Slashdot Mirror
SCO.com Defaced
A whole slew of readers wrote:"According to an Image on the SCO website they own all our code and we shall pay them all our money. (found at Heise online (german IT news). " Yes, I'm sure this will help the whole legal case; defacement has always been such a valued piece of input in court *cough*.
$ strings webinar_land2-1.jpg | head -n 3
JFIF
Ducky
Adobe
Article on NewsForge and screenshot.
Why havnt sco changed the image back yet? Theyre very slow about it. Hopefully they wont be as slow when they start doing the linux support we pay them for
the woman has written "hacked by reallock" ?? the name is slightly obscured.
i'm trying to give up sigs.
how can this be ?, an uptodate apache running on linux and yet the site is STILL defaced ? iam sure the ecommerce sites (and the repuation of OSS) that depend on nix and its "security" are most pleased with examples like this, is it any wonder buisness view linux with sceptism
Indeed. Perhaps it was orchestrated by SCO themselves. Something from their marketing department as an awareness campaign to push up their share price so that the execs can keep making money selling them. Oh it's great being on /.: tin foil hats are so de rigeur!
Instead of fingering the GNU/Linux community for alleged DDOS attacks on sco's site, and now this defacement, (I don't put any self-sabotage for seeding sympathy in potential jurors above the rat-bastards at SCO, or their employees possibly freelancing for sympathy) perhaps Joe Barr can tell us where Osama and Zarqawi are so we can wrap up the war?
And while we're on the subject, the whereabouts of Jimmy Hoffa? Was there more than one gunman in the Kennedy assassination? Are there weak keys in AES?
Anyone want to compile a list that Joe Barr can help us with?
It is a little curious that this happens the morning after Groklaw puts up the USL-UCB Regents agreement from '94. The one that SCO doesn't have a copy of. Hmmm
I am waiting for them to turn around and say:
"Just kidding!"
My personal hope is that they turn around and follow that up with:
"IBM didn't buy us, we used all our money on legal fees, we are now bankrupt, don't try to counter sue"
Curiosity was framed; ignorance killed the cat. -- Author unknown
Give them some time. In the US it's still early in the morning, after the long Thanksgiving weekend. People may be late for work this morning, or busy chatting with their coworkers on what they did on the weekend. When dremel was defaced on Halloween weekend, it took also til rather late until it was fixed.
It's always funny however, how discretely these things are fixed, with nary a word of explanation of what happened ;-) Heck, in Dremel's case, ppl were making fun of them on their own customer's chat board. These comments are still there, without any explanation by Dremel about the ... hmmm, ... "smiling" pumpkin.
While the above is a joke, there is actually some truth in it. The defacement nicely blends in with the overall color scheme, and may get overlooked by someone not specifically searching for it. Apparently, according to Heise, other parts of the defacement (the page about various companies having plagiarized the following line of SCO property: for (i = 0; i < 16; i++)) are already gone. It could indeed well be that nobody at SCO didn't notice the "enhanced" banner yet...
A lot of the new-ish graffiti showing up in San Francisco in the last 2 years is like this. They'll do really nice fonts that match the building trim. It's pretty neat.
If its a hack, they must have hacked thescogroup.com. Image here
Either SCO has been hacked on seperate web servers (thescogroup.com was put up as alternative in case of DDos), they have a script that mirrors each other, or its SCO's new motto.
Take your pick.
I kinda like it being SCO's new motto. Shows their company attitude and policy imo.
I'm a virgo and on Slashdot. Coincidence? Yes.
> 1. This doesn't hurt SCO,
I disagree. It shows to me that either Sco no longer care about thier website or that the site is owned that they can't fix it.
Which brings into question the security in SCO.
Don't think it makes Linux users look like vandals. Just because a few might be acting the maggot doesn't mean every single user is the same. If that was the case every windows user would be a script kiddie spam master.
It looks like they've restored the defaced JPEG as of 0655 PST. If you want to see what the defaced one looks like, its here on my website at
www.JoesLife.info
...is for someone to post a site collecting all of the of screen captures of SCO's hacked site: "Where were you when SCO got hacked?" There must be hundreds of fools (like me) who snagged a copy. To complete the irony, once such a site was built, SCO would then hack that site, replacing thousands of hacked screen grabs with their "Webinar" banner. Oh what a mangled web we weave ;-)
Is this sig nificant?
Yeah its wrong to do it. But its so subtle.
And in a ironic twist, its hard to tell what was changed and what is marketing speak.
for example this gem, is it real or a joke?
Learn more about how you can become a part of SCO's Marketplace Initiative and generate new direct revenues by participating in development projects with SCO's Engineers
it's either a windows user, or one of the guys from Disney
Or maybe a Gimp user that knows how to use a hex editor.
In this world nothing is certain but death, taxes and flawed car analogies.
I believe there is an Apache exploit involving a realloc() function. addict3d article
Home != place of business.
I have no idea what point you're trying to make.
When someone breaks into your house and steals your valuables it is, from their perspective, "business" and yes, that's their place of business, other people's homes.
The people upset with SCO, such as the one being answered further up the thread with the "only business" excuse believe SCO to be committing a fraud. Maybe they're wrong, go ahead and argue against them if you like, but saying "yeah, well, it's only business" is fucking stupid.
SCO has a November 30 filing deadline in the IBM case, on the IBM counterclaims. That's tomorrow. SCO has to reply to IBM's "You violated the GPL and you can't use IBM's code in Linux any more" counterclaim. This is the day SCO has to provide legal arguments to back up their "the GPL is unconstitutional/illegal/irrelevant" claim. Which they're not going to be able to do successfully. That's not the news SCO wants heavily publicized.
So the timing here is suspiciously convenient for SCO.
Inside job?
I have it on good (read, from inside Bosch Tool Co.'s web dev dept) authority that the hack of Dremel's site was related to some old, insecure code put up for rapidly adding pages to the site - complete with paths & passwords in the page comments.
Fill out the web form - and voila! Page appears on the site.
Dremel's site was recently migrated to the parent company's server farm, but apparently without any real security review.
It's your classic cautionary tale. HTML comments & "secret" backdoor admin tools will burn your butt every time.
(Postin anonymously - you *know* they're reading this site now!)
Though I do expect that how much Darl paid for his license, is covered by a draconian non disclosure agreement, preventing you from ever revealing this information or any other arbitrary information that Sco may wish you to withold for the entire rest of your life. :D
Economic Left/Right: -0.62
Social Libertarian/Authoritarian: -3.69
http://realloc.spb.ru
Patents Drive Free Software as Hurricanes Drive Construction Industry