Slashdot Mirror
Fox News' FTP Password Anyone?
An anonymous reader writes "While browsing around the Fox News website, I found that directory indexes are turned on. So, I started following the tree up, until I got to /admin. Eventually, I found my way into /admin/xml_parser/zdnet/, in which, there is a shell script. Seeing as it's a shell script, and I use Linux, I took a peek. Inside, is a username and password to an FTP. So, of course, I tried to login. The result? Epic fail on Fox's part. And seriously, what kind of password is T1me Out. This is just pathetic." It's already been changed of course, but that's still pretty amusing.
Dude, why didn't you look around for the bug that makes them misreport the news so horribly that a majority of FOX News viewers still believes Iraq was responsible for 9/11 and Saddam had WMDs when the US invaded?
"It is nice to know that the computer understands the problem. But I would like to understand it too." --Eugene Wigner
You're going to jail and slashdot is getting shut down. It's a federal offense to interfere with an official government propaganda outlet.
Enjoy your stay in gitmo!
Somehow I doubt the FBI will find it amusing.
SJW: Someone who has run out of real oppression, and has to fake it.
That's the same password to my locker!
Now the question is, was it changed by Fox or someone else.
That is all we need, months of stories how "evil hackers got into Fox network"
Followed up with "Hackers: Evil and must be stopped?" to linking hacking to Obama, a danger to your kids and finally Hackers gone wild at Spring break.
I'm not that much into security, so I hope I don't sound "pathetic", but I was wondering what's wrong with the 'T1me Out' password. I'd say all company passwords I've ever had were no harder than that, and none of them had a space in it. And honestly how many of you guys use a password like YwMCU07D?
Oh shut the fuck up, you Gentoo fanboi. If they used Gentoo, the server would still be recompiling from a kernel update six months ago. Take your Genntoo, and jam it up your ass sideways and backwards. It's 0.038% more optimized for that.
What can Fox or the police do? Will this guy be charged with some sort of crime? The password and username were freely available to anyone that actually went to the site. What are the laws in a situation like this?
That password would've been satisfactory if it was kept better.
In all fairness (do they even deserve it?), the password listed in the script is for ZDNet's FTP, not Fox. Still pretty embarrassing, but it's not going to hurt Fox at all (I imagine it could have hurt CNet/ZDNet). And it definitely could've hurt the relationship between both corporations' IT departments.
There seems to be a string of these lately between content aggregators. About a month ago there was that page on MS's site endorsing Linux. Turns out the content was from another site (I think, actually, CNet).
Not to say I'm not totally surprised. In this day when about 50% of someone's site is content from somebody else, it's not surprising there's snafus. I'm just waiting for the day when one of the sites leaves up SSH logins for another.
NOT +1 interesting. The FTP service is "Microsoft FTP Service".
I spent my morning wondering what my headline would be if I had access to change FOX's web page...impeach...hours of fun thanks for the post.
"If any question why we died, Tell them because our fathers lied."
Just because you find the key to my car lying on the street doesn't mean you can go for a joy ride.
I wonder if I use bold in my signature, people will notice my posts.
Actually, as of this post, the ftp server can still be accessed with the same username and password from the script.
Random corporation has bad security: Brief blurb about how corporations should take better care of their security infrastructure in order to make sure that leaks/intrusions don't happen. Perhaps even a person or two giving advice in the form of which files to edit and what to change.
Corporation that people don't like has bad security: Note after note about how evil the company is and that they're idiots in the highest sense.
1) The password has probably been around for awhile with no one guessing it. What exactly was wrong with it? Uppercase/lowercase/numbers, combination of multiple words, it is at least moderately strong.
2) Why the hell are you blaming Fox? You think the entire company sat in a conference room and decided on a security scheme and a password?
3) Why did this deserve front page news? Exploits like this are found on a daily basis, and ones much more humorous/interesting/newsworthy.
If it hasn't been mentioned already, it still works, but I wouldn't recommend using it.
Bingo! Never, ever, ever! NEVER store a password in plaintext in a script. Not ever. That's always a huge security issue, because you never know who is going to read the file. If you need unattended logins, there's SSH, Kerberos/GSSAPI, whatever.
My blog
"News from people fucked in the ass on a regular basis and who fear showers" jailhouse-title no different than that of today.
I'm asking if that truly is Ubuntus default or if the fuckheads at Fox changed it. I'm not saying that Gentoo is superior I'm just saying that its default is to turn it off to establish a basis of comparison since that is the Linux version I am most familiar with. Each person has their own flavor and I'm just curious if this is a security hole since I feel that if the directory tree is on by default that is a major security hole because I wouldn't want others to browse the site tree with files such as the one mentioned in the article.
"Fox News'" is incorrect pluralization. Bastards think they're Jesus.
way up!
A horse can't be sick, you know, even if he wants to.
this originated on 4chan.org's /b/ late last night (NSFW.) the shell script was a small script for uploading to a ziff-davis ftp server, it wasn't actually a fox ftp password (look at the directory name the shell script was found in, and i'm sure z-d appreciates this too.) also, there was an image directory that had directory listing turned on too. i didn't stick around long enough to see if any /b/tards found anything interesting in there, but i know an image dump was being made.
PWND!
The game.
What's wrong with using T1me Out as a password? It has everything that qualifies it to be strong: upper case, lower case, numerics, and even a special charater (space). The only possible thing I could see wrong is that it does contain a dictionary word, but other than that, it's solid.
this is too funny for troll . . . c'mon mods!
Since when does being a Socialist mean 'someone who has a different opinion than me'?
http://www.foxnews.com/admin/xml_parser/zdnet/ Apache/2.2.3 (Ubuntu) PHP/5.2.1 Server at www.foxnews.com Port 80 This is the page the author of the article said he accessed to get the shell script which he would not have gotten if the settings had the directory tree turned off and I feel is the authors point.
I dunno... should I feel pity for their webmaster or consider it natural selection that he will most likely get a "you won't find a job in this country anymore" letter?
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Talk about a crappy news day...
...to doing 'fair and balanced' journalism.
http://download.qlogic.com/api/719.981
531g h41l
FOX is nothing but their mouthpiece as it is ran by republicans.
This story is worthy of /. news? What was I expecting this morning, more tech reports/stories on technology? Silly me, instead I get some silly liberal biased non-story instead.
Dammy
Ha Ha fooled you. MY KEYBoARD IS sTuCk ON AWESOMES!
that's just what they want us to think
So you posted as anonymous to set up the joke and then post under your name to deliver the punchline?
Ladies and gentleman, the Sockpuppet Straight Man.
If instead this were the server that updates Fox News with all of Microsoft's latest FUD about Linux insecurities, then you have irony my friend.
Oh the irony!
Wait, did I just feed the intentionally-screwed-up movie quote troll?
Have you been touched by his noodly appendage?
http://www.mhall119.com
"And seriously, what kind of password is T1me Out. This is just pathetic."
:)
What's wrong with it? Uppercase, lowercase and numbers. Looks safe to me. If you had a thousand years to figure it out on your own, would have succeeded?
I would say it's safer than 'xXsa425Vff', because 'T1me Out' is easy to remember. That way, you don't have to ask your co-workers what it is in case you forget it. Plus, I'm sure they're changing the password from time to time. It's unlikely 'T2me Out', however.
Full Tilt
HA! Nice. :)
Hey, it is pulling XML feeds from a few different places, so that may very well be the case.
Shameless plug alert: Game server control panel
Aw, crap. Now there'll be another round of armchair security experts saying "You should turn off directory indexes!" and easily-led sysadmins actually doing it, and we'll have that many fewer sites where you can bypass the broken navigation to actually find things through the directory indexes.
Directory indexes, on a properly-run site, are a Good Thing and should be encouraged. They are and should be turned on by default in real httpd software. Anything secret that's accessible through a directory index would also be accessible by guessing the URL - so security has to be enforced by 403 Forbidden, not by "nobody will know the URL," anyway. Don't disable directory indexes unless you have a really good reason - and if you think you have a really good reason, especially if you think it has something to do with some kind of "security," then you're probably wrong.
A post on the newsworthiness of the main article is not off-topic. Should be modded back up.
There was over 4GB of employee data on the FTP, including username, name, email, password, address, etc.
There was a recent podcast from This American Life (hardly the bastion of conservative thought) where a (former) teenager whose job it was to spread propaganda from Saddam's government said he was afraid about what would happen when the war started because he wasn't sure whether or not his government had chemical weapons, etc. Yes, there's a difference between some teenager (even if he and his father worked for the government) and our intelligence community. Yes, fundamental flaws exist/existed in our intelligence community, partly no doubt due to our administration's tendencies to promote "yes men". Yes, there's a difference between thinking they're there and declaring that you know exactly where they are. However, I'm still going with Hanlon's razor on this one.
Ben Hocking
Need a professional organizer?
Gentoo's main optimization is a social one.
... for other reasons, and they target other people. I call it Darwinian De-selection.
Mentioning Gentoo on Slashdot is guaranteed to bring out the clueless from their cubbyholes, a very worthwhile property on a site now overrun by tech wannabes. That makes article pre-filtering very easy.
Gentoo users know what properties really matter to them, but that doesn't go on the marketting/advocacy blurb. The references to speed optimization are there
And it works just great: the Gentoo forums are almost entirely free of the clueless.
Enjoy!
I had to bring out that tired old saw. However, in all fairness, there are other explanations for that 33% figure than to blame it on Fox News. Out of politeness (to Fox News viewers), I won't go into what those explanations are... ;)
Ben Hocking
Need a professional organizer?
Ben Hocking
Need a professional organizer?
Tit's up - and outa there!
/home/linuxin/public_html/site/admin/db.php on line 50 /home/linuxin/public_html/site/admin/db.php on line 50
"mysql_pconnect() [function.mysql-pconnect]: Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (111) in
Warning: mysql_select_db(): supplied argument is not a valid MySQL-Link resource in
Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (111)"
We have meltdown - I repeat we have meltdown. Now someone get that pile of circuts and goo off the rack and get a new one in here pronto.
But, you misspelled "h31l". Just sayin'... ;)
Ben Hocking
Need a professional organizer?
T9uOL0;{
]3HUk2:w
SWg7E1K* yeah, use passwords as suggested on public domain tech sites - I add them to my dictionary scripts. If you don't like that, try one from here.
Mongrel News all the news that fits and froths
You've won an all-expenses-paid trip to a federal PMITA prison! You'll be enjoying a 1,825 night stay at an all-inclusive resort featuring a mattress, a metal toilet with a sink in it, and evening turn-down service provided by your own personal bellhop named Scar. Travel and accommodations courtesy of the US Federal Bureau of Prisons.
Mongrel News all the news that fits and froths
Hahaha, the liebral made this all up.
"While browsing around the Fox News website, I found that directory indexes are turned on"...I browse Fox website everyday but I cannot find it out. Was he really reading the news or hacking the site ?
Default your Oracle EBS with success !
Plenty of people, outside of the government and the mainstream media at least, were skeptical about the WMD claims, if only on the principle that if Bush thought it was true it had to be false.
Oh really?
On July 11, 2007, the posted an article that talked about FTP and why it's bad. But they were concerned about anonymous access. Doh.
Yawn... just another opportunity to feed the flames for all the liberals on /. Reading through all the replies that have nothing to do with the original article and just focus on bashing conservatives and the content of the stories run by the network proves my point. It's getting old guys/gals... really old.
I was once visiting the offices of a design firm that was doing some work for Disney. As far as I remember, the procedure for adding new content was:
- Email the admins (with password), requesting an upload opportunity giving detail of content and approval reference
- Admins create FTP account on a purpose-built server
- Admins send back time-sensitive FTP details
- Design company uploads to FTP server
- Committees review content, send authorization to admins
- Admins upload content.
And this was for already-approved work. Kinda puts this level of security to shame...
-1 not first post
It is simply fact that every intelligence agency on the planet thought Saddam had WMDs. The questions only concerned the state of his nuclear program. Go read Hans Blix's report to the UNSC in February, right before the invasion. Inform yourself.
And, contrary to popular myth, the evidence still supports the notion that Saddam was seeking uranium in Niger... Joe Wilson's own report said that the former Nigerian PM interpreted Iraqi overtures to "expand business relations" as a desire to purchase uranium, and the British intelligence still stands by their own independent determination to that effect--indeed, their government investigated it after the whole Wilson debacle and concluded that the claims were "well founded". In other words, simply claiming that it was "a lie", like some uber-partisan cartoon, doesn't win you any points here.
The real question about the uranium is this: Why would Iraq be looking for uranium from Niger when we found 500 tons of yellowcake that they already had laying around?
I know I don't belong on slashdot, but mod the truth up. They did have WMD, they were trying to develop WMD, and the scientists were fleecing Saddam. However, that doesn't match the I Hate George Bush mentality, so it doesn't get recognized.
Look buddy, get off your anonymous soapbox with your bullshit.The quote you refer to is attributed to various liberal sources by CONSERVATIVE spin artists, from Madeline Albright to Clinton. IT IS FAKE. IT NEVER HAPPENED.
Now for the love of God, open your damn eyes and LOOK at the world instead of having it spoon-fed to you by FAUX NEWS.
I never spellcheck and I freely admit it. Save your karma for more worthwhile "lol erorrs" replies
While your point is valid, the title of your post irks me.
So I've got a question: How, exactly, can you determine who did the modding and which were their motivations? Because, as far as I can see, there is absolutely no practical way to determine who did it and why. Therefore, I find your interpretation of it being "Left-Wing Fascists" to mod the GP off-topic somewhat doubtful.
Indeed, one would have much more reason to assume it to be "Right-Wing Fascists" - after all, while his main argument is just a rational observation (which only the insanest of the left - which doubtlessly exist - would have taken as slighting them), while his PS notes his position, making him seem left, therefore a target of right-wingers because he doesn't rally behind the president in an unconditional way but thinks for himself, recognizing an error, no matter which side makes it.
Why, then, do you get the idea that it is "Left-Wing Fascists" who did the modding? Well, I didn't want to randomly accuse people, so I read up about you (which is more than you can claim about those who did the modding). The image which resulted demonstrated impressively that you are, indeed, a "Right-Wing Fascist", projecting your own behaviour on others, perceiving them as being "on the other side".
The most interesting point is: As pointed out above, the PS makes the right mod the GP down. However, because the GP dares to criticize "the left stance" (which is why he feels the need to add the PS), you think he is on the right side (because, after all, lefties could never ever criticize themselves - which is exactly what I meant by projection), you side with him and claim that it were lefties who did the modding down.
Do you know whom this reminds me of? Not wanting to invoke Godwins law by pointing out how Hitler started the second world war, I give you the example of Operation Gladio: This NATO stay-behind-organization made, on command of the CIA, terroristic strikes in several countries, especially Europe, and blamed it on the communists.
There's also another thing of note: Here in Europe, we have a balance between left and right (though we became significantly more fascist, i.e. right, in the aftermath of 9/11). From our perspective, the Democrats and Republicans are both as far right as the fringemost right parties we have here. Thus, we can only shake our heads at your irrational fear of any hint of social responsibility, endangering your ability (not freedom, though you righties call it such) to take freedom away.
In Soviet Russia, government controls corporations.
In Capitalist America, corporations control government.
That's why I mentioned that there's a difference between said teenager and our intelligence community. Although I'd argue that it's an issue that he's a teenager and that governments like to keep secrets. (Cynicism usually increases with age.) My point was simply that I find it quite believable that people in our government (Democrats and Republicans alike) who were inclined to believe that Saddam had chemical and/or biological weapons would find it easy to believe that. Although sad, this is not the same thing as lying.
Ben Hocking
Need a professional organizer?
I have to admit that l33t sp33k hurts my spelling skillz. ;)
Ben Hocking
Need a professional organizer?
The sanctions were going to end. Whining about starving Iraqi children and all that crap.
That is why Saddam had to go.
Get it yet?
Slashdot posts a humorous story about a lame password found on a Fox News FTP site. CNN has a headline on Wal-Mart "slashing prices." No idea what Fox News has on their front page, but I bet it's something inane.
Slow news day anyone?
You make a very good point.
North Korea is also part of the "Axis of Evil". However they have WMD's and some pretty nasty long range missiles. They may not be able to strike The US, but they could devastate South Korea, Japan and Taiwan. We keep begging North Korea to please, pretty please, come to the negotiating table. No talk of invasion there.
Sadam complied with the U.N. inspections we demanded. Grudgingly but he complied. He ended his weapons programs and allowed us and our allies to control two thirds of his air space. (All of this had to be forced on him, but he complied).
So the moral of the story?
If you are an evil dictatorship, do not comply with The US and its allies. Build up your arsenal and become as powerfull and as dangerous as possible. The US only invades weaklings. The US begs for negotiations with the dangerous crackpots.
I believe Iran watched all of this unfold. The way Sadam and Iraq complied, and were rewarded with invasion. The way North Korea refused to comply and became more dangerous, and gets more and more aid on its terms.
This is why Iran has restarted its nuclear program.
Pretty good foreign policy we have, huh?
http://rapidshare.com/files/44519416/acxiom_member s_weekly_extract_2004_to_present.7z.html
training.
Every employee that works at the site needs to have proper training in information security and social engineering counter-measures.
These sound complex and technical but they are not.
what is sensitive information?
You do not store any sensitive information in any place that's not explicitly secure.
you complement your training program with mandatory password restrictions.
Linux already has these restrictions for users.
password is too short, password is based on a dictionary word, password must contain numbers and letters.
Only YOU can prevent social engineering!
They're using their grammar skills there.
So where's the pr0n?
I think you are missing the point. A few small canisters of chemicals cannot be honestly labeled "weapons of mass destruction." Maybe a tanker full of them could cause mass destruction, but the quantities found were not even capable of killing a couple soldiers. By this same token, it would be inappropriate to call a few grams of uranium a WMD.
Thus, no WMDs were found.
They got their tax legislation too, so whats your point? In case you didn't know, the Bush fortune is tied to oil. Iraq and the middle east in general are full of oil. You can only get so much through taxes. Sometimes you need to mobilize the military.
Kind Regards
"A few great minds are enough to endow humanity with monstrous power, but a few great hearts are not enough to make us w
If you are married with kids, you have some things to look forward to that you might not have had in a while...
Good square meals 3 times a day, and sex again on a regular basis.
Course that also comes with all the paperbacks you can read and a cell-mate likely named bubba.
Get your tagline off my lawn.
Training isn't enough, it's one half of what's needed. The other half is motivation: People who are entrusted to set passwords have to know what constitutes a bad password and the motivation to use a good one. An underpaid overworked disengaged employee would probably not care whether the passwords they choose are strong or weak, even with training.
I'm not saying I've never done anything like this, but I certainly wouldn't advertise the fact. I'm in Kansas, and I can tell you that Computer Trespass here is:
intentionally, and without authorization accessing or attempting to access any computer, computer system, computer network or computer software, program, documentation, data or property contained in any computer, computer system or computer network. Computer trespass is a class A nonperson misdemeanor.
I think he's got that covered squarely. He may qualify for Computer Crime, which is:
Intentionally and without authorization accessing and damaging, modifying, altering, destroying, copying, disclosing or taking possession of a computer, computer system, computer network or any other property; ...
I'm just saying I wouldn't advertise.It absolutely is a security-conscious thing to do. It's called Operational Security.
Sure, on a 'properly-run' site, that shouldn't be a problem. But can you always guarantee that sensitive or private materials won't be loaded to that site? It is a risk.
Obviously it applies less to very personal 'who cares' kinds of sites, but pretty much everything else should be data driven with deeper access controls, and maybe only enabling directory indexing explicitly on a location-by-location basis, or for certain IP ranges.
An ounce of prevention is worth a pound of cure.
why is this on slashdot (outside of someone's journal)? some of us have been doing this every day for years. I mean it's not like the old alta vista/hot bot "WS_FTP.LOG" or whatever is anything new.
Just because the door isn't locked doesn't mean you get to walk into my house and drink my beer.
It does mean I get to blow your fucking head off for drinking my beer.
I also enjoy the thread jacking that goes on here where 90% of the posts have nothing to do with the original topic and of course it just gives another reason to bash Fox, Bush, etc.
Slashdot gets old quick sometimes.
Directory listing was once a delightful part of web browsing. There is no more efficient way of finding files.
But now, one after one, sites which do not restrict directory listing are disappearing forever.
Why? Because of snotty punk assholes like "anonymous reader", who stumble upon some quasi-personal file (the same file six dozen other individuals saw but then respectfully moved on from before him) then BITCH and BLATHER about it repeatedly until everybody is made to know just how pathetically COOL HE IS for having found it.
It's called 'draining the swamp'. And for god sakes, the 'No WMDs' whining is just passé. Recap:
The course of action that was followed by Congress and the President, and popularly reaffirmed by Congressional and Presidential elections:
(1) Thug dictator threatens superpower with WMDs
(2) Superpower goes to UN
(3) UN condemns thug dictator
(4) Superpower expects thug dictator will use WMDs or give to pyschos, so Superpower squashes thug dictator.
(5) Superpower takes next few years squashing misc. thug holdouts
Your method, which was was declined:
(1) Thug dictator threatens superpower with WMDs
(2) Superpower goes to UN
(3) UN condemns thug dictator
(4) Repeat (1) four or five times while whistling Limahl tune
(5) Thug dictator tests WMD
(6) Superpower declares minimum wage for all illegal residents!
(7) Thug dictator tests another WMD
(6) Superpower declares healthcare for all illegal residents!
(8) Thug dictator invades neighbor, gives WMDs to pyschos
(6) Superpower declares Carbon Dioxide a pollutant!
(9) Pyschos step off bus in Nogales Mexico with WMDs
This is why we can't have nice things. You morons just go and tell the whole fucking world the information whenever we find these things out.
We operate relative to N Korea because the dictatory there is irrational, and so will not act in a predictable manner. It makes many actions volatile. Hussein was not irrational; mean, perhaps, but not irrational. One of the best ways for a dictator to avoid invasion is to be irrational - but you have to genuinely be irrational. If one's bluff can be figured out then you're usually twice as screwed. Generally, rational people won't act irrational, as it is destabilizing. The real tricks are when someone is generally rational, but has irrational triggers. AFAIK that was some of the root difficultly with the Cold War.
The Axis of evil is as follows:
Iraq - Saddam Hussein was a megalomaniac that needed to look powerful. That is why he refused inspection. For looks, not because he had anything. Anyway, case closed but Iraq was never really a threat after 1990 war.
North Korea - similar to Hussein's except on more national level. They are not that dangerous because they are not looking to start war. North Korea leadership needs to feel important on the world scale and hence its insistence to deal with US in bilateral way. They view themselves as equal to US. They consider Japan not only on US side, but a puppet of US hence they do not want to talk with them. They believe China is their buddy, but after the last nuclear test attempts and stern talking from China, they are now more co-operative (maybe looking at example of Libya?)
Iran - not like either of the above. Iran is guided by their religion and their own interpretation of it. This makes them very dangerous (unpredictable) because their own self interest is not their primary motivator. The leadership's primary motivator is not their self-preservation or prestige, but prestige in the name of their religion. Like Taliban, the current leaders do not view their destruction as their demise. They will most likely not attack others, but attempt to instigate an attack on them. This will allow Iran to view any aggression against Israel/US (and local allies) as justified not by international standards, but by their scripture's standards.
Iran was *always* the most dangerous of the three. Iran must not be attacked - that is what Iran's leadership wants and is aiming for. Attacking Iran will result in a major regional war and Israel will be one of its casualties.
Anyway, this is my simple, brief assessment of the "Axis of Evil".
PS. Do not forget Libya - they complied and sanctions are getting lifted. War is not the answer. Only in Afghanistan was it justified because that country did not have a functioning government anytime after the Soviets withdrew and definitely not when Kabul was taken by Taliban in late 90s.
You think we don't know Saudi Arabia is our enemy? France?
You think Bush doesn't know? (House of Saud not withstanding the average Saudi IS our enemy.)
Just because we're acting like they're our 'friends' (countries don't have friends, only allies) doesn't mean that many of our actions aren't aimed squarely at reducing their influence and/or drawing their more militant population into a meat grinder (Iraq is a tar baby to catch and kill Saudis as much as anything else IMHO). Also to reduce Wahabbists influence in the region by arranging for the Saudis to kill many of their neighbors while attacking the US military and getting themselves killed in the process.
Disarming would be stupid on many levels. Nukes kept Stalin out of western Europe. Peaceniks will never understand that, much less give credit. Nukes will force Pakistan and India to grow up and finally make peace.
John McAfee 'It was like that time I hired that Bangkok prostitute; to do my taxes, while I fucked my accountant'
Now we finally know who's behind the campaign of deliberate misinformation that's being fed through FOX news.
Damn conservative hacker kids.
It's rare that you're presented with a knob whose only two positions are Make History and Flee Your Glorious Destiny.
When there are ten pages of comments here, and I read page one, then click on page two - why the hell do I get page one all over again?
And this goes on for pages two, three, four, maybe. At some point I get a new page.
What the hell is going on with this interface?
I'm finally irritated enough to ask WHY.
Richard Steven Hack - This sig is TOO GODDAMN SHORT TO DO ANYTHING USEFUL WITH! MORONS!
I know that I will get flamed for this but it is the truth. What you've described is not "Weapons of Mass Destruction". I can claim some expertise here as I personally helped construct America's nuclear arsenal; I worked on Harpoon, Peacekeeper and the Navy Standard Missile among others.
What you've described is a sad, pathetic attempt at a weapons system (gas) that's been obsolete for nearly a century and a piece of scientific equipment (a centrifuge).
That's not WMD, by any stretch. You could release all that gas in Washington DC on a busy workday and there'd be a few dozen casualties. An equal volume of dynamite or amatol could do more damage (though in either case delivery would be extremely difficult, since placement would be critical).
I am not intending to flame you, merely to correct you. "Mass Destruction" is not something that any weapon Saddam ever possessed could inflict. He wanted to build superguns and buy nuclear technology, but was prevented from doing so long before Bush II's invasion.
This event has also been WikiNews'd , as "Fox News security hole exposes 1.5 million users' personal information".
FARK.com also reported on WikiNews's article.
I haven't laughed that hard over anything posted on slashdot in quite some time. Nicely done!
There are a bunch of problems with Fox's other sites as well. Check out Fox Searchlight. Similar issues. But you can see free pre-screenings if you figure it out. If you don't... Shame on you.
-- -- A truly great man never puts away the simplicity of a child
fox news had WMD's on their ftp but when the United Slashdot went to inspect they were denied access?
Anyone for a Fox news wiki?
*runs*
Not sure about the 'no more torture' bit.
h tm0 307.html
http://hrw.org/english/docs/2004/12/21/usint9925.
http://www.aclu.org/safefree/general/17606prs2005
The latest round of investigative files released to the American Civil Liberties Union document an ongoing pattern of widespread abuses of detainees by military forces in Iraq, and describe shootings of unarmed civilians at checkpoints, the ACLU said today.
Wow. So he/she/they happened across a web page that shows you the directory index. He/She/they followed the heirarchy till He/She/they hit the admin folder. He/She/they probably used the Linux equiv of Notepad to view the shell script, which, in turn held the password. (bfd - login scripts for an a/d environment use a similar method to automatically map drive shares. The login scripts hold the users id & password, then map the drives) Hardly elite.
He should have utilized that ftp to sneak in some real news. What a disaster that would have been.
http://www.foxnews.com/story/0,2933,290633,00.html
Bad: Fox News has mediocre web security.
Worse: The same level of security that can be easily beefed up was applied to all the MyFox websites.
STUPID: News Reporter from Los Angeles pisses off the hacker community with a bias report by interviewing cowards with dogs and curtains, losers with MySpace accounts, and Eric "eBaum" Bauman in a dark room.
ORWELLIAN: MyFox now requires a 24 hour waiting period for blog and message board posts.
Silver lining: There is always the Usenet.
The Rapture is NOT an exit strategy.