Slashdot Mirror
SCO DOS Harming Innocent Bystanders
An anonymous reader writes "The SCO-IBM-Linux controversy has certainly caused quite a stir. Unfortunately the vigilantes conducting the DOS attacks against SCO are harming innocent by-standers as described in this e-Week story. " Choice conspiracy theory quote: 'Given SCO's behavior recently, it's just as likely that they're attacking themselves in their continued attempt to pump up their stock price'
This is why script kiddies are annoying. They find exploits and other scripts/tools and then randomly use them thinking they know what they're doing.
This is why armchair slashdot readers typically shouldn't be lawyers [myself included], doctors, etc...
I hope they catch the people doing the DoS attack [probably as they brag how cool the attack is over some l33t IRC channelz] and beat their heads into the ground.
SCO maybe "evil" but you gotta think before you act!
Tom
Someday, I'll have a real sig.
I highly doubt that SCO is peforming this attack themselves. There are simply too many others willing to do it for them.
If a SCO executive ordered the self-attack, and a loyal SCO IT person (I want a shot of what he's drinking) carried it out, when the FBI comes calling, how far up the tree would the IT person point when he was arrested?
If a SCO executive was pinpointed in ordering a DOS (unlikely, but hey, Enron being publicly exposed was unlikely), how would that affect the Linux lawsuit? IANAL, but it seems like SCO execs would have nothing to gain from DOSing theirselves and only fines or Jail-time to face.
The next Slashdot story will be ready soon, but subscribers can beat the rush and slashdot the links early!
I don't think so, this is a PR war, and has been from the instant SCO started the FUD campaign. Linux users cannot be seen as a group of geeks with no respect for the law and proper buisness procedures. The very thing SCO needs right now is something to feed to the FUD machine, and the last thing geeks need to give SCO is ammunition.
Eventually SCO will go broke trying to win its laughable lawsuit. IBM has the resources to fight the case and the Open Source Community shouldn't worry about a few lost revenues in the meantime. One of the reasons why Linux has been able to take on Microsoft is the fact the M$ can't undermine the open source revenue stream when it is practically non-existant.
In the meantime, is there any reason why we should stoop to SCO's level?
Looking for a job?
Want your resume written professionally?
DON'T USE TUNAREZ!!!
Who exactly isn't an innocent bystander here, besides SCO and IBM? SCO has been harming a massive number of innocent bystanders throughout this whole process (for example, the 1,500 Linux-using companies that they sent letters to, costing them legal time at the very least). No, two wrongs don't make a right and it sucks that the DOS attacks are harming innocent bystanders, but why is eWeek focusing on that when SCO is harming so many more innocents?
I think we can live with a few friendly casualities... ;)
I think that's in rather poor taste. At least it seems that way from an 'ally' on this side of Atlantic.
There is absolutley no justification for DOS'ing SCO.
DOS attacks are the internet equivalent of standing outside someones home playing heavy metal at 140 dB.
I'm puzzled as to what the guys making the attack hoped to accomplish.
To punish them for lying about linux? Their reputations are already in the toilet. Only ignorant fools are buying into their claims anyway.
To protect Linux? If one thinks about it, SCO has not harmed Linux in any meaningful way! The free distro's are there, and will be there for a long time. All they've done is slowed down adoption by the more clueless managers, which is really no big deal. Their legal claims about the GPL being invalid are such arrant nonsense: they won't stand in court. No matter what happens there will always be a GPLed kernel we can use.
To let them know we think they suck? Well, considering the increasingly defensive and irrational stances that they are taking, I think they already know that. The rest of the world is not buying into their claims. Even if their claims of hundreds of "licenses" sold are not wildly exagerated, that would mean 1% adoption rate.
To prevent people from doing business with SCO? I think that's pretty unethical. If people want to do business with SCO, let them. It's their choice if they want to throw good money away on vapor-ware of bad product. Would you prevent a stranger from buying cigarettes with his own money?
I know alot of people think using force to shut people up who say things you don't like is OK. But those people should take a look at the impression this gives to the non-geek world. They just reinforced the impression that OSS proponents are whiny immature people.
I think the guys behind the attacks scored an own goal.
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
The same way the customers in Israeli cafes are a legit target of suicide attacks?
If they don't want to be blown up, they should just stop supporting Israeli occupation of Palestine! It doesn't matter what their personal opinions are, they are guilty by association!
Don't be a psychopath. It is not okay to blackmail or extort or terrorize people in order to force them to see things your way. Damaging innocent third parties in an effort to get those parties to put pressure on your enemy, is basically what terrorism is all about.
How much you want to bet it's niether SCO nor Script kiddies attacking, but a good ol' slashdotting?!?
/.)
I mean, if they are hiring "pattern recognition" experts to determine if code has been copied or changed, a good and proper slashdotting sure has a lot of similarity to a DDoS attack.
I figure, just by reading what those SCO people release to the press, they not only have trouble distinguishing truth from bull shit, but couldn't tell a slashdotting from a real DDoS attack. Soon, we'll get a press release that there must be IBM spies inside SCO, because everytime they have a press release, their website starts being "attacked" within hours of the release (about the time the story hits
For those who describe their systems as 'boxen', do you order multiple 'boxen' of corn flakes also?
These attacks are just making a bad situation worse. The SCO Group has many lawsuits that have been filed against it; it looks like they don't really have any evidence, and none of this would have happened at all if they had been bought like they wanted to be in the first place.
Some people may feel that "something needs to be done" about this SCO Group, but I would imagine that the large organizations that have big money backing them are not worried at all. Can we keep using Linux? Yes. Is anyone going to stop us? No. Can the SCO Group file a lawsuit? Yes, they can file it, but that doesn't mean they are going to win. How much money has been saved (and will be saved in the future) by using Linux? It's almost more of a case that Linux is a wonderful operating system that just happens to be free - not that people are putting up with an inferior operating system just so they don't have to pay money. Obviously, Linux is worth the effort defending - it has, does, and will continue to provide millions of people and organizations across the world an excellent value. If someone needs to foot the bill to keep Linux healthy, they would be doing a great service that will benefit all of mankind for decades to come.
A significant problem is that if the SCO Group goes under, and they have sued you and you have spent money on legal fees, or you have given up and bought their "product", they may be unable to pay those legal fees for you, or refund the license you have been paying them to use their "IP" that was never theirs. This could probably be prevented by requiring the SCO Group to sign an NDA with an arbitration clause prior to disclosing (or attempting to disclose) confidential network data, in order to get an estimate of how much you "owe" them. The NDA and the arbitration clause could be intended for any vendor that would like to give an estimate and could include a "third party", such as a governmental agency, that could handle any legal problems, such as IP violations or unregistered software.
Or maybe the defendant could ask the judge to allow legal fees to be placed in escrow by the SCO group in case they lose?
Whether or not the DDOS attacks continue, The SCO Group is in a very bad place right now and the future looks pretty bleak for that organization. DDOS attacks are just making an already pothetic situation even worse. I wonder what's going to happen when they finally go poof? The license reverts back to Novell?
DOS won't stop SCO from doing business. SCO has an extensive dealer channel and relies heavily upon it.
All that the continuing Denial of Services attacks do is give the Linux community a bad name.
If I shoot my neighbor because he sues me claiming my garage crosses the property line on my property, that doesn't make me a vigilante. It's not illegal to sue someone, and responding with an illegal act is therefore stupid, not vigilantism. Let the courts sort it out. If you think the case has no merit, let them waste their capital on lawyers until they bankrupt themselves.
Bzzzzzt! Wrong!
SCO is a separate company. This is no indirect damage to SCO.
Actually this will be a minor inconvenience to SCO as a practical matter, and a PR bonus.
FBI arrests Linux Hacker for Internet Attacks (Linux, the choice of hackers everywhere.)
SCO Site back after hacker attacks (Come see what you were missing!)
SCO attacked by hackers due to lawsuite (Hackers afraid SCO might win on merits of case.)
Companies hurt by attacks on SCO (Linux community talks nice, but acts bad.)
There is little practical downside for SCO, and considerable opportunity for publicity. When deveopments in the case aren't keeping SCO in front of the public, the haxors DOSing them are!!
The tactic of associating peaceful populations with the antisocial or criminal acts of a few militant people is standard behavior in international politics. Politically, it plays really well to one's own crowd to say "the others are evil terrorists, therefore we are justified in 'protecting' ourselves by any means possible".
We don't assume that Microsoft endorses or orchestrates DOS attacks against Linux sites when attacks occur against Linux sites. Similarly, we shouldn't tie DOS attacks against SCO to the Linux community. People who are launching DOS attacks against anybody are just uncivilized script kiddies. If they happen to be Linux users as well, that's incidental.
DOS attacks on SCO have nothing to do with Linux or the Linux community. SCO's legal attacks on Linux are outrageous and unfounded, but the Linux community is responding to them with facts and will, if ever presented with a real legal challenge, respond in court.
But this begs the question: Uh... what have they been doing lately to prevent it? It seems every day that we keep hearing about DOS attacks on them... For crying out loud... If it's broken, FIX IT!
No wonder they weren't making any money on their UNIX sales.
Karma: Non-Heinous
- The hosting facility competently handles DDoS attacks, preventing them from affecting other customers.
- Or, the hosting facility recognizes that the community-at-large will not tolerate SCO or those who provide its infrastructure, and cancels its contract with SCO.
- Or, the hosting facility customers (Centershift) stop putting up with the hosting facility's constant service interruptions and go elsewhere.
In any case, the end result is that SCO suffers, and those providing its infrastructure suffer. What was the problem again?Well, what did you expect ? A typical shareholder these days has but ONE thing on his mind. MONEY. How he gets it, doesn't really matter. Insider schemes, pump and dump, or just plain guessing. The important thing for that guy is just to buy low/sell high. And SCO stock happens to be moving quite a lot the last couple of months. Forget about those kinds of losers, they would take stock in Hell itself if that was possible and it was low enough. Trading in SCO stock these days is just another verion of musical chairs. Once the music stops and Darl has to show his 'evidence', there are going to be some greedy bastards that get stuck with the check. That's life, that's how the stock exchange works. Just don't try to interpret SCO ownership as anything else than an attempt to enrich yourself. That's all it is and all it will be.
I know that a lot of people are pissed off at SCO for all of their rampant BS, but DOS attacks do not do jack squat to "help" Linux, Open Source, or otherwise because it makes Linux users look like a bunch of criminals, which is exactly what SCO wants people to think.
"You spoony bard!" -Tellah
The hosting company is Center 7, which is partially or fully owned by Canopy Group. Canopy Group is the largest shareholder in SCO.
BTW, Center 7 and Canopy sued Computer Associates recently. They settled for $40 million. Those Canopy Group fuckers are sue-happy pricks. "Contracts are what you use against people you do business with", indeed.
CA says settles Canopy Group, Center 7 litigation
Do you mean something like this? Someone at Newforge has posted that they have done traceroutes to routers on Center 7's network and it tends to confirm the suspicion that SCO isn't experiencing any DoS attacks:
m (216.250.136.98)o m (216.250.136.254)
Well, if it was a DOS how could I access machines behind the same routers the website is on?
Such as these routers
c7pub-216-250-136-74.center7.com (216.250.136.74)
c7pub-216-250-136-98.center7.co
c7pub-216-250-136-254.center7.c
And these machines behind the routers
fgw.calderasystems.com (216.250.128.253)
mail.sco.com (216.250.130.37)
phoenix.ut.caldera.com (216.250.130.1)
These machines were ALL accessable with NO dropped packets and LOW latency. A simple traceroute from 3 parts of the country (OR, WI, CT) produced the same route from "hs-10-1-1.a01.ptldor01.us.ra.verio.net (157.238.26.129)" on to the endpoint.
It cannot be a DOS without disrupting traffic to the other machines behind the final router unless the there is some absurd setup like www.sco.com having a 128KB/s link while the router has a 1GB/s link. I do not think this is the case though.
Besides, you would WANT to attack the Routers instead since they can do something fancy like redirect legitimate HTTP requests to the webserver at a different address while letting the DOS'ing machines continue to think 216.250.140.112 is the correct address.
And again, even SCO says they are doing maintenance and not experiencing DoS attacks.