. Unless there is no other answer, which I doubt. It's perl, after all, there are always other valid answers.

        1. larsbrinkhoff

          Re: The punishment is obvious, once they catch the perp

          Hello,

          I'm researching the ITS operating system. I'm curious about Zork and/or ITS tape you mentioned some time ago. Would you please contact me?

          Best regards,

          Lars Brinkhoff

      3. Alan Brown Silver badge

        Re: The punishment is obvious, once they catch the perp

        https://en.wikipedia.org/wiki/Obfuscated_Perl_Contest

  5. druck Silver badge

    I loved Perl so much...

    ...I singled handedly ported 36,000 lines of Perl to Python, while it was still being actively developed. I was at it day and night for 3 months, everyone thought I was mad, myself included at times. But they thanked me for it in the end, as the development rate increased by at least 50%, and the number of migraines halved.

    1. Anonymous Coward
      Anonymous Coward

      Re: I loved Perl so much...

      Brave of you to admit that.

    2. boblongii

      Re: I loved Perl so much...

      I much prefer Perl to Python.

    3. Anonymous Coward
      Anonymous Coward

      Re: I loved Perl so much...

      And then I ported the python to ruby ... !#$!@ indent blocks

    4. Charlie Clark Silver badge

      Re: I loved Perl so much...

      I don't like perl much myself but I would have thought is should be possible to automate much of that: the languages are close enough in many ways, especially for procedural stuff. Of course, the whole thing becomes a lot easier if there are tests…

      1. druck Silver badge

        Re: I loved Perl so much...

        I did automate most of it, with a Python script containing an absolute obscenity of reg-ex's, but it did 95% of the donkey work so I could concentrate on debugging.

    5. disgruntled yank Silver badge

      Re: I loved Perl so much...

      Back in the day (30+ years ago), I heard someone's quip that any programming language would let you hang yourself, given enough rope, but C would go down to the hardware store and buy the rope for you. Perl is sort of that way. I have seen really good, very well documented Perl. I have seen (and committed) the other kind.

      Over the last years, I have written more in Python, largely because that is what the young coders know. But I still like Perl, even if these days it takes me a few minutes to remember to use semicolons, etc.

    6. jake Silver badge

      Re: I loved Perl so much...

      One client asked me to do a similar job, porting working perl to python.

      I said "OK, it'll cost you, but I'll do it. But I'd like you to answer one question: Why?"

      They couldn't come up with an answer, other than "SHINY!". I convinced them (with numbers) that sticking to perl was the better option. That was nearly 20 years ago. They are still using perl.

      1. druck Silver badge

        Re: I loved Perl so much...

        Twenty years ago Perl was still popular and there wasn't any problem finding devs. These days we were relying on half a dozen crusty and costly contractors who had Perl and luckily also Python skills. No one who had been in the department less than a decade had any real Perl experience, but all the perms knew Python. So the choice was either to train everyone up on a declining and difficult to master language just follow an old corporate standard, or turn the ship around and develop new code in something that matched the skills set, and could be supported in house for at least another couple of decades.

  6. Sanford Olson

    Seriously?? IT's #1 job (after backups) is making sure domains don't expire

    It's fairly easy to get a 10+ year pre-paid domain registration, and it doesn't even cost that much. And you just put it on your calendar to review it each year for appropriate Admin and Tech contacts (and renew the domain if it will expire in the next 3 years. Oh, and put MFA on that account After that, do the same for your authoritative DNS host(s). This is like "Internet 101".

    1. MrBanana

      Re: Seriously?? IT's #1 job (after backups) is making sure domains don't expire

      If you had read the article you would have seen that it was most likely an account hack, not the expiry of the registration.

      1. Richard Lloyd

        Re: Seriously?? IT's #1 job (after backups) is making sure domains don't expire

        It's not 100% clear it wasn't a domain expiry - if you use the new domain provider's WHOIS lookup at https://whois-web.rrpproxy.net/ for perl.com, you'll see that the domain was last updated on 27th Jan 2021 and the new expiry date is the "max" 10 years in the future (26th Jan 2031).

        Hence, it's quite possible the expiry date was previously 26th Jan 2021 and someone grabbed it the next day. Mind you, domain registrars usually have an expiry grace period (e.g. 7 or 30 days are typical values), so that might blow that theory...

        1. Danny 14

          Re: Seriously?? IT's #1 job (after backups) is making sure domains don't expire

          You can only register a max of 10 years. If you added a year NOW it would say 29 jan 31 it would have been a hijack.

        2. Alan Brown Silver badge

          Re: Seriously?? IT's #1 job (after backups) is making sure domains don't expire

          "Hence, it's quite possible the expiry date was previously 26th Jan 2021"

          Except it was 2029, which is why people have been surprised

  7. drankinatty

    Sad Reflection on Humanity

    Not too long ago, or eons ago depending on how you tell time (Y2K), domain registration and ownership was a simple matter, whois noted all details, including name, addresses, telephone (and fax) numbers and e-mail addresses. Not a care or thought was given to the registration details being available in the world of the honest actor. But since that time, in what feels like it pervades all manner of life and politics, dishonest actors, so lacking in integrity and moral character set about making mischief and perverting every aspect of available information and data, either for personal gain or to sew general chaos. To such an extent that if you look at the time, toil, resources and effort expended in defensive measures, it likely surpasses the amounts spent in the pursuit of normal business operations. I have no statistics to offer on whether the resource split straddles the line or falls on one side or the other, but having experienced the world pre NCSA Mosaic, and that which we live in now -- it is truly a sad reflection on humanity. Here's to hope...

  8. Anonymous Coward
    Anonymous Coward

    IP4ME

    It was so much easier when you used to type in IP addresses back in the mid-90s. Anyone remember the name of that weekly subscription printed newsletter that used to list new web sites with a description of their contents? I seem to recall that they were based in Worcester Park.....

    1. jake Silver badge
      Pint

      Re: IP4ME

      Jon Postel kept a bunch of us updated for a while. Then we got DNS and life became somewhat easier. He wasn't in Worcester, though.

      RIP, Jon.

      1. TimMaher Silver badge
        Headmaster

        Re: IP4ME

        Fair do’s @jake but Worcester Park isn’t in Worcester either. It’s more West-South West London.

        1. Tom 7

          Re: IP4ME

          And a Bloody Mary doesnt have blood or Mary in it but its got Worcestershire Sauce.

          Chin Chin!

          1. Jamie Jones Silver badge
    2. Peter Gathercole Silver badge

      Re: IP4ME

      Global DNS has been available since around the mid '80s, and before then there were so few systems on the Internet that they could be held in a publicly available hosts.txt file, distributed from Stanford University.

      Even now, you can use dotted IP addresses on the internet, or even just single integers (try using https://2398766906, I promise that you can ignore the self signed certificate error, and the only reason you may not want to end up there is if you dislike Google. I wanted to use 1746011158, but apparently Cloudflare do not allow connections using raw IP addresses - how the Internet has been controlled).

      Only masochists or people hunting for the dark web (or maybe the Pirate Bay) would use IP addresses directly since forever unless you had a very inept sysadmin!

      1. Anonymous Coward
        Anonymous Coward

        Re: IP4ME

        Certainly no one is going to be typing in an IP6 addresses unless they absolutely have no choice!

  9. 45RPM Silver badge

    I remember having to maintain an entire application written in Perl. It wasn't pretty. The developer who wrote it was a bad developer - and not just for their poor choice of programming language. There was an admonishment in the comments at the top of each source file warning against the use of use strict because it would break the code. As far as my simple C coder soul was concerned, if you have to ignore errors then your code is broken.

    It took me ages to fix it so that use strict could be used - but, once I made those changes, the application was a lot more reliable. They never did let me port it to C though.

  10. a pressbutton

    Perl6

    I understand Audrey Tang (heavily involved in Perl6 and other open source Perl things) is now a Govt minister in Taiwan.

    1. Anonymous Coward
      Anonymous Coward

      Re: Perl6

      Perl6 is not perl, which is why it's been renamed to Raku.

      1. Arthur the cat Silver badge

        Re: Perl6

        Perl6 is not perl, which is why it's been renamed to Raku.

        Dear Agony Aunt, that sentence makes perfect sense to me. Should I seek medical advice?

        1. jake Silver badge
          Pint

          Re: Perl6

          Dear Arthur,

          Our favorite Auntie is on VACA, I am filling in.

          No, you should not seek medical advice, you should seek the nearest pub and raise a pint to yourself for a job well done. Have a nice weekend! —Emily Postnews

          1. A.P. Veening Silver badge
            Pint

            Re: Perl6

            That was the medical advice he was seeking.

  11. Daniel Pfeiffer
    Facepalm

    After Nick seems to be an up-front company name

    "We'll put your domain on sale after it was nicked."

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like