Novell OpenSUSE Server Hacked 329
abelikoff writes "Both LinuxWorld Australia and SuSE Linux Forums report that OpenSUSE website got hacked last night." This story was submitted quite a number of times.
"Engineering without management is art." -- Jeff Johnson
Don't blame LINUX (Score:2, Insightful)
Linux is near-flawless in terms of security.
*sigh* (Score:5, Insightful)
How does this help ? (Score:4, Insightful)
Re:Don't blame LINUX (Score:2, Insightful)
so it could have been a linux flaw...
buy you're right, on most pc's the weakest link is the user...
Re:Don't blame LINUX (Score:5, Insightful)
Linux is near-flawless in terms of security.
You don't follow security mailing lists, do you? Most Linux distros have decent security but "near-flawless"?
how rude..... (Score:2, Insightful)
Re:Don't blame LINUX (Score:1, Insightful)
I have to note, I have not read the original article yet, so you may be 'spot-on' & it may note the very thing you point out. It usually is the case.
However, you also cannot fully discount this, or problems like it, might actually be some completely NEW problem found in Linux itself, or rather, this particular distro (this goes for MS &/or Apple wares as well, not just Linux/Unix/BSD etc.)!
(Man, because this happens ALL the time (browsers, apps, OS' & such of all types)... it's a real pain-in-the-A$$, but a fact of life today. One with SOME GOOD SIDES TO IT THOUGH, in that it points out flaws that may exist since someone used some particular method of penetration & it's now known if it was not before!)
APK
P.S.=> What 'spooks me'? Isn't the ones that are known, or found & exposed publicly (to get either MS, apple, or the numerous Linux vendors off their butts to do something about it etc. if needed)... but, the ones that do NOT talk about it period, & utilize vulnerabilities 'secretly', never publicly noting their methods (be they OS vulnerabilities, or apps like browsers etc.)... they're the TRUE danger imo... apk
APK
Don't Blame Windows (Score:3, Insightful)
Re:Don't blame LINUX (Score:1, Insightful)
Near flawless my ass.
Re:Don't blame WINDOWS (Score:1, Insightful)
People always try to blame the software right away but usually it's poor administration.
Windows is near-flawless in terms of security.
That's about as true as your comment, yet I don't hear a lot of that said around here.
Next time you want to post how Linux is "near-flawless", why don't you take a breath, not post it (because somebody else is sure to), and then, the next time a Windows hack story comes up, not post in that story either (because somebody else is sure to)?
The end result will be a greater signal:noise ratio, less hypocrisy, and your abstinence in both cases cancel each other out in terms of bias.
Re:How does this help ? (Score:3, Insightful)
Why? because it does not happen often to a major linux site. It would be like having millions stolen from a site that runs a none Windows such as a unix site. It will make news just because it is none windows.
Re:Don't blame LINUX (Score:1, Insightful)
Re:Oh sweet sweet irony... (Score:3, Insightful)
If a Microsoft windows 2003 site, running Windows 2003 was the victim, then yeah, I think it would make the front page.
Re:ssh scan (Score:4, Insightful)
Any security admin worth their salt would have turned this off when it was installed - not to reduce break-ins (although it does help mitigate a weak root password), but to provide an audit trail for people who are allowed to use root.
*sigh*
Re:Rights or not (Score:3, Insightful)
Re:*sigh* (Score:5, Insightful)
Re:Rights or not (Score:5, Insightful)
Practical upshot? Am I safe? (Score:3, Insightful)
What is the practical upshot of all this? Is the damage limited to the "Give us nuclear rights" web defacement, or was that just a front to make people think nothing else was damaged?
I'm running SuSe 9.3, and this morning, I let the automated update program do it's thing. Did I download and install any breached files?
TFA don't say anything. One is dead already, and the other is useless.
I mean, I understand that there's a lot to discuss regarding security policies and server operating systems, but there are people who could be immediately affected here.
Not Good for Iran (Score:5, Insightful)
If you're going to hack websites, don't try to justify your idiotic hobby by turning it into a political posterboard. It has the opposite effect you're looking for. The thing that scares people most is unpredictable behavior. If Iran were calm, clear in stating there intentions, and followed all the diplomatic protocols with a smile there would be no way for anyone to stop them from builting reactors (wheather it be for processing fuel for weapons or not). But stupid stuff like this make Iranians look like evil subversives. Just look at the graphic they posted. It looks like the shadow of some kind of daemon with horns. This is not a good image for Iran.
Or if it's a different group impersonating iranians, you're just losers.
Re:*sigh* (Score:4, Insightful)
I'm too idealist for my own good.
near-flawless? (Score:4, Insightful)
Its the job of the administrators to mitigate and compensate for known, and unknown, security flaws.
Re:Don't blame LINUX (Score:5, Insightful)
Re:*sigh* (Score:2, Insightful)
Re:ssh scan (Score:3, Insightful)
3. install a port knocking [portknocking.org] daemon, like fwknop [cipherdyne.org], or knockd [zeroflux.org]
Re:Practical upshot? Am I safe? (Score:2, Insightful)
That would explain why the French and Japanese have abandoned it.
Nuclear power is orders of magnitude safer than it was decades ago. I'd much rather have a source of energy with a waste that I can dispose of in a controlled fashion rather than one which pours pollutants into the air we breathe. The only reason we don't use more nuclear energy here in the US is because of politics, not science or practicality.
Not to say anything about Iran having nuclear capability. I'll pass speculating on that hot-potato.
Re:Don't blame LINUX (Score:3, Insightful)
Re:As you can see (Score:5, Insightful)
Regards,
Steve
Re:Practical upshot? Am I safe? (Score:4, Insightful)
Your call for isolationism has a certain appeal. I'm generally a believer that far too many people are overly concerned with whats going on in their neighbor's yard. However, isolationism is not a panacea. Interestingly enough, the US' involvement in the Middle East began within decades of the formation of the US in the form of the Barbary Wars even though the new US Government often expressed a belief in isolationism. Yet they soon discovered that the US interacted in the world around them and could not be separate from it.
That's not to say that the US hasn't managed periods of isolationist policies. US history shows some remarkable stretches of isolationism. But such policies only served to create the hardest lesson in recent US history - World War II. The cost associated with World War II was only increased by attempts to limit direct involvement of the US in what was viewed to be an European affair (although Europeans themselves also contributed with their own reluctance to act).
World War II leads directly in to the Cold War and the US' attempts to curtail Soviet influence. And perhaps that is where the US commits the sins we will be paying for today and tomorrow. Although I find it rather interesting that when critics of US policy point to various fumbles and embarrassments, they fail to note Soviet involvement. Which isn't to say that the US is excused for their actions - but rather some perspective would provide a better understanding of why things were done.
So does the US have a "right" to dictate to others what they can and can not do? Hardly. There is such a thing as a sovereignty. But to claim that the US should have no involvement in the world around it is simply setting up the US to become victim to the day when its people and shores are under attack. I hate to sound anything like the Bush Administration. Yet there are certainly others who have less qualms about rights than the US. And history shows how that turns out for anyone who ignores it.
On Iraq, I mostly agree. The current Administration's handling of the situation is unsettling, to say the least. There seems to be a certain degree of willful ignorance and a lack of understanding and planning that shows itself not only in foreign policy, but domestic policy too.
However, Iraq was bound to happen. While critics of the Bush Administration are, more or less, right to criticize the reasoning given for this war - they tend to gloss over the fact that the Iraq war comes at an end of a CEASE FIRE agreed to in the early '90s. No folks, this is not a new thing; US military personnel have been in the region maintaining vigilance for over a decade without daily CNN coverage. That entire time is under a state of war. And during that time, Saddam willfully defied UN mandates and conditions of that cease fire agreement.
Yet Saddam was probably not intended to stay in power. The Senior Bush was wise enough to not completely dismantle the world's fourth largest standing army, and create a vacuum for neighboring influence (such as Iran). And it was probably wise to try and void the troubles we are facing today by giving the Iraqi people a chance to handle Saddam themselves. But Saddam is exceptionally gifted at survival (and also ruthlessly brutal). It would take direct involvement to remove Saddam's regime after all.
There might be a slim chance that the Iraqi government to be will become a secular democracy, with enough economic power behind it to flourish. There are possible echoes of Germany and Japan. But the reality is that the odds are against this happening. Partly due to external influences. And (arguably) largely due to the planning of the Bush Administration.
What about Iran? I don't find it too surprising that Iran's intentions meet a certain degree of skepticism. It seems odd that Iran's quest for energy would have to involve a process that can be directly applied to acquiring massively powerful weapons when it is itself the World's fourth largest producer of fossil fuel (right behind the US - Iraq is at 14th) as well as having ample opportunity to develop other alternative (and less dangerous) alternative energy systems.
Re:They have a website (Score:1, Insightful)
The Bush Administration is working on that
The bush admin days are numbered...
As is anyone who supports their murdering ways.