Slashdot Mirror
SCO Group Web Site Attacked Again
FreeLinux writes "With not much SCO news today, it seemed that this story was needed - Reuters is reporting that, SCO is again suffering under a DDoS attack that has crippled their web site and email system since Wednesday morning. For the third time this year, the SCO Group's Web site came under attack, apparently by hackers unhappy with the company's legal threats against users of the Linux operating system. The denial-of-service attack started at 6:20 a.m. EST Wednesday and continued through the day, said Blake Stowell, spokesman for the Lindon-based company."
Folks, if it's a SCO story, check with Groklaw before passing judgment. For every bit of FUD coming out of Linden, a blast of anti-FUD is lobbied back.
Hell, *I* use Linux and dislike SCO, but this is just a tad unprofessional. OK, I'm kinda disgusted by this behavior - it destroys a moral "high ground" that might be useful to have shortly.
C|N>K
I don't think that DDoS and cracking is the solution, but unfortunately, the law is not always helpful either.
Look at what the use of the law did for the abuse of monopoly power by MS. It was a slap on the wrist for MS and their continued monopolistic practices.
I find it quite sad that our community has to loudly distance itself from supposed DDoS attacks and such against SCO while SCO makes a total mockery of the legal system and justice in general with their current campaign. For those who may not have noticed some earlier posts, discussion on Groklaw has brought up the possibility that this isn't a DDoS, but either just idiotic network admins on SCO's part, or perhaps even an intentional takedown to *cough* allow for a nice bit of publicity on their part. Whatever the true case is (and I'm not advocating any as the real one, I'll leave that for others to decide), SCO has certainly scored some nice negative publicity towards the OSS crowd, even if the DDoS is real and the attackers have nothing to do with OSS.
IIRC there was an earlier supposed DDoS against SCO's servers that turned out to be that the servers were just down.
In any case, it's nice to see the /. crowd (as always) advocating fair play and not using vigilante justice. Too bad SCO doesn't seem to believe in the fair play bit.
From the article header:
For the third time this year, the SCO Group's Web site came under attack, apparently by hackers unhappy with the company's legal threats against users of the Linux operating system.Where in the article did it say this? I certainly can't find it.
Slashdot editors might want to RTFA before approving a post. The submitter of this one got a wee bit overzealous.
Karma: Frotzed (mostly due to the Frobozz Magic Karma Company)
SCO's press release served its purpose. Search Google News for "SCO" and you will see headlines like "SCO attacked by Linux folk." The real news - that SCO lost in court and that SCO's financials are starting to smell - is completely pushed aside by the DOS headlines.
That is interesting. Perhaps you should email pj? I'd definately go mention this over on groklaw, and give as much detail about where you work as you are comfortable doing.
If they are lying about this, this would play into Red Hat and IBM's suits/coutersuits very well. I mean, we all know they lie to the press all the time, but something like this is just over the top.
You say
It is highly suspect that a company who's web site was felled by an ancient and easily defended 'attack' was able to so expertly and swiftly identify the cause in time to write up and distribute a press release before the close of business.
I've been folowing this story all day and the last thing I expected to see on /. was a regurgitation of "facts" with a 'questionable heritage'.
Several sites (groklaw, lwn) have already pointed out that the claims of being hacked should be viewed with a liberal ointment of skepticism for any of the following reasons;
one better than mcleodeight
just out of curiousity, what do you think makes people assume that any attacks on sco are from the linux community? to me, its almost as if walmart.com got attacked and everyone blamed the mom-and-pop stores. ridiculous.
Gyrate Dot Org - "Where high-tech meets low-life"
Careful.
There is a decent chance that their claims are designed to inflame.
Claim the Open Source community is behind it and you get a bunch of people who have already been accused starting to think they may as well commit the 'crime' for which they are being blamed.
Sure the claims made by SCO have always been seen to be ridiculous, from a technical POV. But their point has never been to convince the geeks. They are playing to a larger audience and seen in that light their bumbling and fumbling, technically, starts to look a little more deliberate.
Call me paranoid, but SCO could be trying to create the incident they claim is ocurring right now.
The law is never helpful from the perspective of someone who has lost a case. If MS/SCO/whoever wins and the opposition exhausts appeals, then I'm willing to let a particular case drop.
As for the precedent the decision establishes - it can also be fought an argued against or nullified without ddos and cracking. Granted, it's difficult and often seems hopeless at that point.
I'm all for fighting the good fight, but there is no use in 1) exacting vigilante justice because you are impatient or 2) exacting vengeance because you stand to lose from a judgement. The republic (what's left of it) provides legal avenues from which to punish violators, establish new legislation, and overturn precedent. I'm not sure those avenues are completely shut just yet. With many citizens, such methods are not practical to effect an individual's desires in the short term, but they at least provide long-term potential. Think of your kids, and think of the rights you enjoy now because people fought for them despite the fact that they would probably not see their efforts through to fruition.
The fundamental principle of civil disobedience is found in Thoreau's formulation that "Under a government which imprisons unjustly, the true place for a just man is also a prison." An act is not civil disobedience unless the protestor is at credible risk of being arrested. For a protest to deserve the honor of being described as civil disobedience, it requires risk and sacrifice.
Gandhi spent time in prison. As did MLK. And so did many of the serious anti-war activitists in the 60s.
There's a second issue. SCO is not a government. There is recourse through justice against SCO. So civil disobedience is, again, not appropriate; civil disobedience is directed against a government guilty of an injustice which cannot be redressed through ordinary means.
Those launching a DDoS against a company that's doing something stupid are risking nothing, are sacrificing nothing. They are also providing SCO with ammunition in their attempts to paint all Linux users as criminals (pirates, copyright violators, communists!). They're vandals, pure and simple, and the fact that they're vandalizing an asshole's house isn't a valid justification.
Can we get an edit for the groklaw link on the mainpage? Anyone who just skims the headlines is going to get a very skewed impression of todays events.
It certainly was effectively used by the spammers to crush their enemies. I forget the name, but one of the major anti-spam websites was forcibly closed because of DDoS, and nobody was prosecuted.
And this improved the public's perception of spammers how?
Actually, they are using Linux. Most likely, they are using UnitedLinux based on SUSE. All SUSE distros have syn flood protection enabled by default. Plus, many people report their FTP server was fine all this time on the same subnet. SCO's story doesn't add up. It looks like they shut off their webserver to have another excuse at a press release to try to drive their stock price back up in order to dump more shares to buy shiny Christmas presents.
That's my guess anyway.
Early in the morning, someone was exploiting a rooted SCO corporate web server. But they tripped over an intrusion detection alarm. System/network administrators were notified.
Per their company policy, they shut SCO's entire network off from the entire world. "Internal mail servers and other support servers were unavailable." After a few hours, they determined that the intrustion was limited to the main corporate web server. The web server was broken off from the network. Network connectivity was restored (but no longer having a web server). "The web server is under a denial of service attack."
SCO employees begin the process of either restoring the existing web server from backup, or preserving the existing server, and bringing online a new server from bare metal. The process is expected to take at least twelve hours. An SCO executive informs at least one media outlet that they expect the problem to be resolved in some time after twelve hours. They're still working on it.
This also fits what happened in August, when their corporate web server was unavailable for THREE DAYS. When it was brought back online, the content was reportedly changed in some areas. It sounds like an inexperienced bare-metal restore or an untested solution. Perhaps part of the web site was not retreivable via backup, and they had to recreate some sections from scratch.
My theory, which I believe totally fits the facts, is that SCO has been rooted and does not want to admit this publicly. So the DDoS/SYN is their cover story, which is close, but doesn't fit the facts well enough to avoid suspicion.
I would appreciate a read on this theory with some feedback postive/negative.
No, RMS claims to speak for the Free Software Foundation, an organization he started and still leads. That sounds pretty fair to me.
ESR persistently claims to speak for all hackers or "our tribe" or "our community". Such a thing has such fuzzy boundaries that it has no single opinion, and even if it did ESR wouldn't represent it.
Being pedantic about terminology may or may not be a good tactic, but I think it's understandable for RMS to resist the FSF being written out of history by clueless journalists.
IT didn't affect it at all.
1. The public can't even spell DDoS, yet alone know what it is.
2. The public has no idea what a email blacklist is, or why they're important for fighting spammers. To them, telling people that one of these sites would elicit a "huh?" response, not a "oh, damn!".
3. The public most likely didn't hear about the spammers pulling this crap, because CNN was too busy showing happy puppies and ignoring real news (like this, the war crimes in Iraq, etc).
So yeah. The spammer's reputations, which are tarnished beyond repair already, are, er, "safe", such as it is.
Further assume that it is a Linux person(s) even though the community as a whole came out against the first attack. Why not likely?
Ok, so, maybe it is not a Linux person.
Instead assume it is somebody trying to make Linux ppl look bad. huummmmm.
Finally, assume that it is some SK that is trying to showoff. Normal situation with a site that is easy to take out and would get lots of press play.
I can safely assume the later 2 are more probable, while the first is not likely.
To be honest, I would also assume that SCO can be lying about being under attack.
I prefer the "u" in honour as it seems to be missing these days.