Full Disclosure mailing list archives
Re: Is www.sco.com hacked Ethical?
From: thefinn <thefinn () tpg com au>
Date: Tue, 30 Nov 2004 12:17:11 +1100
I guess it depends what you mean by the term "ethical". There are plenty of people around I notice who talking about "ethical" hacking but when you get right down to it - are against hacking into systems altogether. Perhaps this would be a correct and "ethical" perspective given that at one time the internet was awash with dialouts, guest accounts and free shells. But is it really reasonable and realistic? SCO got what they deserve for being lax in their security. To not have hacked it in this day and age may have been JUST as unethical to those same people who are now feeling the pinch. Look at it this way. They had a prank played on them now rather than seeing a few million or half a billion dollars stolen from one of their customers tomorrow. Or worse... It's no different than throwing a pie in Bill Gates' face. This is the epitome of ethical hacking.
Oh well the fun continues in the absurd world of data security or insecurity. And how did they hack it did someone just leave the permissions on the files open or some other mischief. Anyone have a clue on this? Or was a DNS redirection?
Indeed. Sigh. TheFinn On Tuesday 30 November 2004 02:11, Clairmont, Jan M wrote:
This bodes well for the Cyberguard Stock which depends on SCO UNIX as it's engine for the firewall. Well again a prank, as such, but this helps destroy the reputation of many companies. The person(s) if and when they're found and they will be(sociopath), feels no responsibility. Ok well, how was this an ethical attack? It attacks the stock holders, people who work for the companies affected and the persons responsible deserve whatever legal recourse the company has when they find this clown(s). It is rather amusing, as was the RSA web attack, CIA etc. but the broader implications are that the companies involved are a security risk, though they are not, they will be perceived as one. Again, I don't agree with SCO and their lawsuits, though some of them may have some basis for patent or copyright infringement. I do believe they give a useful alternative for UNIX. For certain smaller companies they provide a valuable service to the community. This will only help put a nail in the coffin in a struggling company that does provide an alternative. I have no SCO stock, ok. I do believe the alternatives are needed to check the megaliths like our friendly M$, Apple and others. Oh well the fun continues in the absurd world of data security or insecurity. And how did they hack it did someone just leave the permissions on the files open or some other mischief. Anyone have a clue on this? Or was a DNS redirection? Paladin of Security, of the Department of Insecurity Department of Security Department. Jan Clairmont Firewall Administrator/Consultant -----Original Message----- From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com]On Behalf Of Vincent Archer Sent: Monday, November 29, 2004 8:24 AM To: Rossen Naydenov Cc: Full Disclosure Subject: Re: [Full-disclosure] Is www.sco.com hacked? On Mon, Nov 29, 2004 at 02:58:25PM +0200, Rossen Naydenov wrote:I just noticed the banner on www.sco.com If you don't saw it( because it is removed) this is what they say: We own all your code pay us all your money Or is it some commercial trick?If you looked carefully at the background, you could see "defaced by realhack" written as a shadow, partially covered by some parts of the hacked text.
-- http://ghettoshell.net _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: Is www.sco.com hacked Ethical? Jon Dossey (Nov 29)
- <Possible follow-ups>
- RE: Is www.sco.com hacked Ethical? Clairmont, Jan M (Nov 29)
- Re: Is www.sco.com hacked Ethical? thefinn (Nov 29)