Information Security News mailing list archives
Call it Slash-and-Burn.org
From: William Knowles <wk () C4I ORG>
Date: Thu, 11 May 2000 16:04:18 -0500
http://www.wired.com/news/politics/0,1283,36282,00.html by Declan McCullagh 2:25 p.m. May. 11, 2000 PDT Thursday just wasn't a good day for geek-culture destination Slashdot. First came the news that Microsoft ordered Slashdot to delete discussions of one of the company's security products. Just as angry Linux users were furiously lashing out at the nastygram from Redmond's legal department, a distributed denial of service attack hit Slashdot, taking it intermittently offline for a few hours. "About 400 readers weighed in over the first 30 minutes. Then we got hit by a DDOS," wrote Slashdot founder Rob Malda in email to Wired News. Slashdot staffers initially didn't know what the problem was. At noon EDT, Robin Miller, the editor in chief of Andover.net -- which owns Slashdot -- said he thought the network outage was due to a recent change in servers. By 4:30 p.m., engineers had identified it as a denial of service attack. Malda said he couldn't provide details, "and we're still cleaning up," he said. Discussion then turned back to the first threat Slashdot received: The lawyer letter from Microsoft. Miller said he has not deleted the 11 messages that Microsoft claims are illegal under the Digital Millennium Copyright Act (DMCA), and is waiting to hear from legal counsel and readers. The response from Slashdot regulars was fast and furious. In the first hour, hundreds of readers weighed in, many condemning Microsoft's action as another example of the company's desire to crush free-wheeling discussion in general, and the Linux community in particular. "No matter what Microsoft threatens, no matter what they say, do not give in to them. This is not because it is Microsoft, but because free speech is far too important, especially on a forum such as Slashdot. Give them hell," wrote one respondent. "Under the provisions of the DMCA, we expect that having been duly notified of this case of blatant copyright violation, Andover will remove the above referenced comments from its servers," says the email from Microsoft's J.K. Weston. The letter is particularly galling to Slashdotters since it includes a generous helping of everything they love to hate: Microsoft, lawyers, and the DMCA, which the motion picture industry has already used in one prominent lawsuit to try to stamp out a DVD-descrambling utility. Microsoft is concerned about a Slashdot thread from May 2 that talks about the company's proprietary extensions to the Kerberos security protocol, which was originally designed at MIT in the 1980s and has been adopted by the Internet Engineering Task Force as an open standard. Microsoft Kerberos as used in Windows 2000 is partially incompatible with the rest of the computing world. As if that weren't offensive enough, to read Microsoft's own Kerberos specification, developers had to run an .exe file with a confidential license agreement included. That kind of hiding-technical-information approach didn't sit well with members of the Slashdot community, which quickly posted ways to download the specification and bypass the restrictive license agreement. Microsoft wasn't amused. It accused Slashdot of "unauthorized reproductions of Microsoft's copyrighted work. ... In addition, some comments include links to unauthorized reproductions of the specification, and some comments contain instructions on how to circumvent the End User License Agreement that is presented as part of the download for accessing the specification." *-------------------------------------------------* "Communications without intelligence is noise; Intelligence without communications is irrelevant." Gen. Alfred. M. Gray, USMC --------------------------------------------------- C4I Secure Solutions http://www.c4i.org *-------------------------------------------------* ISN is sponsored by SecurityFocus.com --- To unsubscribe email LISTSERV () SecurityFocus com with a message body of "SIGNOFF ISN".
Current thread:
- Call it Slash-and-Burn.org William Knowles (May 12)