Slashdot Mirror
SCO DOS'ed
Thomas Cort writes "BusinessWeek has an article about a DDoS attack against SCO.
"At 10:45 a.m., the Unix and Linux seller was hit by a distributed denial-of-service attack (DDoS) that hampered its Internet operations, said SCO spokesman Blake Stowell ... the Utah-based company has incurred the wrath of many Linux enthusiasts infuriated with its lawsuit against IBM ... SCO's Internet service provider, ViaWest, told SCO that about 100 high-speed T1 data-transmission lines of network capacity--about 90 percent of its total bandwidth--was being consumed in the attack.""
I'd hate to say this, but serves them right.
Shocked! Shocked, I am! I am absolutely amazed it took THIS LONG for that to actually happen.
I remember thinking "they're gonna get hacked, DOSed and generally trashed" about 10 seconds into the *original* article.
Learning HOW to think is more important than learning WHAT to think.
Are they sure it wasn't just an old-fashioned slashdotting?
Quintus malus puer est.
Check out this article about the GPL implications of their republishing IBM's alegedly infringing code in their own version of Linux.
Geeky modern art T-shirts
Real poetic justic would have been to DDoS them with SCO Linux-running zombies controlled by Red Hat, SuSe, etc. masters. However, this planned would fail as the 42 boxes worldwide running SCO Linux don't have nearly enough bandwidth.
I like the worlds-smallest-violin dept.
It fits this perfectly. Nobody's going to feel sorry for SCO, claiming that somehow Linux is based off of their code. I remember seeing that map of the *nix's by SCO, that was totally made up. Perhaps someone should tell them that Linus wrote it from scratch...
-------
"In times of universal deceit, telling the truth becomes a revolutionary act."
-- George Orwell
Sure SCO is being a prick about this law suit but to have a bunch of vengefull open source/Linux Crusaders attack thier systems just gives the whole opensource community a bad name. Just suck it up and let them sue, cause either we the open source community screwed up and used code we shouldn't have or SCO is blowing smoke and IBM will win the suit.
Gotta love the way the article puts this whole slant that it must be Linux fans doing it. The SCO guy just coming out and saying it's unprofessional for us linux boys to do this sort of thing, that just reeks dude. Reeks. Leeks. mmmm, hungry.
Like what I said? You might like my music
there are too many *legal* ways of showing to SCO our revolt with they 're dirty tactics without needing to play at they 're (very low) level
Just my two cnts
cheers from Portugal ...
yeah, I totally agree. What would be far more matured is a defaced sco website that says "SCO SUXX0RZ L1NUX R0XX0RZ!" and then at the bottom of the page it said "nanny nanny boo boo! You smell like doo doo!"
That's how Miss Manners would handle this.
In the future, I would want to not be isolated from my friends in the Space Station.
Absolutely right. I wouldn't be surprised to see some MS FUD based on this, e.g. "You really don't want to get involved with those Linux hooligans. Do anything they don't like and they'll attack your systems."
How to solve most of our problems: 1.Lots of nuclear plants. 2.Cure aging.
They have, haven't they? Contrary to what the article says, I do believe this is a major hole in the foot for their faux pas against IBM, because regardless of the validity of said code secrets, and regardless of whether they're GPLed or not, SCO have made the code publicly available, long before they prepared or made complaint against IBM. How could IBM steal something that's publicly available? D'oh?
I can't see how it could be applied this way (surprise: IANAL), but it would be ironic enough to be picked up with a magnet if SCO's publication-under-the-GPL of this code implied the GPLing of their UnixWare(tm,(R),(c),etc...) code as well. I imagine that would have rather... extensive effects on things like their share-market value.
Got time? Spend some of it coding or testing
For those of you who's lazy to click, here's two paragraphs summary:
The upshot of this GPL paragraph is that by relicensing their own code under non-GPL terms, once having knowingly released said code under the GPL, they have forfeited their own rights to distribute Linux. Or, at least that's how I interpret it. Further, the same paragraph states that the rest of us still hold full GPL rights to the code SCO originally licensed to us via the GPL.
The bottom line to us would appear to be that, even if there is IBM-introduced, SCO-owned, infringing code in Linux, it is now officially released under the GPL by the copyright holder, SCO. And, of course, no sanitizing of the Linux kernel is necessary. This spat should have no effect on Linus, Red Hat, SuSE, or any other Linux developer or distributor.
--
Error 500: Internal sig error
Just goes to show that the power of the people will always show through, some how.
This took WAY TOO LONG. For the non-hacker, how can you help?
/. reader left their pc's pinging SCO... plus the current DDOS.... /Insert own idea here/
Whatever happened to signing them up to every junkmail and junk email list also?
Posting every SCO email address on numerous usenet groups.
Phoning the 1800 numbers to cost them a bundle in toll calls asking stupid questions about the lawsuit.
Or the good ol' fashioned turd in a parcel gag....
Pinging SCO flat out won't do diddly squat, but if every
"It was the second-largest onslaught ViaWest had experienced, according to SCO."
The first being the Slashdotting they got?
Note to M1-ers: a curt but otherwise insightful message is not "Flamebait" or "Troll".
Despite the fact that I think SCO deserves it, I wonder if this will look good for open source. I mean I can see the FUD for this already.
"If you even make threats against the open source community they may just attack your systems. "
It wouldn't surprise me if SCO DOS'd themselves for more attention (or possibly DOS'd themselves by accident knowing those wankers), but I can see a possible bad spin.
Only SCO has the technical know-how to develop DOS software, and to carry it out.
The open source community just isn't capable of developing such techniques, despite published papers being available for years on the topic of DOS attacks.
IBM must have helped them.
This is what happens when demented people play with powerful toys.
Okay. IBM has a lot of bandwidth. IBM has an outsourcing network solutions division. IBM has hired "hackers" at various times to do penetration testing and the like for said division. SCO sues IBM while taking a swipe at Linux. SCO gets DDoSsed into the uucp era.
It's likely completely coincidental, but it is conceptually quite amusing.
This took WAY TOO LONG. For the non-hacker, how can you help?
If you want to help out in a DDOS attack, but you don't have the skills to engineer such a thing, then you should consider using these products.
Like what I said? You might like my music
Damnit. This sort of crap is exactly what we don't need! SCO's not pursuing this case because they expect to win, they're trying to get as much media attention as possible. The more bad press the OSS/Linux/GNU/hacker community gets, the stronger the need to shut SCO up becomes. They want to be bought out. Demostrating to the world that there are "evil hackers" out there with little respect for corporations and the law just adds fuel to a fire.
The drama the DDoS kiddies serves as a nice distraction that SCO has no case!
This was just the first step taken by the RIAA's cyberwar attack. Looks like somebody had an mp3 on their server.... ;)
The only thing that will stop you from fulfilling your dreams is you. - Tom Bradley
I mean SCO seems allright now. And besides I can't imagine that anyone would stoop so low as to deliberatly overload their servers. Besides just look at their site. Which is running so well as I look at it now. It would truly be a shame if their servers happended to get ./ed, wouldn't it?
I stole this Sig
by implying that GNU/Linux fans did this. I say we should all file separate (not joint) lawsuites against them for defamation (this would really fuck up their legal department with paperwork, because they'd be sued by about a thousand people at once).
social sciences can never use experience to verify their statemen
Maybe the RIAA are DDOSing them. Maybe SCO has some of them p2p users on their network. You can't hide from the might RIAA.
In other news, SCO plans to sue its own OpenLinux division for possibly abusing access to UNIX trade secrets. SCO issued a press release stating that there was "substantial evidence" that their Linux group had used proprietary UNIX code in the Linux kernel and OpenLinux operating system, though the press release then stated, "but we don't have it with us."
Signature.
contained in the SYS V startup scripts.
It's time to move to bsd style startups to avoid having SCO pull an RIAA (removing them)
The truth about Led Zep should never be told on
Sounds like it:
Well, let's see:
A single T3 is 28 T1s. So four T3s is 112 T1s. 90% of that is 100.8 T1s - "about a hundred T1s".
So it sounds like Via West, their ISP, only HAS four T3s worth of connectivity to the rest of the net. That's pretty rinky-dink as ISPs go - but the Santa Cruz area is pretty small, over the coastal range from the main drag for communication lines, and doesn't have a lot of industry. I could easily see the local ISPs getting by on foure T3s rather than stringing a couple fibers that far (or renting them from somebody who did). That's big bucks for a small user community.
Given that SCO's website was mentioned in a slashdot article, I could easily see the readers following the link and slashdotting it until their ISP was at 90% with the web requests.
But the Business Week article also says that the attack was from 138 zombies, not from the general net. 138 machines could easily produce a DDoS attack of that magnitude. But a slashdotting would be a lot less traffic each from a lot more sites across the whole net.
So, no, it looks like a real DDoS.
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
Conversely, anyone here feel like they're BEING TREATED unprofessionally? The article makes it look like SCO has jumped to the conclusion that it's Linux fans doing the attack. If that is true, then SCO is acting unprofessionally themselves. How many fingers are they pointing at us?
Well, just who the hell do you think it is doing it? IBM? It's the same people who always do this shit - stupid kids that think they're making some kind of political statement by breaking stuff. This time, instead of saying "you can't stop us from trading music", it's "how dare you try to fuck with Linux you assholes!!" Yeah. Really mature.
Getting your buddies together and pointing all your zombied machines at someone's IP address and going "bang" does NOT constitute legitimate protest. Even if you don't care about SCO, this is screwing their ISP bigtime - they're knocking out 90% of their bandwidth, for crissake. All it does is reinforce every negative stereotype of Linux/Open Source/GPL people held by the rest of the world.
What if life is just a side effect of some other process and God has no idea we exist?
There is no evidence to suggest that the individuals who did this have anything to do with the FS/OSS GNU/Linux community, or were even fans of GNU/Linux.
There are many possibilities as to who did this, only one of which is a Linux-fan.
Could have been an angered ex-employee at SCO.
Could have been a renegade at IBM.
Could have been someone who doesn't like SCO for some other reason.
So, stop defaming the Linux community.
social sciences can never use experience to verify their statemen
138 zombies? I doubt they have as many clients left.
Friends don't help friends install M$ junk.
The code that was given to IBM was given as Unix, not under GPL. SCO claims IBM released THAT code under Linux. They can release it now.. and IBM could even claim they took the code released under SCO, incorporated that GPL code into their products, but theyre not claiming that now. Theyre claiming they never did release SCO code under Linux. We dont even know what product of Linux is accused of containing tainted code.
Therefore they should be dDosed
"Give orange me give eat orange me eat orange give me eat orange give me you." -Nim Chimpsky
This has been a communique from the Anti-Stupidity League. Further communication shall follow.
I think that this DDOS attack is unfortunate, not because I have any love for SCO, but rather because it makes the Linux community look bad. Never mind that IBM has the biggest motive to attack SCO; most of the sort of people that use "cracker" and "hacker" simultaneously will just see Linux as juvenile computer criminals-are us.
This is not surprising, however, since SCO has made a giant ass of themselves.
(btw, the above was supposed to be a joke, mister humor-impaired-FBI-agent)
In fact, I've influenced clients to go with BSD instead of linux for just that reason.
Listen to yourself: You're advocating the use of an OS based on the who is using it.
I'll never understand this way of thinking.. A good product will always attact good and bad people in mass.. Let's just imagine for second that everyone listened to the BSD advocates, and switched to BSD. Where are you going to turn when the idiots follow again? Is there some section in the BSD license that makes it impossible for the kiddies to use it or something?
How are you going to prevent people you don't like from using something that is useful?
More imporantly, why do you even care who else uses your software? After all, it is your software.
I guess some people were just born to be bitter..
Why do I keep typing pythong?
When I started out writing software back around 1980, computers were just cool. Nobody really cared which OS you ran and we were as excited by the Amiga as we were by Atari, Apple, or whatever else computer. It never seemed to matter that much what OS they were running. Now it seems as bad as any religion. People seem to think that theirs is the only true way and everybody else is going to hell. So many seem to think that they have to convert everybody else to their OS religion or else destroy them. I'm so sickened by what the computer geek world has become.
I'm reading through these comments and I see so many who believe that snuffing somebody off the net via DDoS is good and justified. More disturbingly, I see so many other posts by people who say they don't agree with this tactic, but that SCO "deserves" it. Deserves it for what? For believing that they have intellectual property that's been stolen and wanting to protect it? For not agreeing with the Church of Open Source and asserting that they have a right to keep intellectual property to themselves?
People don't know what or how much SCO claims is stolen, but since their claim threatens the First United Assembly of Linux, they're considered evil and they must be destroyed by any means possible. It's not about right or wrong, it's about us vs. them, and that is so very wrong.
This "us vs. them" mentality seems strangely similar to the attitudes of terrorists who want to cleanse the world of infidels. Sure, the users aren't killing actual people (so far), but obviously some are willing to cut off the lifeline of an offending business. Isn't this just another, softer, form of terrorism?
Some of the posts on this thread even propose that SCO or IBM or Microsoft are behind this whole thing. Doesn't that seem at least glancingly similar to the supporters of religious terrorism proposing that the countries which are the target of attacks are perpetrating the attacks themselves? Is the community so desperate to believe that it's right that it will blind itself to the reality that perhaps some of its own members are taking things too far?
Are there any reasonable voices left? Is anyone willing to wait and see what and how much SCO claims was stolen before convicting them of some perceived crime against their Linux God? Or is this really how the world operates now? Do we just read the headlines, draw conclusions using vague information, then either join the mobs or stand by while the mobs torch them and say "well, they deserve it"? If they're vindicated in the end, will we just excuse ourselves by saying that they deserved it anyhow for all their other crimes against Linux?
The amazingly stupid thing about this is:
1) it makes a clear case for increasing criminal penalties for interfering with comm services.
2) It doesn't hurt SCO. It may, however, bankrupt the small, independent ISP they chose to do business with.
3) Even if it did hurt SCO, who gets canned over it? The lawyers? Nope. The CEO? Nope. The first-level support guys who live paycheck-to-paycheck? Yep.
DDOS'ing a company is a stupid, childish, and completely counter-productive thing to do. It harms nobody but innocent bystanders. Cheering these idiots on is no different from cheering on any other vandal.