SCO Group Web Site Attacked Again 564
FreeLinux writes "With not much SCO news today, it seemed that this story was needed - Reuters is reporting that, SCO is again suffering under a DDoS attack that has crippled their web site and email system since Wednesday morning. For the third time this year, the SCO Group's Web site came under attack, apparently by hackers unhappy with the company's legal threats against users of the Linux operating system. The denial-of-service attack started at 6:20 a.m. EST Wednesday and continued through the day, said Blake Stowell, spokesman for the Lindon-based company."
Come on guys... (Score:2, Insightful)
Kinda Sad... (Score:2, Insightful)
C'mon, /., check with the source next time! (Score:5, Insightful)
Folks, if it's a SCO story, check with Groklaw before passing judgment. For every bit of FUD coming out of Linden, a blast of anti-FUD is lobbied back.
Re:bad image (Score:3, Insightful)
I mean, what the hell is " apparently by hackers unhappy with the company's legal threats against users of the Linux operating system" supposed to mean? I think that is a dangerous assumption. After all, it is probably Windows machines that are the 'bots, right?
Re:Come on guys... (Score:5, Insightful)
Re:Come on guys... (Score:5, Insightful)
Look at what the use of the law did for the abuse of monopoly power by MS. It was a slap on the wrist for MS and their continued monopolistic practices.
Sad state of affairs in general (Score:5, Insightful)
I find it quite sad that our community has to loudly distance itself from supposed DDoS attacks and such against SCO while SCO makes a total mockery of the legal system and justice in general with their current campaign. For those who may not have noticed some earlier posts, discussion on Groklaw has brought up the possibility that this isn't a DDoS, but either just idiotic network admins on SCO's part, or perhaps even an intentional takedown to *cough* allow for a nice bit of publicity on their part. Whatever the true case is (and I'm not advocating any as the real one, I'll leave that for others to decide), SCO has certainly scored some nice negative publicity towards the OSS crowd, even if the DDoS is real and the attackers have nothing to do with OSS.
IIRC there was an earlier supposed DDoS against SCO's servers that turned out to be that the servers were just down.
In any case, it's nice to see the /. crowd (as always) advocating fair play and not using vigilante justice. Too bad SCO doesn't seem to believe in the fair play bit.
Editors, please RTFA (Score:5, Insightful)
From the article header:
For the third time this year, the SCO Group's Web site came under attack, apparently by hackers unhappy with the company's legal threats against users of the Linux operating system.Where in the article did it say this? I certainly can't find it.
Slashdot editors might want to RTFA before approving a post. The submitter of this one got a wee bit overzealous.
SCO and the powers behind it... (Score:3, Insightful)
One can almost feel the power of the ring at work....
Re:It's not even a very good hoax (Score:5, Insightful)
Re:Perhaps Further Evidence... (Score:5, Insightful)
That is interesting. Perhaps you should email pj? I'd definately go mention this over on groklaw, and give as much detail about where you work as you are comfortable doing.
If they are lying about this, this would play into Red Hat and IBM's suits/coutersuits very well. I mean, we all know they lie to the press all the time, but something like this is just over the top.
suspect (Score:5, Insightful)
It is a crock of shit and it stinks. (Score:5, Insightful)
I've been folowing this story all day and the last thing I expected to see on /. was a regurgitation of "facts" with a 'questionable heritage'.
Several sites (groklaw, lwn) have already pointed out that the claims of being hacked [yahoo.com] should be viewed with a liberal ointment of skepticism for any of the following reasons;
Comment removed (Score:5, Insightful)
its amazing.. (Score:3, Insightful)
Actually, if this was real, ... (Score:3, Insightful)
double bluff? (Score:5, Insightful)
There is a decent chance that their claims are designed to inflame.
Claim the Open Source community is behind it and you get a bunch of people who have already been accused starting to think they may as well commit the 'crime' for which they are being blamed.
Sure the claims made by SCO have always been seen to be ridiculous, from a technical POV. But their point has never been to convince the geeks. They are playing to a larger audience and seen in that light their bumbling and fumbling, technically, starts to look a little more deliberate.
Call me paranoid, but SCO could be trying to create the incident they claim is ocurring right now.
FUD (Score:1, Insightful)
Please tell me how they know what these 'hackers' were unhappy with. This could have been done by anyone.
Re:Come on guys... (Score:5, Insightful)
As for the precedent the decision establishes - it can also be fought an argued against or nullified without ddos and cracking. Granted, it's difficult and often seems hopeless at that point.
I'm all for fighting the good fight, but there is no use in 1) exacting vigilante justice because you are impatient or 2) exacting vengeance because you stand to lose from a judgement. The republic (what's left of it) provides legal avenues from which to punish violators, establish new legislation, and overturn precedent. I'm not sure those avenues are completely shut just yet. With many citizens, such methods are not practical to effect an individual's desires in the short term, but they at least provide long-term potential. Think of your kids, and think of the rights you enjoy now because people fought for them despite the fact that they would probably not see their efforts through to fruition.
Re:Improper use of DDoS - kinda (Score:5, Insightful)
The fundamental principle of civil disobedience is found in Thoreau's formulation that "Under a government which imprisons unjustly, the true place for a just man is also a prison." An act is not civil disobedience unless the protestor is at credible risk of being arrested. For a protest to deserve the honor of being described as civil disobedience, it requires risk and sacrifice.
Gandhi spent time in prison. As did MLK. And so did many of the serious anti-war activitists in the 60s.
There's a second issue. SCO is not a government. There is recourse through justice against SCO. So civil disobedience is, again, not appropriate; civil disobedience is directed against a government guilty of an injustice which cannot be redressed through ordinary means.
Those launching a DDoS against a company that's doing something stupid are risking nothing, are sacrificing nothing. They are also providing SCO with ammunition in their attempts to paint all Linux users as criminals (pirates, copyright violators, communists!). They're vandals, pure and simple, and the fact that they're vandalizing an asshole's house isn't a valid justification.
Edit on main page (Score:5, Insightful)
Re:A classy move last time this happened... (Score:2, Insightful)
RMS never claims the be the self-appointed leader of anyone
Wha...? Are you joking? Would this be the same RMS who insists on Gnu/Linux? I'll grant you that RMS does it in a different way than ESR, but RMS self appoints himself all the time into things. It's his way or the highway.
Re:Come on guys... (Score:5, Insightful)
It certainly was effectively used by the spammers to crush their enemies. I forget the name, but one of the major anti-spam websites was forcibly closed because of DDoS, and nobody was prosecuted.
And this improved the public's perception of spammers how?
Re:Ooops (must use preview button) (Score:3, Insightful)
The timing is suspicious (Score:3, Insightful)
Some of the wall street lemmings will fall for this, just like many
S
Re:Come on guys... (Score:3, Insightful)
Re:Come on guys... (Score:3, Insightful)
Except that, in the MS antitrust case, MS lost and yet we, the people, got screwed because the "justice" system refused to treat MS the same way it treats normal citizens, and MS as a result wasn't penalized in any meaningful way for its crime. And that's despite the callous disregard for the law and the "justice" system MS showed in the courtroom. No ordinary citizen would have survived that, much less be let off scott-free.
No, there is now far too much evidence, going all the way to the Supreme Court (there's no other reasonable explanation for their decision on the Copyright Term Extension Act) that the "justice" system has absolutely nothing to do with justice and everything to do with money and power to believe that it will ever yield a reasonable outcome except through sheer luck.
And in the case of SCO, we're in luck. If there's any computer company that has what it takes to take on MS (even if MS is using SCO as a proxy), it's IBM. If SCO had picked a smaller target we'd much more likely be screwed, given that SCO has backing from MS.
Re:Come on guys... (Score:5, Insightful)
Actually, they are using Linux. Most likely, they are using UnitedLinux based on SUSE. All SUSE distros have syn flood protection enabled by default. Plus, many people report their FTP server was fine all this time on the same subnet. SCO's story doesn't add up. It looks like they shut off their webserver to have another excuse at a press release to try to drive their stock price back up in order to dump more shares to buy shiny Christmas presents.
That's my guess anyway.
DDOT (Score:3, Insightful)
Alternate theory which fits the facts. (Score:5, Insightful)
Per their company policy, they shut SCO's entire network off from the entire world. "Internal mail servers and other support servers were unavailable." After a few hours, they determined that the intrustion was limited to the main corporate web server. The web server was broken off from the network. Network connectivity was restored (but no longer having a web server). "The web server is under a denial of service attack."
SCO employees begin the process of either restoring the existing web server from backup, or preserving the existing server, and bringing online a new server from bare metal. The process is expected to take at least twelve hours. An SCO executive informs at least one media outlet that they expect the problem to be resolved in some time after twelve hours. They're still working on it.
This also fits what happened in August, when their corporate web server was unavailable for THREE DAYS. When it was brought back online, the content was reportedly changed in some areas. It sounds like an inexperienced bare-metal restore or an untested solution. Perhaps part of the web site was not retreivable via backup, and they had to recreate some sections from scratch.
My theory, which I believe totally fits the facts, is that SCO has been rooted and does not want to admit this publicly. So the DDoS/SYN is their cover story, which is close, but doesn't fit the facts well enough to avoid suspicion.
I would appreciate a read on this theory with some feedback postive/negative.
Re:A classy move last time this happened... (Score:5, Insightful)
ESR persistently claims to speak for all hackers or "our tribe" or "our community". Such a thing has such fuzzy boundaries that it has no single opinion, and even if it did ESR wouldn't represent it.
Being pedantic about terminology may or may not be a good tactic, but I think it's understandable for RMS to resist the FSF being written out of history by clueless journalists.
Re:Come on guys... (Score:4, Insightful)
1. The public can't even spell DDoS, yet alone know what it is.
2. The public has no idea what a email blacklist is, or why they're important for fighting spammers. To them, telling people that one of these sites would elicit a "huh?" response, not a "oh, damn!".
3. The public most likely didn't hear about the spammers pulling this crap, because CNN was too busy showing happy puppies and ignoring real news (like this, the war crimes in Iraq, etc).
So yeah. The spammer's reputations, which are tarnished beyond repair already, are, er, "safe", such as it is.
Re:Come on guys... (Score:2, Insightful)
Re:Improper use of DDoS - kinda (Score:2, Insightful)
It's most likely to be a horde of Zombie windows boxes, which were taken over by a Linux sympathizer. It absolutely makes no difference what platform they used to make the attack, only that the attacker likes Linux more than SCO.
At any rate, the attacks are not necessary and harm our image more than they harm SCO's servers. To whoever is doing the attacks: Please stop, we don't need your "help". SCO is about to be smacked down in court big time, they are doing just fine destroying themselves on their own.
Why is this news? (Score:3, Insightful)
Re:Alternate theory which fits the facts. (Score:2, Insightful)
Additionally, it's improbable that SCO would lose a lot of data in the event of a webserver crash. Most likely, SCO has a development webserver that they do all their testing beforehand -- any developer, programming or web, will tell you it's stupid to do development work on a live server.
I'll agree with you that this is a coverup, but from the reports from elsewhere, this looks more like Darl et al covering up the fact that they have no evidence, and in fact, are probably going to be spending some time behind bars before all this is done.
Re:Alternate theory which fits the facts. (Score:4, Insightful)
> The problem with this theory is that it hinges on a corporation
> as large as SCO being fairly incompetent.
I assumed that was a given, actually. If you take them at their word, as an operating system manufacturer/distributor, and a web solutions provider, they'd have to be totally incompetent. I mean, if you believe SCO's story, they are outright admitting that they're a failure in their own core competency. Where was their improved firewall solution after the last hacker attack?
Regarding the backups, my *feel* is that certain trees probably weren't being backed up, which can be a problem with backup solutions where you have (or you incorrectly believe you have to) name every subdirectory or filesystem to save. Or it could be outright data loss, which ended up hitting certain trees. Incompetent? You bet.
That's the same reason why they may not be putting content changes through a development server. Only structural changes, for example.
I know that we're having to assume a lot of incompetence, but again, at their own word, hasn't it already been demonstrated? You've got an OS manufacturer/distributor and web solutions provider who can't protect their server from the very old SYN attack.
Those DDoS are stupid. (Score:3, Insightful)
THIS WILL NEVER HAPPEN
Judge: IBM do you have any evidence.
IBM: Well we SCO got DDoS by a people who don't like them.
Everyone: GASP!
Judge: Well I see that SCO case is completely fraudulent and the judgment goes to the defendant.
SCO: But...
Judge: Slaps down his gavel.
-----------------------
If this did have sway in any way it would be for SCO legal advantage because they can use it to show how common the Open Source Community uses illegal means to try to get what they want.
At best all the DDoS will do is wast some of SCO's money. but not enough to put a dent into it. Heck they probably find a Tax loophole to get the money back. Or sue the guy in the previous posts that gives out all the information to DDoS them on Slashdot.
Come on guy think a little. This is the same way terrorist think. "Yea if I blow up this building that will get the US out of the surrounding areas." All it did was make it worse for them in their Point of View.
"apparently" my ass (Score:2, Insightful)
Allright, assume 2 or 3 (Score:5, Insightful)
Further assume that it is a Linux person(s) even though the community as a whole came out against the first attack. Why not likely?
Ok, so, maybe it is not a Linux person.
Instead assume it is somebody trying to make Linux ppl look bad. huummmmm.
Finally, assume that it is some SK that is trying to showoff. Normal situation with a site that is easy to take out and would get lots of press play.
I can safely assume the later 2 are more probable, while the first is not likely.
To be honest, I would also assume that SCO can be lying about being under attack.
What about the mainstream press? (Score:2, Insightful)
It would be very amusing to see the reaction of SCO's upper management to having their bluff called.
Warm the search warrants up. (Score:2, Insightful)
Call me paranoid, but if their intranet was affected by this "attack", I suspect that "some things" are going to be "lost" as a result.
IMHO, the SEC and other appropriate authorities might want to get some search warrants quick, surround SCO Headquarters and start saving some of the things that might otherwise get "lost" or "destroyed" due to this "attack".
Regards,
Fredrick
"Apparently," or guilty until proven innocent??? (Score:3, Insightful)
"...apparently by hackers unhappy with the company's legal threats against users of the Linux operating system."
WHY is this apparent? The only thing that the 'unhappy hackers' have going is motive. IBM could have done it too. SCO could have done it to themselves, or just faked it entirely, as an excuse to go offline to recover from being rooted.
Motive != guilt, especially when there are many groups with equal motives.