Slashdot Mirror
SCO DOS'ed
Thomas Cort writes "BusinessWeek has an article about a DDoS attack against SCO.
"At 10:45 a.m., the Unix and Linux seller was hit by a distributed denial-of-service attack (DDoS) that hampered its Internet operations, said SCO spokesman Blake Stowell ... the Utah-based company has incurred the wrath of many Linux enthusiasts infuriated with its lawsuit against IBM ... SCO's Internet service provider, ViaWest, told SCO that about 100 high-speed T1 data-transmission lines of network capacity--about 90 percent of its total bandwidth--was being consumed in the attack.""
Shocked! Shocked, I am! I am absolutely amazed it took THIS LONG for that to actually happen.
I remember thinking "they're gonna get hacked, DOSed and generally trashed" about 10 seconds into the *original* article.
Learning HOW to think is more important than learning WHAT to think.
Are they sure it wasn't just an old-fashioned slashdotting?
Quintus malus puer est.
Check out this article about the GPL implications of their republishing IBM's alegedly infringing code in their own version of Linux.
Geeky modern art T-shirts
Real poetic justic would have been to DDoS them with SCO Linux-running zombies controlled by Red Hat, SuSe, etc. masters. However, this planned would fail as the 42 boxes worldwide running SCO Linux don't have nearly enough bandwidth.
I like the worlds-smallest-violin dept.
It fits this perfectly. Nobody's going to feel sorry for SCO, claiming that somehow Linux is based off of their code. I remember seeing that map of the *nix's by SCO, that was totally made up. Perhaps someone should tell them that Linus wrote it from scratch...
-------
"In times of universal deceit, telling the truth becomes a revolutionary act."
-- George Orwell
Sure SCO is being a prick about this law suit but to have a bunch of vengefull open source/Linux Crusaders attack thier systems just gives the whole opensource community a bad name. Just suck it up and let them sue, cause either we the open source community screwed up and used code we shouldn't have or SCO is blowing smoke and IBM will win the suit.
there are too many *legal* ways of showing to SCO our revolt with they 're dirty tactics without needing to play at they 're (very low) level
Just my two cnts
cheers from Portugal ...
They have, haven't they? Contrary to what the article says, I do believe this is a major hole in the foot for their faux pas against IBM, because regardless of the validity of said code secrets, and regardless of whether they're GPLed or not, SCO have made the code publicly available, long before they prepared or made complaint against IBM. How could IBM steal something that's publicly available? D'oh?
I can't see how it could be applied this way (surprise: IANAL), but it would be ironic enough to be picked up with a magnet if SCO's publication-under-the-GPL of this code implied the GPLing of their UnixWare(tm,(R),(c),etc...) code as well. I imagine that would have rather... extensive effects on things like their share-market value.
Got time? Spend some of it coding or testing
For those of you who's lazy to click, here's two paragraphs summary:
The upshot of this GPL paragraph is that by relicensing their own code under non-GPL terms, once having knowingly released said code under the GPL, they have forfeited their own rights to distribute Linux. Or, at least that's how I interpret it. Further, the same paragraph states that the rest of us still hold full GPL rights to the code SCO originally licensed to us via the GPL.
The bottom line to us would appear to be that, even if there is IBM-introduced, SCO-owned, infringing code in Linux, it is now officially released under the GPL by the copyright holder, SCO. And, of course, no sanitizing of the Linux kernel is necessary. This spat should have no effect on Linus, Red Hat, SuSE, or any other Linux developer or distributor.
--
Error 500: Internal sig error
Just goes to show that the power of the people will always show through, some how.
This took WAY TOO LONG. For the non-hacker, how can you help?
/. reader left their pc's pinging SCO... plus the current DDOS.... /Insert own idea here/
Whatever happened to signing them up to every junkmail and junk email list also?
Posting every SCO email address on numerous usenet groups.
Phoning the 1800 numbers to cost them a bundle in toll calls asking stupid questions about the lawsuit.
Or the good ol' fashioned turd in a parcel gag....
Pinging SCO flat out won't do diddly squat, but if every
Despite the fact that I think SCO deserves it, I wonder if this will look good for open source. I mean I can see the FUD for this already.
"If you even make threats against the open source community they may just attack your systems. "
It wouldn't surprise me if SCO DOS'd themselves for more attention (or possibly DOS'd themselves by accident knowing those wankers), but I can see a possible bad spin.
Only SCO has the technical know-how to develop DOS software, and to carry it out.
The open source community just isn't capable of developing such techniques, despite published papers being available for years on the topic of DOS attacks.
IBM must have helped them.
This is what happens when demented people play with powerful toys.
Okay. IBM has a lot of bandwidth. IBM has an outsourcing network solutions division. IBM has hired "hackers" at various times to do penetration testing and the like for said division. SCO sues IBM while taking a swipe at Linux. SCO gets DDoSsed into the uucp era.
It's likely completely coincidental, but it is conceptually quite amusing.
This took WAY TOO LONG. For the non-hacker, how can you help?
If you want to help out in a DDOS attack, but you don't have the skills to engineer such a thing, then you should consider using these products.
Like what I said? You might like my music
Damnit. This sort of crap is exactly what we don't need! SCO's not pursuing this case because they expect to win, they're trying to get as much media attention as possible. The more bad press the OSS/Linux/GNU/hacker community gets, the stronger the need to shut SCO up becomes. They want to be bought out. Demostrating to the world that there are "evil hackers" out there with little respect for corporations and the law just adds fuel to a fire.
The drama the DDoS kiddies serves as a nice distraction that SCO has no case!
The SCO guy didn't say that it was, "unprofessional for us linux boys to do this sort of thing."
What he said was, "It's one thing to have a complaint with SCO's lawsuit or with our position in terms of code being found in Linux. It's another thing to deal with that in an unprofessional way."
The article does paint a picture of an outraged linux community, but doesn't come out and say that it was them who did it.
Please read more carefully.
This was just the first step taken by the RIAA's cyberwar attack. Looks like somebody had an mp3 on their server.... ;)
The only thing that will stop you from fulfilling your dreams is you. - Tom Bradley
Maybe the RIAA are DDOSing them. Maybe SCO has some of them p2p users on their network. You can't hide from the might RIAA.
In other news, SCO plans to sue its own OpenLinux division for possibly abusing access to UNIX trade secrets. SCO issued a press release stating that there was "substantial evidence" that their Linux group had used proprietary UNIX code in the Linux kernel and OpenLinux operating system, though the press release then stated, "but we don't have it with us."
Signature.
I was going to say that too, but I see you've already done it and been marked redundant, so... erm... I'm not saying it!
Daniel
Carpe Diem
Sounds like it:
Well, let's see:
A single T3 is 28 T1s. So four T3s is 112 T1s. 90% of that is 100.8 T1s - "about a hundred T1s".
So it sounds like Via West, their ISP, only HAS four T3s worth of connectivity to the rest of the net. That's pretty rinky-dink as ISPs go - but the Santa Cruz area is pretty small, over the coastal range from the main drag for communication lines, and doesn't have a lot of industry. I could easily see the local ISPs getting by on foure T3s rather than stringing a couple fibers that far (or renting them from somebody who did). That's big bucks for a small user community.
Given that SCO's website was mentioned in a slashdot article, I could easily see the readers following the link and slashdotting it until their ISP was at 90% with the web requests.
But the Business Week article also says that the attack was from 138 zombies, not from the general net. 138 machines could easily produce a DDoS attack of that magnitude. But a slashdotting would be a lot less traffic each from a lot more sites across the whole net.
So, no, it looks like a real DDoS.
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
138 zombies? I doubt they have as many clients left.
Friends don't help friends install M$ junk.
This has been a communique from the Anti-Stupidity League. Further communication shall follow.
(btw, the above was supposed to be a joke, mister humor-impaired-FBI-agent)
In fact, I've influenced clients to go with BSD instead of linux for just that reason.
Listen to yourself: You're advocating the use of an OS based on the who is using it.
I'll never understand this way of thinking.. A good product will always attact good and bad people in mass.. Let's just imagine for second that everyone listened to the BSD advocates, and switched to BSD. Where are you going to turn when the idiots follow again? Is there some section in the BSD license that makes it impossible for the kiddies to use it or something?
How are you going to prevent people you don't like from using something that is useful?
More imporantly, why do you even care who else uses your software? After all, it is your software.
I guess some people were just born to be bitter..
Why do I keep typing pythong?
When I started out writing software back around 1980, computers were just cool. Nobody really cared which OS you ran and we were as excited by the Amiga as we were by Atari, Apple, or whatever else computer. It never seemed to matter that much what OS they were running. Now it seems as bad as any religion. People seem to think that theirs is the only true way and everybody else is going to hell. So many seem to think that they have to convert everybody else to their OS religion or else destroy them. I'm so sickened by what the computer geek world has become.
I'm reading through these comments and I see so many who believe that snuffing somebody off the net via DDoS is good and justified. More disturbingly, I see so many other posts by people who say they don't agree with this tactic, but that SCO "deserves" it. Deserves it for what? For believing that they have intellectual property that's been stolen and wanting to protect it? For not agreeing with the Church of Open Source and asserting that they have a right to keep intellectual property to themselves?
People don't know what or how much SCO claims is stolen, but since their claim threatens the First United Assembly of Linux, they're considered evil and they must be destroyed by any means possible. It's not about right or wrong, it's about us vs. them, and that is so very wrong.
This "us vs. them" mentality seems strangely similar to the attitudes of terrorists who want to cleanse the world of infidels. Sure, the users aren't killing actual people (so far), but obviously some are willing to cut off the lifeline of an offending business. Isn't this just another, softer, form of terrorism?
Some of the posts on this thread even propose that SCO or IBM or Microsoft are behind this whole thing. Doesn't that seem at least glancingly similar to the supporters of religious terrorism proposing that the countries which are the target of attacks are perpetrating the attacks themselves? Is the community so desperate to believe that it's right that it will blind itself to the reality that perhaps some of its own members are taking things too far?
Are there any reasonable voices left? Is anyone willing to wait and see what and how much SCO claims was stolen before convicting them of some perceived crime against their Linux God? Or is this really how the world operates now? Do we just read the headlines, draw conclusions using vague information, then either join the mobs or stand by while the mobs torch them and say "well, they deserve it"? If they're vindicated in the end, will we just excuse ourselves by saying that they deserved it anyhow for all their other crimes against Linux?
I'd hate to say this, but serves them right.
What would serve them right would be to win or loose in court, public opinion, or the market place.
DOS is criminal and effects more than SCO.
When / if the 31337 d00dZ doing this loose their equipment or go to jail, it will serve them right.
The amazingly stupid thing about this is:
1) it makes a clear case for increasing criminal penalties for interfering with comm services.
2) It doesn't hurt SCO. It may, however, bankrupt the small, independent ISP they chose to do business with.
3) Even if it did hurt SCO, who gets canned over it? The lawyers? Nope. The CEO? Nope. The first-level support guys who live paycheck-to-paycheck? Yep.
DDOS'ing a company is a stupid, childish, and completely counter-productive thing to do. It harms nobody but innocent bystanders. Cheering these idiots on is no different from cheering on any other vandal.