Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Is www.sco.com hacked Ethical?
From: thefinn <thefinn () tpg com au>
Date: Tue, 30 Nov 2004 12:17:11 +1100

I guess it depends what you mean by the term "ethical".

There are plenty of people around I notice who talking about "ethical" hacking 
but when you get right down to it - are against hacking into systems 
altogether.

Perhaps this would be a correct and "ethical" perspective given that at one 
time the internet was awash with dialouts, guest accounts and free shells. 
But is it really reasonable and realistic?

SCO got what they deserve for being lax in their security. To not have hacked 
it in this day and age may have been JUST as unethical to those same people 
who are now feeling the pinch.

Look at it this way. They had a prank played on them now rather than seeing a 
few million or half a billion dollars stolen from one of their customers 
tomorrow. Or worse...

It's no different than throwing a pie in Bill Gates' face.

This is the epitome of ethical hacking.

Oh well the fun continues in the absurd world of data security or
insecurity. And how did they hack it did someone just leave the permissions
on the files open or some other mischief.  Anyone have a clue on this? Or
was a DNS redirection?

Indeed. Sigh.

TheFinn

On Tuesday 30 November 2004 02:11, Clairmont, Jan M wrote:
This bodes well for the Cyberguard Stock which depends on
SCO UNIX as it's engine for the firewall.  Well again a prank,
as such, but this helps destroy the reputation of many companies.

The person(s) if and when they're found and they will be(sociopath), feels
no responsibility.   Ok well, how was this an ethical attack? It attacks
the stock holders, people who work for the companies affected and the
persons responsible deserve whatever legal recourse the company has when
they find this clown(s).

It is rather amusing, as was the RSA web attack, CIA etc. but the broader
implications are that the companies involved are a security risk, though
they are not, they will be perceived as one.

Again, I don't agree with SCO and their lawsuits, though some of them
may have some basis for patent or copyright infringement. I do believe they
give a useful alternative for UNIX.  For certain smaller companies they
provide a valuable service to the community.  This will only help put a
nail in the coffin in a struggling company that does provide an
alternative. I have no SCO stock, ok.   I do believe the alternatives are
needed to check the megaliths like our friendly M$, Apple and others.

Oh well the fun continues in the absurd world of data security or
insecurity. And how did they hack it did someone just leave the permissions
on the files open or some other mischief.  Anyone have a clue on this? Or
was a DNS redirection?

Paladin of Security, of the Department of Insecurity Department of Security
Department.

Jan Clairmont
Firewall Administrator/Consultant

-----Original Message-----
From: full-disclosure-admin () lists netsys com
[mailto:full-disclosure-admin () lists netsys com]On Behalf Of Vincent
Archer
Sent: Monday, November 29, 2004 8:24 AM
To: Rossen Naydenov
Cc: Full Disclosure
Subject: Re: [Full-disclosure] Is www.sco.com hacked?

On Mon, Nov 29, 2004 at 02:58:25PM +0200, Rossen Naydenov wrote:
I just noticed the banner on www.sco.com
If you don't saw it( because it is removed) this is what they say:

We own all your code
pay us all your money

Or is it some commercial trick?

If you looked carefully at the background, you could see "defaced by
realhack" written as a shadow, partially covered by some parts of the
hacked text.

-- 
http://ghettoshell.net

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]