Slashdot Mirror
Greek Hackers Target CERN's LHC
Doomsayers Delight writes "The Telegraph reports that Greek hackers were able to gain momentary access to a CERN computer system of the Large Hadron Collider (LHC) while the first particles were zipping around the particle accelerator on September 10th. 'Scientists working at CERN, the organization that runs the vast smasher, were worried about what the hackers could do because they were "one step away" from the computer control system of one of the huge detectors of the machine, a vast magnet that weighs 12,500 tons, measuring around 21 meters in length and 15 meters wide/high. If they had hacked into a second computer network, they could have turned off parts of the vast detector and, said the insider, "it is hard enough to make these things work if no one is messing with it."'"
Why can anyone get to the control systems for a piece of equipment like that from the internet?
are the control systems for the collider Internet accessible? Holy smokes has nobody learned about best security practices over there?
Did you ever wake up in the morning, with a Zombie Woof behind your eyes? -- FZ
What is this, pledge week?
You mean to tell me that the builders of the LHC didn't even have the foresight to air-gap the control system? Christ; you'd think they wanted people to shut it down.
Think about it, people. This will probably be the most-attacked computer system in the world for the next month or two, most of it coming from crazed doomsayers with delusions of Saving The World (tm). An air gap is the pretty much the least you can do against something like that.
Windows updates.
Any chance they had a Trojan Horse at the ready?
[they] were worried about what the hackers could do because they were "one step away" from the computer control system of one of the huge detectors of the machine, a vast magnet that weighs 12,500 tons, measuring around 21 meters in length and 15 meters wide/high
quick, hide the 21x15 meter finger painting and the 21x15 meter refrigerator!
VLC FOR MAC IS DYING! IF YOU DEVELOP, PLEASE SAVE IT!!
So smart, and yet, so stupid.
*sigh*
Because it can be!
They were probabaly commissioned to hack the LHC by the Greek Orthadox chruch hahahah
Trying to install linux on my microwave, but keep getting a kernel panic...
but some jackasses decided to mess with things they knew nothing about.
I'll get my towel.
Work Safe Porn
Seems like a separate network and portable harddrives to move the data would have been a pretty obvious thing to do.
Then again, I've worked with academic types, and not all of them are reasonable about the slightest perception of inconvenience.
"we were so close! except a particle hit the wire and blam! there went the connection!"
"Mr. Potato Head! Back doors are not secrets!"
sigh, I hate to be pedantic here but the term they were looking for isn't hackers. It's mother fsckers.
See? See? Computer security is harder than building 27km ring with enough precision to smash single protons!
Extreme Programming - Redundant Array of Inexpensive Developers
Can't geeks just be happy for society's scientific accomplishments and not try to screw up a good thing just because it's possible? Like the guy says, it's hard enough to make these things work when everyone's working together. Assholes.
I am a geek attorney, but not your geek attorney unless you've already retained me. This is not legal advice.
I suppose to allow access to the data for all sorts of colleagues and universities and such, maybe even to the point where they can input their desired settings into the LHC, thus, access to the internet, and control over parts of LHC.
After all this is almost a "world" experiment, not just a little lab doing its own thing.
Not that it makes it excusable, but its the obvious (easiest) way to link everyone together without spending millions in a private network (which they may have to do now).
It won't be physicists that create a black hole at the LHC. It will be some idiot script kiddie from half the world away!
Colin Dean Go a year without DRM
The Earth will soon be wormholed through higher dimensions Olympus, domain of Zeus. I've never been more sure of anything in my life.
I found an interesting video feed for the system they were accessing.
http://www.cyriak.co.uk/lhc/lhc-webcams.html
Watch it for a minute, you can see the effects the hackers are having on them.
Gonzo Granzeau
"Nothing the god of biomechanics wouldn't let you into heaven for.." -Roy Batty
For one thing (leaving the whole "begging the question" mistake aside), to send absolutely mind-bogglingly large amounts of data to the Grid. The bandwidth required is massive, and they use a combination of private, dedicated links and regular Internet connections to do it.
(Read up on the LHC Grid; it's fascinating stuff!)
Why don't these wonderful human beings hack into nuclear power plants while they're at it. I'm sure that would result in some excellent "Saving the Planet" effects.
I was told I could download Spore without DRM from that IP.
I've nothing of importance to say, now go away before I taunt you with a second sig!
And I always thought the electrons did what the protons wanted them to...
Why is it that wherever progress goes, controversy follows?
The dangers of knowledge trigger emotional distress in human beings.
That's great, you hack into a system that really smart people use. At my university, you really really don't want to mess with the Physics network. There are so many people that know so much about systems, that they will mess you up. Most of the grad students there know more than the system admins. When I was a grad student, I'd have taken it as a challenge to find them and screw them over. Given the resources I had access to, I don't think it'd be all that hard.
What could have been:
Cracker1: Cool, looks like we got into the outer network, let's try the inner one.
Cracker2: OK, try this...
Cracker1: What's this program "/staff/sfalken/games/Tictacto.exe"
Cracker2: I don't know, let's try it.
Cracker1: OK.
*EARTH-SHATTERING BOOM*
God: It's the end of the world as I made it, and I feel fine.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
Given Wednesday's article on hacking industrial control machinery.
And given the number of astounded comments, I'm guessing no one else read it.
Why have it connected to the internet? Because the people who design the machinery for these things aren't IT, they are engineers. They don't think they NEED to worry about security. And when they do, it's physical, not electronic.
Wasn't the first go around of the internet being designed almost completely without any thought towards security a lesson to anyone? Haven't the warnings about how easy it would be to take down our whole electric grid due to the crappy security soaked into anyone's head?
This isn't exceptional, this is the norm.
I don't know who you guys are, but stop this shit, seriously.
We don't need a Mark Chapman of the geek world.
perhaps a beam of antiprotons pointed at athens will solve the problem
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
Yes, earth-shattering booms can be expected when you try to run a DOS EXE on a 25-year-old Unix box.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
Oh come on guys, gives us a break..
this thing is generating PETABYTES of data daily (hourly maybe). HUGE amounts of data. Not a few gigs of porn you can backup on a USB harddisk. If there was an "air gap" you would need a team of 1000 trained monkeys running back and forth with harddisks trying to keep up.
Plus on the control site as has already been mentioned. Scientists from all over the world will be monitoring the systems and inputting commands. It needs a net connection to be useful.
Part of the greater conspiracy to deny access to Earth, by bringing down the measures that keep the equipment in check.
I believe this will be also be known, briefly, as the Singularity of Death attack.
Just wondering if they used a trojan to gain access.
Sneaky Greeks.
We're suppose to trust that the LHC is perfectly safe ... but the same guys telling us this thought it was a good idea to make the controls accessible via the web?
When the first black hole is created and becomes stable because it's not subject to the same gravitational and environmental instabilities as the SURFACE OF THE SUN... somehow "I told you so" isn't going to seem enough.
Geeze... even in the cheesiest sci-fi novel, they make scientists perform these cool experiments outside the orbit of pluto.
What's up with this box everyone has to think inside of or outside of? Why does there have to be a box?
Raises, not begs.
Beware of Greeks bearing laptops.
James Gillies, spokesman for Cern. "It was quickly detected."
"We have several levels of network, a general access network and a much tighter network for sensitive things that operate the LHC," said Gillies.
LHC produces 15 Petabytes of data annually, to be analyzed around the world on over 150 Grid networks.
Think about that for a minute... I know you can.
How many hard drives is that?
http://www.sciam.com/article.cfm?id=how-lhc-may-change-internet
cause they are gonna get bent over for this one.
I know, they went in the via the back door
.. was CERN doing with these machines open to the outside _at all?_
What kind of idiot decided it would be a good idea to hook up that network to the outside world? Are they anticipating researchers waking up at 1am and thinking "hey, I want to run one more experiment from home before I go to bed..."?
Their internal network ought to be completely physically segregated, and results transferred via sneaker-net. Anything else is just inviting outsiders to break in and play with really large magnets and particle guns. It's no different than them securing the entry doors with those plastic child-proof doorknob covers... If the door exists, someone is going to look for a way through. Simple answer - don't provide ANY connection between the outside world and the control network. *duh*
Maybe we really *should* be taking out black-hole insurance...?
Let them destroy the world on their own...would you?
This is such a shame that people are so scared of this thing that they'll go this far. Maybe the reason it's so easy to convince people to be afraid of this thing is because it's so damn big, and I suspect that it being in a foreign country(ies) has a sour effect on some people. However, some people I've spoken with about it aren't even aware it's on the other side of the planet, one person thought it was in California.
This tool may solve some of the most incredible mysteries of our universe (and bring up more interesting questions), but I feel some terrible and tragic emotion that I know that, no matter how revolutionary the results may or may not be, ignorance is a powerful and destructive force.
I am damn near wishing the LHC destroys us all despite having no doubt that it won't, Humanity is really starting to disappoint me.
I used to not care about anything, even 9/11 didn't phase me, but the changes I've had in my life has taught me to respect life and individuals, but it's also given me insight into the nature of conflict in people.
The values people have are so different, and it's those differences that shape some of the best things in the world, but the people who lack values that's becoming distasteful.
What did these pricks think would happen? Oh, they upset some work. For a multibillion project like this, it's going to take big, intentional explosions and a lot of mindless people to stop it.
That's just me wishing for the strength of the project, though. I really will shed some tears if only a few squeaky wheels can halt the LHC in it's tracks.
"Most people, I think, don't even know what a rootkit is, so why should they care about it?"
Wondering why the LHC is connected to the Internet 'at all'...
Why was the Web even developed? Why was HTTP even thought of? Why was a graphical browser of any interest?
CERN. Ask Mr. Berners-Lee. And then contemplate the irony of wondering this at all.
Sadly, it looks like CERN needs to work on the security more, but hey, that's in the spirit of the World-Wide Wild Web, eh?
deleting the extra space after periods so i can stay relevant, yeah.
Please, can we stop the fucking hysteria over the LHC?
My girlfriend called me wednesday in hysterics because some ignorant bastard told her the world was ending. I explained to her that it's fine, and she's fine now, but for christ's sake, can these idiots perpetuating this fud just either a) shut the fuck or b) learn the facts?
I'm so sick of this...
Show this to your friends and family that don't know what a real hacker is
You want to make a black hole to suck up the earth? How about a nice game of chess instead?
Kwisatz Haderach
Sell the spice to CHOAM
This Mahdi took Shaddam's Throne
How can we be sure they were Greek hackers? What if they were agents of the TechnoCore "performing experiments on farcasters" while pretending to be Greek hackers? <_<
http://www.sciam.com/article.cfm?id=how-lhc-may-change-internet The LHC produces 15 Petabytes of data each year, analyzed at hundreds of centres around the world. Are you going to suggest (as some genius did below) that they copy the data to 15,000 x 1Tb drives, and then fedex it around the world?
The more you know, the more you know you don't know.
Ross Denton: Hello, hello, I'm Ross Denton, head of public relations for the Two Mile nuclear facility. First, I'd like to welcome all members off the press to Two Mile Island. I hope you enjoy your stay here and that you'll come back again real soon. Now, there will be box lunches at air cooling tower #1 after the briefing, and later the buses will take you back to the motel for a special screening of the Jane Fonda film, "Barbarella".
Male Reporter #1: What about the accident here at the plant?
Ross Denton: That what? Oh yes, yes, the accident. Uh, let me give you a little uh, technical, uh, background here. [ shows a diagram of a nuclear reactor pointing to nuclear energy, pointing to a toaster. ] This is a nuclear reactor. Now, the nuclear fuel here is used to generate energy here, which is sent to your homes to make toast.
Male Reporter #2: But what about the accident?
Ross Denton: I was getting to that. Sometime yesterday afternoon we experienced what we like to call a surprise. And, well, we had to release some radioactive steam.
Female Reporter #1: Well, how much radiation are we being exposed to right now?
Ross Denton: Well, I'm sure all of us here have been to the doctor and had our chest x-ray, haven't we? Well, it's just like that, only it's as if the doctor had to give you the chest x-ray over, and over, and over again. Or, it's like falling asleep under a sun lamp for a week or two! Or, it's like drying your hair in a microwave oven! And to give you some idea of how little danger there actually is, President Carter will be here tomorrow. Now, gentlemen, I'm sorry, I'm sorry. Yes, I'm sorry I have to cut this press conference short, but now I'd like to hand the stage over to the Two Mile players! They're a pro-nuclear mime troope, and they're going to perform a little skit for you, kids!
*** Ross Denton: Good afternoon, good afternoon, ladies and gentleman of the press. First, as to the president's condition, let me say that the president is feeling certainly "stronger" than he's ever felt. And he would like to be with us right here, in this room if he could. I think now I'll just open the door to questions-
Female Reporter #1: Yes, is it true that the president is 100 feet tall?
Ross Denton: Nooooo! Absolutely not!
Male reporter #3: Is the president 90 feet tall?
Ross Denton: No comment.
Slashdot "libertarians": Small government for me, big government for those I disagree with. -1, I disagree with you
I am surprised such systems are directly connected to the Internet at all. Why does a particle collider need internet access?
With it seems every computer system on the planet hackable, one wonders how we got to this situation. Perhaps it is due to the overuse of C rather than better protected languages like Perl or Ruby for instance, and thus buffer overruns
If they had hacked into a second computer network, they could have turned off parts of the vast detector
So, the only reason they didn't end the world was the flip of a coin in picking which computer to hack?
If our elected representatives no longer represent us, do we still live in a Democracy?
Combine!
Srsly u guys. U guys, srsly.
I bet one guy is all like,
"We are the saviors of humanity. It is our destiny to stop the LHC from colliding the first particles. This is not just about access, but about truth and justice and destiny. That machine may cause a black hole. This is the final battle."
And then the other guy is all like,
"Keanu Reeves, wtf are you doing here? lol n00b."
That their IT security team "sucks bosons."
The LHC was in perfect balance until protesters fearing an Earth eating black hole hacked in and sabotaged it while it was running. Now, we're facing an Earth eating black hole. It's been a nice ride folks...
Because they create so much data from the experiments that they can't keep it in-house. Heck they even have to filter the results on the spot, then send that out to different universities just to 'keep' a fraction of the data. the numbers involved are mind-boggling....
My Sig Sucks
im liberal and geeky and whatnot, however i cant tolerate any piece of shit messing with the most important experiment that is ever conceived.
i do not see those fucktards as members of internet community, or any hat color hacker community.
lets get to their personal data and make their lives a mess.
Read radical news here
Headline in 2 years..
Do the crazy eco freaks know no bound? They are out of control!!!
What?
This is the same situation as important government computers being attacked, what were they thinking connecting crucial systems to the internet in the first place?
Tons of people have already pointed out the silliness of having the control system on a publicly accessible computer. With some decent counterarguments, I can still clearly state that they're doing it wrong!"
"People who do stupid things with hazardous materials often die." -- Jim Davidson on alt.folklore.urban
Why would a system this powerful be connected and accessible from the internet???
http://xkcd.com/401/
Name...That...Autocomplete!
Ok, so we have a super hadron particle collider creating mini "big bangs" for idiotic scientists to examine where "everything" started from that can be broken into over the internet. And some idiots are thinking it's cool to break into this and potentially create, what? A mini black hole vortex that starts sucking up Europe and then Asia and makes it away across the planet until finally around 2012 (January they say if you read some of those history books) there's nice soft "Pop!" and Hackers, not terrorists, not Nukes or the Russians or Chinese or Americans, not Iran, not Iraq, not Osama, not Obama, not Palin nor Putin nor McCain nor Rhasputin manages to do what no one could do before and never will again, start a new chapter in the Universe called "The Little Bang" Theory. Wonder if CERN is using Macs or PCs?
Dr Evil is at work with the Russian Dark Security Market to hold the world to ransom for One Hundred Beelion Dollars!
(Or it's just a large hardon again.)
http://rocknerd.co.uk
So green they want to ruin the research... seems so typical
Whoa.
"Most people, I think, don't even know what a rootkit is, so why should they care about it?"
By manual entry, copying this data across the air gap (120wpm) would take:
15,000,000,000,000,000 characters /(120 words/minute * 6 characters/word) = 4*10^7 years.
Even passing that back and forth on hard drives means shutting about (15Pb/365/24 = ) 1.7 Terabytes per hour. (24 hours a day.)
At some point, you have to admit that just connecting this thing to the internet and securing it is the right thing to do.
The more you know, the more you know you don't know.
Yes, sending the data is very important, however I am sure that the sensors used to collect university data are not the same sensors that are used by the control system. Do what-ever you want with the data-collection sensors, but DO NOT connect the bloody control system to the internet. If an airplane can keep the entertainment system separate from the control system, I'm sure the greatest minds in the world can do the same.
yes, yes, I remember the airplane story, no need to bring that up...
Maybe if IBM had been in the LHC business rather than the computer business in the 70s, they'd have been right to dismiss the personal LHC in favor one or two LHCs worldwide that everyone uses.
or somesuch.
"If still these truths be held to be
Self evident."
-Edna St. Vincent Millay
The Greeks were only bearing gifts. Oh wait... never mind.
Say hello to my little sig.
why are u trying to hack the doomsday machine??!? if u access one wrong file, that'll be the end of the world. do not hack the gibson!
remember: everything PhDs do is art. everything. including using their alma mater's mascot name as their password. art, i tell you!
"If still these truths be held to be
Self evident."
-Edna St. Vincent Millay
Why is the control system online? Sure, the output data should be, and maybe some pre-run input parameters, but NOT the fundamental ring/ magnet control system. Sheesh.
Grid computing for data analysis and control system *should be* two different things.
we want one interface. for each interface i find on this LHC, i will kill you.
"If still these truths be held to be
Self evident."
-Edna St. Vincent Millay
It is many zeros with an 1 in the beginning.
Patents Drive Free Software as Hurricanes Drive Construction Industry
Because the experts on each experiments cannot be running LHC 24/7.
Most of the times, each experiments are operated by small shift crews. When they see a problem that they cannot solve themselves, they would call the expert on that particular system.
Then, the expert would remote login and make the adjustments necessary. Therefore, the Internet connectivity is important.
At least it's not a deadbeat, providing only some DNA for the question. It's doing the right thing and staying around to raise it.
APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
PROTONS!
I thought they were pr0nons! Now you see why I had to be on the web and then my mother-in-law sent me this greeting card with an animated snowglobe, but then this pop-up window said that I had some malware, so I had to download the cleaner and...
SL is based off of Redhat?? I think so. Maybe the hacksters got in with that latest secret exploit?
Be afraid, be very afraid....
(That said the LHC has already led to the discovery of a new subatomic particle that is related to the transmission of fear. Scientists have called this new particle the Cern-Phobic Particle
http://begthequestion.info/
"If still these truths be held to be
Self evident."
-Edna St. Vincent Millay
Oh, cool, they get to remote control the LHC, with webcam and everything?
Don't think so. Experiments involving the LHC probably require quite a bit of preparation and I doubt they can be pulled off without hands-on assistance by the on-site technicians ("Plug it in, Bob!").
Thus my conclusion would be that someone simply didn't do his homework with regard to network security here.
There is no excuse for connecting the controlling terminal of a billion dollar device to the internet. If that really was the case then someone should be fired and banned from his profession for life. TFA lacks details in terms of "what could have happened" but I think it's not too far fetched to assume that at least some very expensive gear could have been damaged (or decalibrated) by futzing a few knobs to eleven.
And no, there is no sane reason why any remote site needs any kind of access to the LHC controls. It's not that hard to setup a true one-way datapath for exporting results to universities and such. If some experiments require near realtime adjustments to the LHC settings then that could (and should) be wrapped up in a very limited, temporary interface.
Confucius Say "large toroidal machine always have security hole in middle."
Fascism trolls keeping me up every night. When I starts a preachin', he HITS ME WITH HIS REICH!
If you think there's bugs in the security, you are able to fix it. That's the brilliant thing about Open Source. We don't have to just complain, we can actually send them the necessary patches. Now, the lack of publicity regarding the source is a concern. If Arthur Dent found getting the demolition plans for his house was bad, the notices regarding what software is available and where from are even worse.
They've had TWENTY YEARS to circulate the designs, prototypes and implementations. Yes, there are fewer software engineers interested in high-energy physics than there are software engineers into bomb-proofing OpenBSD, but if you don't tell any of them what's out there, it wouldn't matter if it was one coder or a million. You can't fix what you don't know exists to fix.
These control systems are mission-critical. The particle stream can't do "extensive" damage, but it can write-off the magnets, and those are multi-million-dollar toys. It could also shut down the accelerator for years, if a hacker goes drilling holes in the mountainside. (The hole would be small, but politicians aren't interested in paying for high-energy landscaping, and CERN isn't infinitely rich.)
Ignoring for a moment that the front-line defenses should have kept intruders out (though I'll bet that they're not using IPSec VPNs, they've got firewall holes for rsh and rlogin, and use .hosts files everywhere), the bulk of grid-enabled software these days can use Kerberos V or SAML 2.0 for security. They're probably not doing anything remotely that's time-critical so an in-line active intrusion detection and countermeasures system (there's plenty of them) could have been installed. Those cost a damn sight less than the detector array.
Since they were worried about someone getting onto an internal network, they must also believe that shell access was possible, so this isn't simply a matter of someone being able to ping a machine or SNMP query a server. This was a case of CERN violating some very serious standard protocols for ensuring code safety and system safety.
The "open secret" mentality, though, is probably the most dangerous part, though. By making the source available but not telling anyone, it is most available to those of malicious intent. Obscurity is not security, guys! That includes obscuring your announcements, it's not confined to merely obscuring the code itself. If you're going to release source (which is a Good Thing), you want to broadcast that fact to as WIDE an audience as possible. (In fact, if it's network-related, WIDE would be a good place to start announcing.) Get ALL the eyes you possibly can onto that code, for a comprehensive, rigorous audit. And if you're worried you can't get enough eyes, use static code checkers and test harnesses. Bet you anything none of the coders for the LHC have been using such resources beyond a superficial level, if at all.
All in all, I am impressed by the fact that the code is out there, and can be fixed, but I am NOT impressed with the secrecy mentality that created this utterly unnecessary security fiasco. If I'd wanted my tax money to go into security holes, I'd have paid Group Four to build the LHC. I want INTELLIGENT people to be doing the work.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
Without RTFA why would this be even on the public net? Inside job?
Get up!
Well, probably technically impossible, but still tempting.
That's all they are. Useless attention whores. Find out who they are and put them down like the rabid weasels they are.
Bow to my might! Tremble before my awesome power, for I can move a 100GB drive with my bare hands.
When our name is on the back of your car, we're behind you all the way!
Since this article is about CMS and is tagged half life... http://www.youtube.com/watch?v=CoMhD24wzbg A lonely walk through the CMS cavern
Actually, they accelerate a shit load of protons, and direct the streams into each other.
It would be impossible to get a collision if you just had one going each direction.
Seems CERN could use someone who's got a bit of experience with this interweb thingy. They're in switzerland, right - didn't this Tim Berners-Lee guy live there by any chance?
If you're interested to know, the text the hackers left is a childish rant against others that they claim pretend to be l33t but are not unlike them. Pretty stereotypical hacker/cracker message since the dawn of machines. Probably every hacking group in history has written such a message claiming superiority over lazy, unskilled pretenders. It actually has nothing to do with the LHC. The only reason they hacked this site was because as they state was going to be popular, thus a good place to advertise their rant and group.
lurk less.
A horse can't be sick, you know, even if he wants to.
Greek Hackers? What is this, Revenge of the Jocks?
I agree 100%. This is one of the largest and most expensive scientific endeavors in human history, capable of providing answers to some of the greatest questions in science. This thing has taken over twenty years, billions of dollars and countless man hours to design, build and prepare for these experiments. The LAST thing we need are you jackholes screwing it up.
"Who modded this informative? Whoever it is must've been smokin' some of that martian pot!"
After the WWW began, very shortly after, in its current form there was a site that I could visit. I have long since forgotten the name of the site or even the college where it was based at.
Basically you could go there and chuck a snowball using a robotic arm and your browser. (Netscape at the time as I recall.) These were lab workers that you could toss 'em at.
I never actually hit anyone with one because (my excuse at any rate) the latency was awful and those days meant that I had just a 14.4 modem as I recall.
I am not actually sure what that has to do with the topic at hand but when you mentioned people being able to remotely control the LHC that is what it reminded me of.
"So long and thanks for all the fish."
May I be the first to point out the eye-scratching grammatical error in the greek hacker team's splash screen: it should be "ÎÎνÎÏαÎ", not "ÎÎνÎÏÎ". awful.
I just KNEW these damned Greek Aristotelians with their 4-elements theories wouldn't let it go.
2300 years later and they STILL carry a grudge against atomic theories.
Can't you just let it go guys? We're not made up out of earth, wind, fire and air. Not even if you succeed at blowing the LHC to Hades.
Because if they do jack around with the thing and cause it to malfunction some how they could end up causing the very thing they try to stop. Ah well, that would suck for them and us.
~~ Behold the flying cow with a rail gun! ~~
my guess is they have people working remotely, probably worldwide, and do not have a high enough security process in place.
I don't know if anyone has pointed this out yet, but if so, it bears saying again: the control system in question belongs to the CMS detector, not to the LHC. These are two entirely different beasts.
Legalize it.
A quick translation (just for the record):
10/09/08 03:00
At this moment, an experiment is being attempted at CERN.
The reason we selected this page is in order to remind you of a few things. It hasn't been done because of some personal rivalry with the CERN admin team but purely based on the large amount of traffic that this particular web site will have in the next 24 hours because of the experiment.
A few details from the database:
... :)
The ** have been used so as not to compromise people we have nothing against
As we wrote in our introduction we do not intend to break the system or destroy the site... our purpose is to demonstrate our active reaction to many of the members of the "active???" GHS [Greek Hacker S...??] which has become very full of itself without contributing anything ...
Pointless cliques form to merely squabble verbally or to ban from irc channels individuals which are not considered (by themselves and their lackeys) worthy of their knowledge and image.
Others... the "scene's" 1337 [leet], know only how to talk and chat and don't actually do anything since their leaning is towards gossip...but as far as "security" is concerned... what is this?? We are 2600... don't mess with us.
Ignorant and up themselves!
Stop blowing hot air up your asses and sucking up and take hold of a keyboard! But of course, criticizing is easy, especially when you are surrounded by 20year old silly skiddies [script kiddies?] twittering "2600" - "2600". Get stuck into insomnia.gr and start scorning us with your best scowls... simply know that even there you will find GST's tag.
We are everywhere... because unlike you, we don't spend our nights writing rhymes and rapping in the hood... nor do we make fun of that which we ourselves cannot achieve...
We are not making laughing stocks of you because we want to see you running around like headless chickens with your pants down looking for somewhere to hide but simply because we are not like you. You should have expected this response when you ridiculed things which you yourselves had not thought to do... but we've concerned ourselves far too long with a bunch of schoolkids who learnt hacking from Hollywood movies and the stupid American culture of the neo-geek who spends his time reading hacking magazines while trying to crack his girlfriend's email to see if she's cheating on him, and who's dual booting linux just to impress his friends who also read neo-hack-mania magazines..
The entire greek network has holes in it... some of the biggest government sites don't even know the definition of the word security...
they get incompetent companies to do the design...
Satisfying political favours can't give you security
We are everywhere...
We salute the true amateurs and lovers of computer tech. A few of the old school who got sick and tired not of the art but of the egos of the "specialists" in the field! And the new generation who without saying much put their heads down to work because they are only concerned with gaining knowledge and nothing else!!
Greek Security Team
"a vast magnet that weighs 12,500 tons, measuring around 21 meters in length and 15 meters wide/high"
Those quantities describe the Compact Muon Solenoid (CMS) detector. It contains the world's largest solenoid, 6 m in diameter and can create a 4 Tesla field.
Being Greek, I can actualy read the notice left behind by the team responsible for the hack.
It seems that the hack was done in order to prove a point to a rival team of self proclaimed "hackers" residing on one of the Greek IRC networks.
They chose the CERN website due to the fact that it had risen in popularity recently & the message clearly states that they were only interested in gaining access to prove a point & that they have no issues or reason to cause harm to the CERN team or any of their infastructure.
A large portion of the message they left behind is directed towards the "1337 / haxor" crowd who spend most of their time on chat networks spreading false claims to fame - without any real hacking knowledge whatsoever.
Interesting way to prove a point! :)
I worked on a secure Air Force system with similar security requirements. The secure data analysis system was locked in a steel vault with armed soldiers, alarms, and likely more stuff I had no need to know about, but had a high bandwidth mainframe channel to the outside world - that was "one way" (into the vault). The reverse handshaking data needed for reliable transfer was strictly limited. I could take any sort of media into the vault for my job - but had to leave it all there when I left. (There was a secure disposal detail that I never got to see.)
The LHC is in a similar security situation, except the one way bus should go *out* of the control computers. But I guess data has to go *in* to setup the experiments, so that makes things more difficult.
It looks like this was not a malicious attack. From what I read (I'm greek), they did not do any damage, and they fixed a serous bug :-)
More details here: http://vrypan.net/log/2008/09/13/hackers-attack-lhc-some-more-details/
logical first step... dont allow any of this to be accessed via the internet...
portfolio
"If they had hacked into a second computer network, they could have turned off parts of the vast detector "
"We have several levels of network, a general access network and a much tighter network for sensitive things that operate the LHC," said Gillies.
Basically they defaced a web page which is hosted on a server which is nothing to do with the LHC control network. Haven't we had enough ridiculous LHC scare stories yet?
"Physics is to math as sex is to masturbation." -R. Feynman
Wouldn't a VPN tunnel type of connection solve this problem? They wouldn't need secured leased lines then. SSH FTW!
JUMP JUMP JUMP JUMP JUMP JUMP JUMP JUMP IRRIGATE
Umm I donno... one way data diode??
~AC
If they didn't want the collider penetrated, then why make it look like a vagina?
Say hello to my little sig.
And they determined the hackers were greek, because they left the quote, 'Veni, Vidi, Vici'.
Comment removed based on user account deletion
no one is on that planet yet right?
... this stuff writes itself.
"You need to make sure there aren't any backdoors left open - they leave systems extremely vulnerable to the Greek 'brute force' approach."
(All systems love anal - some of them just don't know it yet.)
By the time you finish reading this sentence will end.
Those science types are big on open source, so what better way than to open up big matter sucking openings and allowing everyone equal access to the ability to destroy all life on Earth? I mean let's be fair haven't you ever wanted to open up a black hole under someone? Don't you ever get the need to just wipe out existence and start over?
Maybe they can add a teleporter to the collider so we can create black holes there and send them elsewhere?
what the fuck. Now they risk some hackers hacking into that shit and fuck up the world. How could they not think about that shit before they made this potential earth destroyer.
GST
GREEK SECURITY TEAM
10/09/08 03:00
At this time, an experiment is taking place at CERN.
The reason we chose [to hack] this site, is to remind you of a few things. This is not done because of any personal conflict between us and the CERN management team, but because of the high traffic which this site will experience within the next 24 hours, due to the experiment.
Some items from the database:
USERNAME USER_ID CREATED ..etc...etc....
SYS 0 2008-02-18 16:19:25.0
SYSTEM 5 2008-02-18 16:19:25.0
OUTLN 11 2008-02-18 16:19:28.0
DIP 19 2008-02-18 16:21:17.0
TSMSYS 21 2008-02-18 16:23:27.0
DBSNMP 24 2008-02-18 16:24:25.0
WMSYS 25 2008-02-18 16:24:53.0
EXFSYS 34 2008-02-18 16:27:55.0
XDB 35 2008-02-18 16:28:04.0
PDB_ADMIN 46 2008-02-18 17:26:32.0
GLEGE 49 2008-02-19 10:13:07.0
PDBMON 45 2008-02-18 17:25:24.0
BALYS 44 2008-02-18 17:25:24.0
USERMON 48 2008-02-18 17:69:26.0
Some emails :
burk**t@fnal.gov
zr**n@fnal.gov
The ** were used not to expose people whom we have nothing to blame for :)
As we wrote in preface, our purpose is not to disrupt the system or destroy the site ... our purpose is to show our reaction to many member of the "active???" GHS, which has become arrogant without producing ...
Stupid factions are created just to verbally bully and excluse, from IRC channels, persons
that are not considered (by themselves and their minions) worthy of their knowledge and image.
Some others .. the 1337 of the "scene" do nothing but chat and drink coffe, but they do not act, since all they are inclined to do is gossip ... but when it comes to "security" ... what's that? we are 2700 .. dont mess with us.
LAMERS AND SHOWOFFS!!
Stop drooling and ass-kissing, and grab a keyboard! But of course, critisizing is easy, especially when you are around a bunch of 20 year-old stupid skiddies chanting "2600" - "2600". Go to insomnia.gr and start burying with your best shovel .. even so, it will bare the seal of GST.
We are everywhere... because unlike you, we do not spend our nights writting verses or "rapping" in squares ... nor mocking what we cannot touch ...
We will not take your pants off because we don't want to see you running panicked and naked, trying to hide, simply because we are not like you. You should have expected this, when you were mocking things which you never thought of doing ... but enough time spent with a bunch of schoolboys who've learned hacking through
Hollywood movies and the dumb American culture of neo-geek who reads magasines about hacking while trying to break into his girlfriend's email to see if she is cheating on him, and has linux dual boot just to awe his friends who, too, read neo-hack-mania magasines. .
The whole Greek internet is full of wholes .. some of the largest govenrmental sites know nothing about the term security,
since they assign design to lame companies...
THERE IS NO SECURITY THROUGH FAVORITISM
We salute the true amateurs and lovers of the art of computers. Old people who gave up
because they got bored and tired not with this art, but with the complex of those "experts" in the area!! And the younger ones who without much talk work with the head bowed because they only care about knowledge and nothing else!!
Dear CERN admins, we have pached the serious BUG which your site had, to avoid turning it into a Dork and have it decafed everyday with the bullshit of every wannabe hacker.
Do not search for us.. We will find you... very soon !!!!
Thnx Mr Server [lxplus.cern.ch]
_GreekSecurityTeam_ - [.GST.]
Hi there,
I'm greek and here's a summary of what the hacked page contains:
They did it to shut the mouths of some people who thought they were incompetent. They have nothing against the CERN team and what they do, they just wanted a high-profile page. ("Like we wrote, we have no intention of damaging the system or ruining the site ... our intention is to demonstrate (a) practical response to some "active" members of the GHS who have their noses stuck to the roof without contributing anything")
The main body contains messages to ppl who call them names and prefer style to substance. They salute true amateurs (hackers I presume) and all fellow geeks and some old hats that quit because they got tired of all the 1337ness of the "field experts". They also salute all the young ppl who -without much talking- put their head down to work, because what they care about is knowledge and only that.
The last line is translated as is:
Dear admins at CERN, we closed a very serious BUG that your page had so that it does not become a DORK and you become defaced every single day by the (stupid) actions of every wannabe hacker. Don't look for us, we'll find you real soon.
I'm no longer fed up with MS Windows: I go rid of them
At least they had time for MCing instead of watching out security :)
http://www.engadget.com/2008/08/08/cern-rap-video-about-the-large-hadron-collider-creates-a-black-h/
You're such a masturbating monkey ...
Will someone please tell me why a system used to control the LHC is connected to the outside world?
"While we wait for it to warm up, lets raid Molten Core!"
Truth, Just Us, And Hatred For All Mankind!
The ssh console has the autocompletion on 'tab', right?
I'm Greek, so let me state a few things: From the screenshot here http://www.telegraph.co.uk/earth/graphics/2008/09/12/scicern212_big.gif it is more than clear that they are Greeks due to various references to their beliefs about certain "trends" and websites. The also state that they had no intention of causing any real trouble (Notice the **'s at the mails etc) and that they were only there to warn the admins as the site was going to get a lot more popular the following days. After an awful lot of babbling, in the end of the message, they also state that they _fixed a bug_ that could enable all the wannabes to deface the site. PS: It's 1AM here so I'm really sorry for not being able to read all the comments that have been made so far.
Why in the hell is something like this linked to the internet are they crazy? Thats just stupid from a security stand point to have the control computers linked to the internet now days it's not like how it was in the 70s and 80s. If I was running the program I would so fire the person who setup the computers as that was a colossal f--k up bigger then the LHC it's self.
I wonder if that is what *really* happened to Gordon Freeman's experiment?