Re: Is www.sco.com hacked Ethical?

[thefinn <thefinn () tpg com au>]

I guess it depends what you mean by the term "ethical".

There are plenty of people around I notice who talking about "ethical" hacking 
but when you get right down to it - are against hacking into systems 
altogether.

Perhaps this would be a correct and "ethical" perspective given that at one 
time the internet was awash with dialouts, guest accounts and free shells. 
But is it really reasonable and realistic?

SCO got what they deserve for being lax in their security. To not have hacked 
it in this day and age may have been JUST as unethical to those same people 
who are now feeling the pinch.

Look at it this way. They had a prank played on them now rather than seeing a 
few million or half a billion dollars stolen from one of their customers 
tomorrow. Or worse...

It's no different than throwing a pie in Bill Gates' face.

This is the epitome of ethical hacking.

> Oh well the fun continues in the absurd world of data security or
> insecurity. And how did they hack it did someone just leave the permissions
> on the files open or some other mischief.  Anyone have a clue on this? Or
> was a DNS redirection?

Indeed. Sigh.

TheFinn

On Tuesday 30 November 2004 02:11, Clairmont, Jan M wrote:
> This bodes well for the Cyberguard Stock which depends on
> SCO UNIX as it's engine for the firewall.  Well again a prank,
> as such, but this helps destroy the reputation of many companies.
>
> The person(s) if and when they're found and they will be(sociopath), feels
> no responsibility.   Ok well, how was this an ethical attack? It attacks
> the stock holders, people who work for the companies affected and the
> persons responsible deserve whatever legal recourse the company has when
> they find this clown(s).
>
> It is rather amusing, as was the RSA web attack, CIA etc. but the broader
> implications are that the companies involved are a security risk, though
> they are not, they will be perceived as one.
>
> Again, I don't agree with SCO and their lawsuits, though some of them
> may have some basis for patent or copyright infringement. I do believe they
> give a useful alternative for UNIX.  For certain smaller companies they
> provide a valuable service to the community.  This will only help put a
> nail in the coffin in a struggling company that does provide an
> alternative. I have no SCO stock, ok.   I do believe the alternatives are
> needed to check the megaliths like our friendly M$, Apple and others.
>
> Oh well the fun continues in the absurd world of data security or
> insecurity. And how did they hack it did someone just leave the permissions
> on the files open or some other mischief.  Anyone have a clue on this? Or
> was a DNS redirection?
>
> Paladin of Security, of the Department of Insecurity Department of Security
> Department.
>
> Jan Clairmont
> Firewall Administrator/Consultant
>
> -----Original Message-----
> From: full-disclosure-admin () lists netsys com
> [mailto:full-disclosure-admin () lists netsys com]On Behalf Of Vincent
> Archer
> Sent: Monday, November 29, 2004 8:24 AM
> To: Rossen Naydenov
> Cc: Full Disclosure
> Subject: Re: [Full-disclosure] Is www.sco.com hacked?
>
> On Mon, Nov 29, 2004 at 02:58:25PM +0200, Rossen Naydenov wrote:
> > I just noticed the banner on www.sco.com
> > If you don't saw it( because it is removed) this is what they say:
> >
> > We own all your code
> > pay us all your money
> >
> > Or is it some commercial trick?
>
> If you looked carefully at the background, you could see "defaced by
> realhack" written as a shadow, partially covered by some parts of the
> hacked text.

-- 
http://ghettoshell.net

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html