Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Microsoft Security The Internet

Korean MSN Site Hacked 305

Posted by CowboyNeal from the open-for-rooting dept.
An anonymous reader writes "CNN is reporting that MSN's Korean website was hacked in order to allow usernames and passwords to be stolen. Microsoft is initially blaming unpatched, outsourced servers. Just another embarrassment to Microsoft's security push."
This discussion has been archived. No new comments can be posted.

Korean MSN Site Hacked More

Korean MSN Site Hacked

Comments Filter:

  • Please get some journalistic integrity... (Score:4, Insightful)

    by Anonymous Coward on Friday June 03, 2005 @12:19AM (#12711304)
    Please slashdot, you're not doing any justice by harping on Microsoft. Your bias is just disgusting. Why don't you post one of the 1,000,000 Linux defacements or break-ins that happen monthly?

    And I know I'm posting Anonymously. I don't have an account nor do I care to create one at your site until you stop being the Fox Network equivalent for Tech News.

  • Microsoft doesn't deserve this criticism (Score:4, Insightful)

    by typical ( 886006 ) on Friday June 03, 2005 @12:22AM (#12711323) Journal
    "CNN is reporting that MSN's Korean website was hacked in order to allow usernames and passwords to be stolen. Microsoft is initially blaming unpatched, outsourced servers. Just another embarrassment to Microsoft's security push."

    Yes, Microsoft has a good deal of well-deserved bad karma. That you could consider this to be a failing of their software is ridiculous, though. If this is an embarassment to Microsoft, many Free, Open software packages of every sort, from Apache to Linux to OpenBSD to OpenSSH have been so embarassed.

    I'm all for calling out Microsoft when they're (a) full of marketing bullshit, (b) way behind everyone else technically, and (c) playing dirty politics. They deserve to be criticized then. But this is simply a non-event. They had a website get cracked. Big deal. Heck, Sourceforge, the largest repository of Open Source software, has been cracked multiple times, if you want an Open Source counterpart.

    Blame Microsoft when they deserve it, and your words will get more weight. If Oracle had run out and said that "Our database is hacker-proof", and the next day their website had been broken into and their database cracked, that would be a fair point to criticize someone. But simply "you had a website cracked" is no longer a big deal for most companies.

  • Re:Importance of patching (Score:2, Insightful)

    by Garrett Combs ( 699749 ) on Friday June 03, 2005 @12:26AM (#12711347) Homepage
    Yeah, but as the article states, the servers were outsorced. Rather than a lesson over the importance of patching, I feel this is more a lesson of if you want something done right, do it yourself.

  • Outsourcing (Score:5, Insightful)

    by stox ( 131684 ) on Friday June 03, 2005 @12:29AM (#12711361) Homepage
    I am sorry, Microsoft, but I don't give a damn that you outsourced your servers. The customer is buying your name and reputation when they buy your product. So, you may have saved money on the bottom line, but you have squandered trust the consumer had for you. At some point in the future, you will realize what a valuable commodity this was and how expensive it is to re-acquire.

  • Re:The blame falls on Koreans (Score:4, Insightful)

    by nacturation ( 646836 ) <nacturation AT gmail DOT com> on Friday June 03, 2005 @12:46AM (#12711450) Journal
    It's an embarrassment to Koreans who have long been the leaders in wide-spread broadband and internet usage. You'd have expected that they, of all nationalities, would have their act together when it came to running servers.

    How do you figure that? Widespread broadband penetration does not imply widespread knowledge of sound security principles. I wouldn't be surprised to find that Korean servers are hacked just as often as the servers in any other nation -- the only differing being that the hackers/scriddies use higher speed connections.

  • Re:Microsoft doesn't deserve this criticism (Score:2, Insightful)

    by ignorant_coward ( 883188 ) on Friday June 03, 2005 @12:47AM (#12711457)
    Sourceforge is a kludge of every insecure OSS program out there: FTP, CVS, etc. It isn't very representative of a normal website.

  • Re:wipe and reload? (Score:5, Insightful)

    by TCM ( 130219 ) on Friday June 03, 2005 @12:53AM (#12711489)
    I got $5 that says this translates to "formatted and reinstalled the OS..."

    Well, what would you do?

  • Re:Outsourcing (Score:4, Insightful)

    by grolschie ( 610666 ) on Friday June 03, 2005 @12:57AM (#12711508)
    Can we at least make a couple of 'Insightful' speeches about the real bad guy?

    Meh! Bill Gates jokes are getting tiresome.

  • Re:Imagine my surprise! (Score:3, Insightful)

    by KarmaMB84 ( 743001 ) on Friday June 03, 2005 @01:02AM (#12711528)
    And yet there probably isn't a piece of complex software in existance that hasn't needed a patch to fix a problem...

  • Re:Microsoft doesn't deserve this criticism (Score:4, Insightful)

    by tres ( 151637 ) on Friday June 03, 2005 @01:20AM (#12711587) Homepage
    The news here is that it wasn't just a vulnerability published, nor a proof of concept, it was a full fledged crack attack against one of the sites that represent the corporation itself. The news here is that it's the same old Microsoft. The news here is that "Trustworthy Computing" is just another marketing buzzword.The news here is that if you can't even manage to secure your own servers, how do you expect the rest of the world to do it?

    Microsoft deserves every bit of blame that they get. They want to pretend like security is something that can be applied like a coat of paint, but in the end, incidents like this prove that it's the same old crap rolling out of Redmond.

  • Re:Please get some journalistic integrity... (Score:3, Insightful)

    by rungood ( 887626 ) on Friday June 03, 2005 @01:35AM (#12711634)
    if you find us as "the Fox Network equivalent for Tech News," do what I do with Fox- don't watch it. or in this case, don't read it. at least here on /. you get a forum where your voice can be heard, or your words at least read. and even though I don't mind some bias against microsoft, there are at least 2 or 3 anonymous cowards ;) that posted back to agree with you that they feel that unfair bias is placed against microsoft. while it appears that a paradox is emerging, at the same time we can see by modus ponens reasoning that slashdot isn't nearly as bad as Fox news. hey, the syllogism just proved your analogy wrong!

  • Re:Please get some journalistic integrity... (Score:5, Insightful)

    by superpulpsicle ( 533373 ) on Friday June 03, 2005 @01:37AM (#12711642)
    Are you implying it's okay for Windows to be hacked 20 times if Linux is also hacked 20 times?

    If Linux has vulnerabilities, then Windows have even less excuse as a billion dollar corporation.

  • Re:Please get some journalistic integrity... (Score:2, Insightful)

    by binkzz ( 779594 ) on Friday June 03, 2005 @02:09AM (#12711756) Journal
    They're not server hacks; most if not all of those are simple forum hacks or other insecure script hacks, mostly home made scripts or adjustments.

    Because most of these sites are hosted by professional companies, the servers are usually more than safe; otherwise they would likely turn into spam machines.

  • Re:They probably ran on linux (Score:3, Insightful)

    by marcello_dl ( 667940 ) on Friday June 03, 2005 @02:39AM (#12711824) Homepage Journal
    To me that's just a sign they're willing to be pragmatic and use what works.

    They also have frequently spread FUD about "what works", so "pragmatic" isn't the first word that comes to my mind about them ;)

  • Re:wipe and reload? (Score:3, Insightful)

    by zulux ( 112259 ) on Friday June 03, 2005 @02:41AM (#12711825) Homepage Journal
    Well, what would you do?

    Formatted and installed a different OS.

  • Re:Please get some journalistic integrity... (Score:3, Insightful)

    by X.25 ( 255792 ) on Friday June 03, 2005 @02:50AM (#12711836)
    Please slashdot, you're not doing any justice by harping on Microsoft. Your bias is just disgusting. Why don't you post one of the 1,000,000 Linux defacements or break-ins that happen monthly?

    There are 1,000,000 Windows defacements or break-ins that happen monthly, but they don't get reported here either.

    Ever heard of phrase 'high-profile'?

  • Re:Please get some journalistic integrity... (Score:2, Insightful)

    by spectecjr ( 31235 ) on Friday June 03, 2005 @03:02AM (#12711872) Homepage
    If Linux has vulnerabilities, then Windows have even less excuse as a billion dollar corporation.

    No, Linux has less excuse; after all, there are billions of eyes looking at the code. That's why the bazaar is better than the cathedral.

    *rolls eyes and laughs*

  • Re:Please get some journalistic integrity... (Score:5, Insightful)

    by X.25 ( 255792 ) on Friday June 03, 2005 @03:19AM (#12711914)
    Here is a list of appoximately 325 Linux based web sites that were defaced today.

    Yeah, so? This isn't about what OS is hacked, but what system. And MSN is *big* (MSN passwords can be used for many things).

    If linux.com got hacked, it wouldn't matter, since it holds exactly 0 important things for a hacker. They would deface it.

    But MSN KR was not defaced, they subtly placed code in order to specifically get passwords.

    Quite different than placing "0wned!" message on a front page.

  • Re:Microsoft doesn't deserve this criticism (Score:5, Insightful)

    by Tim C ( 15259 ) on Friday June 03, 2005 @03:29AM (#12711956)
    So what? It most certainly is representative of the FOSS movement. It's built entirely using FOSS apps, it's (one of) the main repositories for FOSS projects, and as such is extremely high profile.

    You don't just get to say "yeah, but that's not how you'd normally create a website!", because that's how it was *chosen* to be created.

  • Security vulnerabilities are profitable. (Score:3, Insightful)

    by Futurepower(R) ( 558542 ) on Friday June 03, 2005 @04:25AM (#12712147) Homepage

    Microsoft's virtual monopoly for the desktop OS means that security vulnerabilities are profitable. People buy a new computer when they find the old one has become slow. The don't realize they are infected, and that their computer became imperceptibly slower each time it got infected.

  • Same child like behavior I'd expect (Score:3, Insightful)

    by Twillerror ( 536681 ) on Friday June 03, 2005 @08:41AM (#12712937) Homepage Journal
    People wonder why people have doubts about open source. One reason is accountability.

    If linux.org got hacked, who'd care, or even if slashdot ( remember ). MS at least is standing up and admiting it has a problem. OS just hides behind it's structure. Because we are open we will get patched.

    Somebody hacked into their computers in order to steal password, not to shame MS. Be mad at the hackers for once. Is this going to be any different if/when MS is not king of the hill? No, get over it.

    On a side note. Has slashdot ever consider not allowing posts to a story? This is a classic example of a useless post section. About the only thing useful might be how they got in, but no is going to know that until this story isn't on the front page.

    Can we IhateMS.slashdot.org and stick these stories there?

Slashdot Top Deals

I have hardly ever known a mathematician who was capable of reasoning. -- Plato

Close