Slashdot Mirror
South Pole Research Station Hacked Twice
Marda writes "It's been known for a while that Romainian cyber extortionists cracked the computer network at the Amundsen-Scott South Pole Station last year. Now SecurityFocus is reporting that another computer intruder penetrated the station just two months before, and cracked the data acquisition system for the Degree Angular Scale Interferometer (DASI), a radiotelescope that measures properties of the cosmic microwave background. It turns out the station was insecure 'purposely, to allow for our scientists at this remotest of locations to exchange data under difficult circumstances,' according to internal reports."
Why can't they just leave our unsecured network alone? Next we'll have to secure that WiFi network so the Australians stop leeching.
insecure purposely? what about SSH? what about VPN? jesus, arent these scientist smart? cant they use some tools for that matter, cant someone creat a gui so the dont have to?
this is the most riddiculous thing I've ever heard.
"goodbye and hello, as always" ~Prince Corwin, from Zelazny's Amber series
all your base belong to us!
Must be the penguins out tehre.
That's cold, man... that's cold!
I almost had FP, but the latency out here on the south pole is horrible.
why can't we just leave the last unclamined "land" in this world alone?
Dude! what the hell you want after hacking those machines?? try your skillz/toolz on somewhere else more respectable! if you can't kill a lion with your gun, then stop killing goats/asses around!
Purposefully insecure? That's the silliest thing I've ever heard. And I've heard it often. :)
There must be SOME technology (VPNs, as previously mentioned, perhaps) that can make it both easy and secure?
Heck, if they'll buy me the books and fly me down there, I'll fix it myself.
Some people are just plain jerks. Sure, I want to know if my financial information is safe. But why should hackers take the time to bother scientific equipment?
I can just see it now. A buoy in the ocean with millions of dollars in scientific instruments and sensors, collecting data for good of all mankind. Then some hacker finds his way in through the radio connection and manages to burn out or blow up the equipment by playing with the settings. His excuse? "See! It should have been secure! Next time you'll know better!" Way to miss the point, jack.
Javascript + Nintendo DSi = DSiCade
backdoored...
See! Rush Limbaugh was right .. this global warming "evidence" is all the work of hackers!
seriously, hire me. I will secure your network and make it "easy"...
Stuff like that should not happen with propoer staffing, so one has to ask? where is their netowrk guru? all those scientists, one should have learned how to be a sysadmin by now. It's really not that hard... Well, it depends on the OS, but still...
Do I smell a community effort brewing to help these people out?
that pure blocks of ice a firewall does not make.
Come on, physical location means nothing now!!!
--
# Canmephians for a better Linux Kernel
$Stalag99{"URL"}="http://stalag99.net";
I leave my keys on the dash of my unlocked car all the time. This makes remote access so much easier.... pffft
This is obviously going to be blamed on Tux.
There used to be a machine at McMurdo Station called mcmvax.mcmurdo.gov. I remember back in, oh, 1994 or so, sending finger requests to their machine and using the VMS equivalent of talk(1) (can't remember what it was called...) to send text messages to the folks logged on. I don't remember ever getting a response, though. It was also kind of fun to do traceroutes and pings to the machine. The network path was insane...apparently it went over satellite and the latency was usually at least 800ms+. Ah, memories...I miss the days when almost everyone ran open finger and talk/ntalk daemons.
How difficult are we actually talking about here? As far as I know, an international battle frontline can be the most difficult circumstance for system administrators to work in. But again, the military networks are the most secure. Needles to say, the hackers should know that destroying computer networks in an isolated place such as the Antartica could even go to the extent of costing lives, and it is high time the Amunden-Scot admins secured their networks.
This is my sig. There are thousands more, but this one is mine.
Scientists are generally knowledgable, but only in their field of specialization. You don't expect a particle physicist to know about macro biology, and you don't expect an ornithologist to know about particle physics.
Computer security is another one of those fields that requires its own study time to be competent in, and most people aren't interested or don't want to spend the time.
tasks(723) drafts(105) languages(484) examples(29106)
In other news, an electronically enhanced volleyball within the vicinity of the Cook Islands was claimed to have been pwn3d. When asked for comment, the response we got was "Wiiillsooooon! Wiiilllsooooon! What are we going to do now, Wilson?!"
It would be cool if it didn't suck.
there's bound to be major shrinkage if you have just been outside.
Hackers are harmless dorks. Crackers are the evil ones. Learn the difference
http://catb.org/~esr/jargon/
Conformity is the jailer of freedom and enemy of growth. -JFK
The main reason for running unsecure, is that the data pipe running to the South Pole is only open for just a few seconds at a time. You have to be able to transfer your data packet in little bitty windows of opportunity. If you have your data packaged in nice large security packets it will take forever to transfer your files, if at all. As soon as they come up with a better way to communicate with those stations I think they will be the first to secure there data.
Some days I get the sinking feeling Orwell was an optimist.
What kind of data can be top secret down there?
Ice data must be very exiting to the world.
CowboyNeal! You have just slashdotted an insecure server running the lifeline of dedicated scientists, far far away in Antartica! You insensitive clod!
This is my sig. There are thousands more, but this one is mine.
I guess, there goes my next security device project named, "icewall". I've just lost credibility.
Next project, "building cheap disposable X Plane". It's so cheap, if it crashes, I can build more! BRILLIANT!
"Don't let fools fool you. They are the clever ones."
... and not romainian ? just google check it ;)
Would some Slashdotter with some spare time please hack their network and install SSH and a firewall? Thanks!
Don't waste your vote! Vote for whoever you want, unless you live in a swing state it won't matter anyways
Hmm south pole- it could have actually been Tux the Penguin!
What kind of some monsters would do this to serious research project? Our shock should turn to anger, and we should learn to deal with internet bandits. They will know that to break scientist's back is to cultivate Disaster on themselve.
I suggest you read Slashdot
http://www.zone-h.org/defacements/mirror/id=196381 /
I wonder if spent more time making the banner or kiddie-sploiting the server?
1. They wouldn't have been 0wn3d so easily
2. It would keep them toasty warm!
Best Buy can have you arrested
It's Romanian NOT Romainian.
I'm not proud of what some of my countrymen did but I am proud to be a ROMANIAN.
FTA:
"Given the fact that no financial records or systems were compromised, no safety or loss of life was threatened, and no critical system corrupted, we need to balance legitimate security needs with the legitimate needs of our scientists at the Pole," the memo reads.
...Other documents show that less than two months earlier the NSF's security team was plunged into a similar fire drill when a computer intruder named "PoizonB0x" penetrated the primary and backup data acquisition servers for a radio telescope at the station called the Degree Angular Scale Interferometer (DASI), which measures properties of the cosmic microwave background radiation -- the afterglow of the Big Bang. The intruder, rated a prolific website defacer by tracking site Zone-H, used his moment of cosmic access to erect a webpage on the servers proclaiming, "I love my angel Laura."
Now, I'm not one for people snooping around in my stuff when they're not invited or anything, but consider this: The first hack modified a web page on a system that collects monitoring data (but most likely does not contain other meaningful data, like formulas), and the second intruder accessed no financial data, did not threaten safety, and did not corrupt any critical systems.
Isn't it possible that the systems that were compromised were actually left insecure, not necessarily "on purpose", but because they felt that there wasn't much of a need to secure them in the first place? They probably calculated the possible risks and decided that, if both systems did in fact only contain informational webpages or data collected from their equipment, that there wasn't much point in worrying a lot about securing them (after all, who would really care about the data besides them?).
I was in the park the other day wondering why frisbees get bigger and bigger the closer they get - and then it hit me.
I don't get it!
FYRP
...and expect to get net burgaled. Really is that simple. Regardless of the technical or budgetary constraints that's the way it is. The internet is a nice borderless place and even if everyone at your base station is nice and honest, that doesn't mean there aren't criminals within reach of your data.
The correct way to deal with this is to have a DMZ - a nice public facing internet machine that isn't as security critical as your primary experiment instrument. This may mean a compromise in terms of budget and/or data availability.
These posts express my own personal views, not those of my employer
As someone who's set up Internet servers in the high Arctic and who quite recently found himself posting 'I'm still alive' updates to my blog as the remote South Pacific island I was on was being battered by a hurricane, I STILL made sure to use ssh/ssl to connect to remote servers.
I was dialed in over a microwave link running at about 10Kbps. Even pathetic bandwidth is no excuse not to use simple security measures.
P.S. I'm posting from yet another Pacific Island, where I regularly use an ssh tunnel to connect to my home IMAP server, over a modem line that I share with 12 other computers on our local network.
Crumb's Corollary: Never bring a knife to a bun fight.
...because it was too cold.
Because there be oil in them thar icebergs!
My Favourite Meme
I just found Big Dead Place a couple days ago, and read their account of one of these 'hacker attacks' and Raytheon Polar Services' (RPSC) reaction to it.
Short version: Everyone at the pole was pissed. Denver (RPSC headquarters) took away their porn^H^H^H^Hnet access, and thus made a bunch of already deprived individuals even more deprived.
There's a ~500 K newsletter-spoof PDF on the site that expresses some of their feelings.
- "Kudos to the Denver IT staff for quickly responding to a hacker attack on South Pole Station. The attack occurred Friday night Denver time and our crack professional team denied the attacker access by immediately pulling the plug on Pole. They got back to dealing with the aftermath of this knee jerk response sometime Wednesday shortly after the last chocolate sprinkle donut had been eaten but shortly before nap time."
There's also: Top Ten Reasons South Pole Can't Access the InternetSome other interesting things on the site:
"...America's great minds of today, teaching America's great minds of tomorrow. Poor bastards." -- A Beautiful Min
The Amundsen-Scott station is very expensive to maintain. During the winter the entire base population can be as low as 17 individuals; this can increase significantly during a few months out of the summer, but with cuts in funding the total personnel at the station remains low.
The station is designed for one thing: scientific research. With that in mind, the people you send to the station are those capable of doing the research, or those that are capable of maintaining the station so that others can do their research. Most of the folks there are conversant in a half-dozen jobs - *because they have to be*. There isn't enough funding for critical positions, much less a position like 'computer network administrator' which is nothing more than dead weight 99% of the time. A person who, if they can't also fix tractor engines, maintain the fuel-based heating system, and help calibrate various pieces of astronomical equipment, is nothing more than a waste of space, food, and energy.
No doubt the Amundsen-Scott folks decided to do business 'as usual', e.g., in a not very secure manner, because a) who the hell would want to hack the system when there's nothing to gain?, and b) there isn't anyone there who's life work is system security.
(In fact, I'm willing to bet they *could* secure the system in a decent manner, but never saw the point of it since they couldn't conceive of why anyone would want to mess with it in the first place. Frankly, I can't either; it takes a real jack-off to do something like this.)
All those clueless gits out there who scream "they should have a network administrator!" might want to keep in mind that a network administrator isn't worth his weight in fuel to ship out there, much less keep around during the eight months of the year they're pretty much cut off from the outside world. And yes, that means *you*; if all you know is network administration/security then you're useless waste of good oxygen at Amundsen-Scott, and the people there neither want or need you cluttering up the cramped base, eating their food and using their heat.
Max
My god carries a hammer. Your god died nailed to a tree. Any questions?
...is, of course, here.
The date can't be too sensitive, if they make any discoveries it will become public knowledge so the scientists can try to win their Nobel Prize :). They know properties of neutrino-antineutrino chains, but I can't expect scientists to know alot about security. I'm sure they hired some dude to come in, install the shit, and leave, cuz its damn cold down there !
I didn't catch this part, but was the security hole a common problem? Or did the "Romanian Extortionists" do something new. I'd have difficulty in doing something like this, not the "hacking" into part, but how the hell do you find the address to this South Pole research facility???
Ah! So maybe they are South Pole honeypots then. Put up some non-secure machines with interesting data, and let the script kiddies think they've hacked the south pole, when in reality the real machines are nice and safe.
"I'm not impatient. I just hate waiting." - My Dad
I don't get it!
Erm...I don't get it.
Remember, RMS was against introducing passwords into the MIT AI lab, and when they eventually did it he sabotaged the system buy coercing users to choose a blank password. He even brags about it in the Revolution OS documentary.
US-UK-Israel: The real Axis of Evil
Don't get me wrong--that's a pretty lame excuse.
But which volunteers can you trust?
Ease of use does not mean it has to be insecure!! Strong passwords and patched applications do not make usage difficult!!
What's the big deal, as long as the hackers didn't destroy anything ? Maybe theft of information... heck that info would probably be public anyway... maybe they should install a webserver :D
Yes, and it's funny how similar it sounds to other users who don't respect the details of IT: "listen, I'm trying to run a business here", "Listen, we're at the south pole, here."
The only excuses for bad IT practices are fear, ignorance, and laziness.
Furthermore the discussion would be about how scientists are 'stupid' because they don't use Linux (preferably Gentoo would be my guess) instead of about security or cracker ethics and so on.
Uncanny.
Web2.0: I love when people Flickr my cuil and digg my boingboing until my google is reddit and I start to yahoo
Seriously, if you're setting up a network for a long term project, you set it up once, and move it all over there with everythig ready to go... (which means the Amundsun base might have been permanently been stuck with a network of 386's, had things worked that way.) Of course, my guess is that the computers wandered over there one at a time, with no coordinated plan - and no through beyond "we need a few computers, which people in the states need access too, located at the south pole!)
The key issue is that if an academic is given a computer, they're not going to have the faintest idea of what's required security wise. [In fact, I've seen academics go out and buy really big (30") screens and fancy macintoshs just to run email and a browser, if that gives you an idea of the mindset of many in the scientific community.] - and other than the penguins (who only work for herrings and probably don't want to pay tax), there aren't any "neighborhood geeks" nearby to help them with their machines.
I just spent two years in a science laboratory in North America at a VERY large institution. Of the two hundred or so scientists in that department alone, maybe ten or fifteen knew enough about computers to write HTML - and probably not a lot further. As the department evolved over time, computers were added in one at a time, by whom ever felt like putting in a computer. Thus, there wasn't a single coordinated plan , and some of the computers were left completely vulnerable intentionally! If there's no one in charge, no structure to coordinate the addition of computers, and no one able to make the decisions to put an infrastructure in place, there's no one to insist on security standards. Can you say welcome mat to hackers?
I'd be willing to bet that that's exactly what happened at the South Pole. Someone decided they wanted to be able to share files with another scientist, and I'd doubt either had ever heard of SSH. Net result: they intentionally put a hole in the flimsy security they had to begin with. I can imagine the thought process: "I need to share a file with someone 30000km away.. lets just create an annonymous ftp to c:\, that way I won't have to worry about them not having access to anything they need!"
Finally, the key point is that if you have computers at the south pole, it's going to cost an exorbitant amount to send someone out to mantain them, and the only alternative is to have the scientists call "tech support" back in the states (or is india closer?), which is probably like talking my father through a computer problem. It's bad enough when you're there, but 100x worse when you're at opposite ends of the country. Of course, if you leave a few "holes" open intentionally, someone back home can log in and maintain it for you. (-;
Sorry for the overlong rant!
The more you know, the more you know you don't know.
What they need is more ICE!
All those clueless gits out there who scream "they should have a network administrator!" might want to keep in mind that a network administrator isn't worth his weight in fuel to ship out there, much less keep around during the eight months of the year they're pretty much cut off from the outside world.
I administer numerous servers hundreds or thousands of miles away from me. No kidding. Who says I would have to be shipped down there to install things like patches, updates, firewalls, and the like?
I'm too time-impacted to do this for free, but for a reasonable fee, I could provide reasonable security for their network infrastructure without ever leaving my house.
If a hacker could get into it, I could get into it and lock it down. My own limitations are that I'm generally a Linux/Unix user and not too familiar with locking down Windows... so if their server was Win2K or XP, I'm not the man for the job....
Anyway, it doesn't take a pair of hands to do 98% of server administration, if the admin is any good.....
I have no problem with your religion until you decide it's reason to deprive others of the truth.
a few random quotes from the 'welcome' page:
"Science is a rational approach to existence, and its true practitioners are, for lack of better words, on the right track. However, to unconditionally bestow respect on scientists is like emptying your wallet for each street musician. And to bestow respect on an agency that funds scientists is like giving your wallet to a bus driver with instructions to give it to a street musician."
"Four out of five biologists regard psychologists as jibbering baboons, and you should too. If other scientists had their way, Psychology would not be considered a "science" at all, but would be ranked somewhere above Creationism and below Performance Art. In fact, those who receive undergraduate degrees in Psychology but decide not to pursue graduate programs in that field often fall back on careers in Human Resources. But because the psychologist is in a position to terminate your contract on a whim, it may be in your favor to temporarily imagine the psychologist not as a glorified HR clerk, but as a respected authority with legitimate expertise. Such ideas can always be discarded after the interview."
got to love the guy, whoever he may be, he is funny. as someone has said above, the real story is here http://www.bigdeadplace.com/
The power of accurate observation is commonly called cynicism by those who have not got it. -- G.B. Shaw
Sometimes you really do need to treat things like NASA - and it's rarely expensive in situations like this to have a second box with an identical configuration and someone to do up decent docs.
Their is no excuse for poor secuirty. Get *NIX (looks like they need some serious out of the box security), and ditch the WIndowz boxes.
If they are smart enough to use packet or satellite, then they can use BSD or Linux.
First: unclench.
Good.
Second: Prepare yourself for future-shock and read up on this crazy new-fangled thing called "remote access."
Is "cracking" cold computers easier (like ice)?
John Kerry is a Joke!
Can you really call it "cracking" if there was no security in the first place?
It's like in Fahrenheit 9/11 where the cops "infiltrate" the peace group whose membership is, uh, open to the public.
It's easy to say the words "remote access", isn't it?
Call your local provider, ask them about getting a line to the South Pole. Keep calling until you find someone who can provide it. Once you do, ask them how much it will cost. Now, calculate how many slaves you'd have to keep working in full-time positions to be able to afford any decent amount of bandwidth.
steve
Oh, you're not stuck, you're just unable to let go of the onion rings.
If they are smart enough to use packet or satellite, then they can use BSD or Linux.
Many measurement devices don't have required software ported for [insert your *nix].
OOo doesn't have the same capabilities as Excel, essential in many enviroments.
And who is going to pay for porting that Excel/VBA/Access/MS SQL/etc stuff to BSD/Linux?
"All those clueless gits out there who scream "they should have a network administrator!" might want to keep in mind that a network administrator isn't worth his weight in fuel to ship out there, much less keep around during the eight months of the year they're pretty much cut off from the outside world."
Consider the following:
1. What is the cost of replacing a trashed system?
2. How much does downtime cost you?
3. What does it cost to get someone to your site to fix your system?
4. What POTENTIAL expenses/risks do you face if someone uses your equipment to do damage to another site.
Consider the following scenario:
a. Someone trashes your system and uses it to say hack a government system, steal credit card numbers, launch a phishing scam.
b. The feds come knocking on your employer's door and it is discovered that the system used to do the damage was managed by you.
c. You find out that it was some uneducated HIGH SCHOOL kid with a childish "hacker" name that manipulated your computer like a sock puppet.
d. People that have heard you rant about how "worthless" sys admins are start to wonder how credible the rest of your statements are.
X
Any OS from W2K upwards version supports IPSEC.
I'm sorry if I haven't offended anyone
What is the cost of replacing a trashed system?
RTFA. The system wasn't trashed. Very little was done to it.
How much does downtime cost you?
Considering that they only have communication access to the outside world for a few hours a day, very little.
What does it cost to get someone to your site to fix your system?
When the fuel could be used to ship needed equipment, food, or just used for heating, a whole hell of a lot.
What POTENTIAL expenses/risks do you face if someone uses your equipment to do damage to another site.
Considering the equipment on-base and the very limited daily access, this amounts to a big, fat zero. Or did you think they had cable?
People that have heard you rant about how "worthless" sys admins are start to wonder how credible the rest of your statements are.
A system administrator IS worthless at Amundsen-Scott, compared to a mechanic, a scientist, or an electrician. Do a bit of research on the subject before talking out of your ass.
Max
My god carries a hammer. Your god died nailed to a tree. Any questions?
Now we have to listen to every jackass IT person who's out of work tell us all how much smarter they are than physicists.....eat a dick!!! No one really care if they hack the computer that is storing information on the big bang. ITS STILL OUT THERE DUMBASSES!!!! or are your pointy heads not groking this. The reason they left it unsecure is so people can access it in the worst of conditions, like intermittant connections, etc... The info is still out there you morons..........
I administer numerous servers hundreds or thousands of miles away from me. No kidding. Who says I would have to be shipped down there to install things like patches, updates, firewalls, and the like?
Good luck. Their access is by satellite, at most a few hours out of the day. They don't have cable, dial-up, or anything else of that nature.
And frankly, if I were at Amundsen-Scott right now I sure as hell wouldn't trust a slashdotter to properly lock down my system. Especially remotely, where I can't throw the little bastard out into the snow if he fucks something up - without a heated oxygen tank.
In any event, as I said before they no doubt can lock down the system on their own; everyone there is very, very bright and installing system security isn't exactly rocket science. They probably didn't do so because they have better things to spend their time on (like science, or repairing critical equipment) and didn't envision that some little wanker was so bored and fucked in the head that he'd hack their second-rate system.
Max
My god carries a hammer. Your god died nailed to a tree. Any questions?
Lol. How the feck did that get post get an "Insightful". "Blind trolling" might be more appropriate. If the staff at the research station can fill so many roles then one of them can do net admin aswell. In fact, even better , as you like to conserve fuel why not get someone to REMOTELY admin the system. Further, if you cant conceive why someone would hack such a system try this ..... BECAUSE ITS THERE! Pretty much the same reason people first explored the large lumps of ice at the top and bottom of our planet.
Second: Prepare yourself for future-shock and read up on this crazy new-fangled thing called "remote access."
They don't need some little state-side wanker to install security for them. Now that they know there are idiots out there who'll - for god knows what reason - try to hack their system, they're more than capable of doing it themselves.
Installing security doesn't take any great amount of skill, and everyone there is very, very smart. They certainly aren't in need of a 'professional' for this task. I'm just disappointed by the fact that they have to waste the time on it, when they have so many better things to do with their limited resources.
Max
My god carries a hammer. Your god died nailed to a tree. Any questions?
I remember a story of a litterature professor in Cambridge. He had literally his life's work stored on the C drive of his PC, with no backups. One night thieves broke in and stole his PC. He went to the newspapers and offered a large reward, "no questions asked". I don't know if he ever got it back.
10 ?"Hello World" life was simple then
Sooo... did they find any proof for those NAZI UFOs from Neuschwabenland?
Sure they had security low. Nerds in stressful conditions aren't capable of setting up really secure systems, and there's no mares on the South Pole so nerds could relieve the stress...
They really, really, must have unbelievably "limited" resources for not beeing able to do this. As you said, it is not that difficult.
Poor excuse, very poor.
Persons like this might as we be dyeing. How can they sabotage the nature of our future. This is evil. I am disgusted to be an humman.
All those clueless gits out there who scream "they should have a network administrator!" might want to keep in mind that a network administrator isn't worth his weight in fuel to ship out there, much less keep around during the eight months of the year they're pretty much cut off from the outside world.
Anyone with a home *NIX system connected via broadband (or dialup) has to learn basic network admin anyway. Especially as soon as there is more than one device on the local network.
Of course, there is more the attitude of "if it works, don't f**k with it". The last thing anyone wants, is to get the blame if project X failed to transfer the last 24 hours of logged data, because they thought nobody would be used TCP/IP ports in the range 1024 to 32768.
Vintage computer adverts: http://www.vintageadbrowser.com/computers-and-software-ads
RTFA. The life support systems weren't controlled by the hacked system. That was added by the US department of propaganda to make the threat of cyber-terrorism sound scarier.
(5:30am South Pole)
Bob:"Mornin' Joe"
Joe:"Hey Bob"
Bob:"I think I froze my ass last night. Did we get those new heaters in last night?"
Joe:"I Don't know. I heard a plane, but I think it was that horses-ass Lumbergh with the corporate jet dropping by again."
Bob:"What a prick."
Bob:"Would you hurry up and get that coffee made?"
Joe:"Chill dude, my fingers are half friggin froze too."
Bob:"Any new stuff on the schedule this morning from Corporate Overlord ?"
Joe:"Heh.. you mean Massuh?"
Bob:"*lol*"
Joe:"Nah, just more bitching and whining about budget cuts.. insurance cuts.. pay cuts.."
Joe:"..oh, and that hottie from accounting sent you email."
Bob:"No shit!? What did she say?"
Joe:"...Here, check it out" (passes laptop to Bob)
Bob:"....Click here, huh?..."
Joe:"....what the hell?" (hard drive churning sounds)
Bob:"oops...shit.." (hard drive really churning)
Joe:"Hit the power, dude!!"
Bob:"I am! I gotta hold that fucking switch for 5 seconds"
Joe:"Pull the power cord!"
Bob:"aw shit.. batteries!"
Joe:(knocks over hot coffee)
Bob:"Oww!...coffee's finally hot.."
Joe:"Dammit.. anyone see you come in here?"
Bob:"No, I don't think so."
Joe:"Wow look at that telescope spin!"
Bob:"I didn't know it could revolve that fast!"
Joe:"It can't!"
Joe:"Hit that friggin screensaver and lets bail!"
*click*
*panicked rustling sounds*
*hurried footsteps fade out*
Join the Slashcott! Feb 10 thru Feb 17!
I distinctly remember BAS wanting a database admin for 3 years, including wintering, at Halley and Rothera. Those bases are much smaller then Amundsen-Scott. I'm pretty sure there was an opening for an IT support person there too, also wintering.
They probably didn't think anyone would even bother trying. There is *nothing* on the Amundsen-Scott system worth stealing or hacking. It's mostly raw scientific data, email, and copies of their small web site.
If you think you're even a tenth as capable as the folks who work there, why don't you put in an application? I'm willing to bet that you wouldn't even come close to meeting the minimum application standards. Your ego alone would disqualify you from living in close quarters with two dozen other folks for eight months, without respite.
Max
My god carries a hammer. Your god died nailed to a tree. Any questions?
Please do yourself a huge favor and never use the words "time impacted" next to each other again. Or quit working at that big company you work for, it's rotting your brain! :)
ALL THESE WORLDS ARE YOURS EXCEPT EUROPA ^H^H^H^H^H the south pole
ATTEMPT NO LANDINGS^H^H^H^H^H^H^H pwnings THERE
-the black obelisk
..........FULL STOP.
The point of the securityfocus.com article was not "South Pole Research Station Hacked Twice", but that the US DoJ has used this as a spin campaign to justify the cyberterrorism provisions of the patriot act.
However, the FBI and DoJ's version of events is contradicted by the NSF internal assessment of the attack...
The previous security problems at the South Pole appears in the second to last paragraph as support for the claim that the attack was not threatening to life support at Amudsen-Scott.
ALL THESE WORLDS ARE YOURS EXCEPT EUROPA ^H^H^H^H^H the south pole
ATTEMPT NO LANDINGS^H^H^H^H^H^H^H pwnings THERE
-the black obelisk
..........FULL STOP.
Romainian cyber extortionists
Look, here's some free advice. If you want to make people care about the problem, you need to call them "cyber-TERRORISTS".
Many people don't know what extortion really means, but they know that terrorists can hurt their children.
Geez, its a good thing you guys are mostly libertarian/democrat/green, because you'd make crappy republicans.
It takes a novice to mess things up. But it takes a PHD to really screw the pooch.
...
These people should know better - particularly after the first time.
PHD standing at stove in kitchen of station at the South Pole:
*sizzling noise*
"Ouch!"
*sizzling noise*
"Ouch!"
*sizzling noise*
Lodragan Draoidh
The more you explain it, the more I don't understand it. - Mark Twain
From http://www.polar.org/hr/employ/
... Systems Administrator performs ...duties in providing information systems and technology support ...and ensures the security of RPSC's core production server systems and infrastructure; ...
How do I apply for a position with Raytheon Polar?
Job Title: Systems Administrator
Job Code: ox
Req. ID: TSC100402 & TSC100504
Start Date: 10/1/2004
Location: McMurdo Station
Season: Summer: Oct thru Feb
Position Type:Contract, Deploying, Primary
Job Summary:
I applied for that job last year, and like so many facesless big corporations, Raytheon never even bothered to acknowledge my inquiry. F*ck'em.
Did they damage it at all? I also agree that this would be an excellent community effort to help out the south pole scientists.
This sig is o Unfunny o Funny
At this inclination, the effect of the earth's oblateness on the orbital argument of perigee is canceled out.
That was a waste of a perfectly good explaination. - Jack O'Neill
Live today, because you never know what tomorrow brings
...Never mind
How feasible is remote access (via SSH?) when there's only itermittent internet access? Not very.
Let's get drunk and delete production data!
Hey brothers... many of you are telling that scientists know nothing about computer science or computer security. Andrew Tridgell himself is a phycisist :-)
- This can't be... - Be what? Be real?
While I agree that it's nuts to trust an open system on the internet these days (though it should not be!), there are plenty of folks out there (including brilliant scientists) who still don't realize the danger. It's too bad nobody with a clue had some oversight.
OTOH, I think this would be a great rallying point to bring together a multinational task force, or at least some headhunters under public sanction, to start going after the scum who screw people over on their networks. It's against the law for me to break into your house. If I do this, I'm liable to go to jail and/or pay a fine. IN a rational society I would also be liable to pay restitution, but that's another story.
If I break into your house and destroy everything you own, I'm liable for big trouble. If, in the process, I do things which could endanger you, I'm liable for bigger trouble.
Why isn't this true for computers and networks?
You know. I'm disappointed that /. would get this wrong. Although the content of this topic has it right, why would you then title it with "hacked" instead of "cracked"? Of all places, /. should be setting the bar by using correct terminology.
assert(expired(knowledge));
If you're a complete dumb ass, someone will call you on it. This goes for all you consultants at Mayo Clinic, and double for all you physicists down at the pole.
Your little fantasy world might be a 100m sphere, but you're mistaken if you think your world isn't interacting with the rest. And you don't even have to make the effort; things will happen with or without your consent.
Time to join the rest of the race.
[eyelash curlers] double as a lethal [emphasis mine] instrument of pain and torture [...] she was screaming in pain, bruised and bleeding...
:)
I was all jazzed up thinking I was going to get a story about how she jabbed an eyelash curler into your best friend's chest, killing him...
That reminds me of a stupid ad I saw in the paper the other day. It had, in huge letters, "7 Deadly Mistakes When Selling Your Home!!!" then talked about how you could lose thousands of dollars in the sale if you didn't do such and such..
If you're going to make exaggerations, at least make them funny!
I hold it, that a little rebellion, now and then, is a good thing. -- Thomas Jefferson
. . . welcome our new Penguin overlords!
I'm not tense. I'm just terribly, terribly, alert.
"It turns out the station was insecure 'purposely, to allow for our scientists at this remotest of locations to exchange data under difficult circumstances,' according to internal reports."
uhhh, then what exactly was "cracked"?! sounds like some scanning script-kiddie found a wide opening.. nothing more. they call that "cracked"?!
dumbasses...
"I think, therefore I get paid."
That's what is so funny. The first article insinuates that those Romanian crackers 'threaten the public investment in scientific research that benefits all mankind'. How does releasing data threaten any public investment? As a taxpayer, it does not bother me.
As for threatening the lives of the researchers there, let's hope they do not run critical systems on the network. Why would anyone put life-support systems, heating, ventilation, etc. on a network that is connected to the outside world? No, really. . . why?
The FBI should limit its work to the United States only. They can cooperate with the Romanian police from here, but not more than that. And US laws have no power in Romania or anywhere else outside this country's borders.
Put this in perspective by flipping things around. Suppose some US-based hackers infiltrated a German research facility in Argentina. Would the US allow German investigators to come here and operate like a police force? Even if they got local police or FBI cooperation? And would German federal laws have any power here in the states?
What moron connected their life-support systems to a PUBLICLY-ACCESSIBLE network??? Isolate, you fools!
Whenever you read this sig someone's refrigerator light turns on.
Yes, please can break into your house even if you have a deadbolt installed by breaking a window or something, but at least there's a reason for that. You break in, steal things, then sell them for money. Why do people insist on breaking into computer networks just to show that they are insecure? What if they don't care that they're insecure? Just leave it alone, it's not yours! If some jerk broke down my door, walked around in my house for awhile, then left, I'd still be mighty pissed, even if he didn't take anything.