Slashdot Mirror
SCO Group Web Site Attacked Again
FreeLinux writes "With not much SCO news today, it seemed that this story was needed - Reuters is reporting that, SCO is again suffering under a DDoS attack that has crippled their web site and email system since Wednesday morning. For the third time this year, the SCO Group's Web site came under attack, apparently by hackers unhappy with the company's legal threats against users of the Linux operating system. The denial-of-service attack started at 6:20 a.m. EST Wednesday and continued through the day, said Blake Stowell, spokesman for the Lindon-based company."
Grow up. Settle it by the law.
I don't see how this is going to help. Knowing SCO, they might try to make themselves the martyrs and use the attacks to cast a bad light on the Linux community in general. This issue has already gotten nasty enough anyway.
If my answers frighten you, stop asking scary questions.
Folks, if it's a SCO story, check with Groklaw before passing judgment. For every bit of FUD coming out of Linden, a blast of anti-FUD is lobbied back.
I thought the same thing.
I mean, what the hell is " apparently by hackers unhappy with the company's legal threats against users of the Linux operating system" supposed to mean? I think that is a dangerous assumption. After all, it is probably Windows machines that are the 'bots, right?
I find it quite sad that our community has to loudly distance itself from supposed DDoS attacks and such against SCO while SCO makes a total mockery of the legal system and justice in general with their current campaign. For those who may not have noticed some earlier posts, discussion on Groklaw has brought up the possibility that this isn't a DDoS, but either just idiotic network admins on SCO's part, or perhaps even an intentional takedown to *cough* allow for a nice bit of publicity on their part. Whatever the true case is (and I'm not advocating any as the real one, I'll leave that for others to decide), SCO has certainly scored some nice negative publicity towards the OSS crowd, even if the DDoS is real and the attackers have nothing to do with OSS.
IIRC there was an earlier supposed DDoS against SCO's servers that turned out to be that the servers were just down.
In any case, it's nice to see the /. crowd (as always) advocating fair play and not using vigilante justice. Too bad SCO doesn't seem to believe in the fair play bit.
From the article header:
For the third time this year, the SCO Group's Web site came under attack, apparently by hackers unhappy with the company's legal threats against users of the Linux operating system.Where in the article did it say this? I certainly can't find it.
Slashdot editors might want to RTFA before approving a post. The submitter of this one got a wee bit overzealous.
Karma: Frotzed (mostly due to the Frobozz Magic Karma Company)
Look at what SCO does to the Linux community.. fractures and bickering... Destroying something that was supposed to be moral and good for all.
One can almost feel the power of the ring at work....
SCO's press release served its purpose. Search Google News for "SCO" and you will see headlines like "SCO attacked by Linux folk." The real news - that SCO lost in court and that SCO's financials are starting to smell - is completely pushed aside by the DOS headlines.
That is interesting. Perhaps you should email pj? I'd definately go mention this over on groklaw, and give as much detail about where you work as you are comfortable doing.
If they are lying about this, this would play into Red Hat and IBM's suits/coutersuits very well. I mean, we all know they lie to the press all the time, but something like this is just over the top.
You say
It is highly suspect that a company who's web site was felled by an ancient and easily defended 'attack' was able to so expertly and swiftly identify the cause in time to write up and distribute a press release before the close of business.
I've been folowing this story all day and the last thing I expected to see on /. was a regurgitation of "facts" with a 'questionable heritage'.
Several sites (groklaw, lwn) have already pointed out that the claims of being hacked should be viewed with a liberal ointment of skepticism for any of the following reasons;
one better than mcleodeight
just out of curiousity, what do you think makes people assume that any attacks on sco are from the linux community? to me, its almost as if walmart.com got attacked and everyone blamed the mom-and-pop stores. ridiculous.
Gyrate Dot Org - "Where high-tech meets low-life"
It's amazing that they are only DoS'd during their employee's working hours.
The group(s) would be attacking all SCO boxes online rather than just a single web site. Why take down the company if you can simply make their customers quit buying their crap. No, I suspect this is just a hoax.
I prefer the "u" in honour as it seems to be missing these days.
Careful.
There is a decent chance that their claims are designed to inflame.
Claim the Open Source community is behind it and you get a bunch of people who have already been accused starting to think they may as well commit the 'crime' for which they are being blamed.
Sure the claims made by SCO have always been seen to be ridiculous, from a technical POV. But their point has never been to convince the geeks. They are playing to a larger audience and seen in that light their bumbling and fumbling, technically, starts to look a little more deliberate.
Call me paranoid, but SCO could be trying to create the incident they claim is ocurring right now.
the SCO Group's Web site came under attack, apparently by hackers unhappy with the company's legal threats against users of the Linux operating system
Please tell me how they know what these 'hackers' were unhappy with. This could have been done by anyone.
The fundamental principle of civil disobedience is found in Thoreau's formulation that "Under a government which imprisons unjustly, the true place for a just man is also a prison." An act is not civil disobedience unless the protestor is at credible risk of being arrested. For a protest to deserve the honor of being described as civil disobedience, it requires risk and sacrifice.
Gandhi spent time in prison. As did MLK. And so did many of the serious anti-war activitists in the 60s.
There's a second issue. SCO is not a government. There is recourse through justice against SCO. So civil disobedience is, again, not appropriate; civil disobedience is directed against a government guilty of an injustice which cannot be redressed through ordinary means.
Those launching a DDoS against a company that's doing something stupid are risking nothing, are sacrificing nothing. They are also providing SCO with ammunition in their attempts to paint all Linux users as criminals (pirates, copyright violators, communists!). They're vandals, pure and simple, and the fact that they're vandalizing an asshole's house isn't a valid justification.
Can we get an edit for the groklaw link on the mainpage? Anyone who just skims the headlines is going to get a very skewed impression of todays events.
RMS never claims the be the self-appointed leader of anyone
Wha...? Are you joking? Would this be the same RMS who insists on Gnu/Linux? I'll grant you that RMS does it in a different way than ESR, but RMS self appoints himself all the time into things. It's his way or the highway.
Sometimes it's best to just let stupid people be stupid.
Stop the Slashdot effect! Don't read the articles!
Something is suspicious about the announcement of a DDOS on a bad day for SCO stock (note that SCOX stock fell quite a bit today). Most likely, it is to divert attention from the real problems (investors speaking up, etc.)
/. lemmings went on a limb claiming "oh, c'mon guys, don't let *us all* get into distepute."
Some of the wall street lemmings will fall for this, just like many
S
SCO has launched a denial of truth attack against the linux community.
Early in the morning, someone was exploiting a rooted SCO corporate web server. But they tripped over an intrusion detection alarm. System/network administrators were notified.
Per their company policy, they shut SCO's entire network off from the entire world. "Internal mail servers and other support servers were unavailable." After a few hours, they determined that the intrustion was limited to the main corporate web server. The web server was broken off from the network. Network connectivity was restored (but no longer having a web server). "The web server is under a denial of service attack."
SCO employees begin the process of either restoring the existing web server from backup, or preserving the existing server, and bringing online a new server from bare metal. The process is expected to take at least twelve hours. An SCO executive informs at least one media outlet that they expect the problem to be resolved in some time after twelve hours. They're still working on it.
This also fits what happened in August, when their corporate web server was unavailable for THREE DAYS. When it was brought back online, the content was reportedly changed in some areas. It sounds like an inexperienced bare-metal restore or an untested solution. Perhaps part of the web site was not retreivable via backup, and they had to recreate some sections from scratch.
My theory, which I believe totally fits the facts, is that SCO has been rooted and does not want to admit this publicly. So the DDoS/SYN is their cover story, which is close, but doesn't fit the facts well enough to avoid suspicion.
I would appreciate a read on this theory with some feedback postive/negative.
No, RMS claims to speak for the Free Software Foundation, an organization he started and still leads. That sounds pretty fair to me.
ESR persistently claims to speak for all hackers or "our tribe" or "our community". Such a thing has such fuzzy boundaries that it has no single opinion, and even if it did ESR wouldn't represent it.
Being pedantic about terminology may or may not be a good tactic, but I think it's understandable for RMS to resist the FSF being written out of history by clueless journalists.
it could be a Mac user. Right?
It's most likely to be a horde of Zombie windows boxes, which were taken over by a Linux sympathizer. It absolutely makes no difference what platform they used to make the attack, only that the attacker likes Linux more than SCO.
At any rate, the attacks are not necessary and harm our image more than they harm SCO's servers. To whoever is doing the attacks: Please stop, we don't need your "help". SCO is about to be smacked down in court big time, they are doing just fine destroying themselves on their own.
Even if this is a true DOS attack, why is this news? Imagine if Microsoft or Google or IBM put out a press release everytime somebody attacked their servers. If you are a big or a loud company, these things will happen. Don't whine, fix it and get on with life.
First I realy hate to bring this up but Running DDoS for this reason is a terrorist mentality. If you create in your mind an enemy then you completely villainize them enough to justify some sort of attack. Now I like Linux and I dont like what SCO is doing but DDoSing doesn't help anything.
THIS WILL NEVER HAPPEN
Judge: IBM do you have any evidence.
IBM: Well we SCO got DDoS by a people who don't like them.
Everyone: GASP!
Judge: Well I see that SCO case is completely fraudulent and the judgment goes to the defendant.
SCO: But...
Judge: Slaps down his gavel.
-----------------------
If this did have sway in any way it would be for SCO legal advantage because they can use it to show how common the Open Source Community uses illegal means to try to get what they want.
At best all the DDoS will do is wast some of SCO's money. but not enough to put a dent into it. Heck they probably find a Tax loophole to get the money back. Or sue the guy in the previous posts that gives out all the information to DDoS them on Slashdot.
Come on guy think a little. This is the same way terrorist think. "Yea if I blow up this building that will get the US out of the surrounding areas." All it did was make it worse for them in their Point of View.
If something is so important that you feel the need to post it on the internet... It probably isn't that important.
Are we to rule out the possibility that this is not another attempt by $CO to make the "hacker" community look childish and unprincipled? My dad could beat up Darrells dad anyday, anyway.
boycott slashdot February 10th - 17th check out: altSlashdot.org
Further assume that it is a Linux person(s) even though the community as a whole came out against the first attack. Why not likely?
Ok, so, maybe it is not a Linux person.
Instead assume it is somebody trying to make Linux ppl look bad. huummmmm.
Finally, assume that it is some SK that is trying to showoff. Normal situation with a site that is easy to take out and would get lots of press play.
I can safely assume the later 2 are more probable, while the first is not likely.
To be honest, I would also assume that SCO can be lying about being under attack.
I prefer the "u" in honour as it seems to be missing these days.
It would be very amusing to see the reaction of SCO's upper management to having their bluff called.
Karma: Chameleon - mostly influenced by bad '80s New Wave music
Call me paranoid, but if their intranet was affected by this "attack", I suspect that "some things" are going to be "lost" as a result.
IMHO, the SEC and other appropriate authorities might want to get some search warrants quick, surround SCO Headquarters and start saving some of the things that might otherwise get "lost" or "destroyed" due to this "attack".
Regards,
Fredrick
Hey FreeLinux: Learn some basics here:
"...apparently by hackers unhappy with the company's legal threats against users of the Linux operating system."
WHY is this apparent? The only thing that the 'unhappy hackers' have going is motive. IBM could have done it too. SCO could have done it to themselves, or just faked it entirely, as an excuse to go offline to recover from being rooted.
Motive != guilt, especially when there are many groups with equal motives.
"People who do stupid things with hazardous materials often die." -- Jim Davidson on alt.folklore.urban