Anonymous vs. Some Security Firm
Moderator: Dust
- Dust
- The Boss
- Posts: 9093
- Joined: 01 Jan 1970 01:00
- Contact:
Anonymous vs. Some Security Firm
A very interesting series of events:
http://arstechnica.com/tech-policy/news ... -price.ars
http://arstechnica.com/tech-policy/news ... nymous.ars
More articles reachable from here:
http://arstechnica.com/tech-policy/news ... s-back.ars
http://arstechnica.com/tech-policy/news ... -price.ars
http://arstechnica.com/tech-policy/news ... nymous.ars
More articles reachable from here:
http://arstechnica.com/tech-policy/news ... s-back.ars
I do what I think is right. But I don't think that what I think is right can not be wrong.
- MindyMcfly
- Die-Harder
- Posts: 4283
- Joined: 17 Dec 2007 19:47
- Location: Nottingham, Midlands - Go Robin Hood!
- Contact:
Re: Anonymous vs. Some Security Firm
http://www.bbc.co.uk/news/technology-12253746
UK's digital rights bill gets its first test cases and its not going well.
UK's digital rights bill gets its first test cases and its not going well.
----------------------------------------
GM of Real-Life™
(\__/)
(='.'=)
(")_(")
GM of Real-Life™
(\__/)
(='.'=)
(")_(")
- Dust
- The Boss
- Posts: 9093
- Joined: 01 Jan 1970 01:00
- Contact:
Re: Anonymous vs. Some Security Firm
:)
I do what I think is right. But I don't think that what I think is right can not be wrong.
- MindyMcfly
- Die-Harder
- Posts: 4283
- Joined: 17 Dec 2007 19:47
- Location: Nottingham, Midlands - Go Robin Hood!
- Contact:
Re: Anonymous vs. Some Security Firm
I love the way they pick on hackers and then wonder why their systems get shut down.
Best one in the British case was the hacker leaking personal information from the law firms systems, thus getting the law firm into trouble.
Best one in the British case was the hacker leaking personal information from the law firms systems, thus getting the law firm into trouble.
BBC wrote:"In September, ACS: Law was the victim of a cyber attack and it accidentally exposed thousands of its e-mails online when its website went live again.
These e-mails detailed all the people it was pursuing and the pornographic films they were accused of downloading for free.
The data breach is the subject of an ongoing investigation by the Information Commissioner, and Mr Crossley could face a hefty fine."
----------------------------------------
GM of Real-Life™
(\__/)
(='.'=)
(")_(")
GM of Real-Life™
(\__/)
(='.'=)
(")_(")
- Dust
- The Boss
- Posts: 9093
- Joined: 01 Jan 1970 01:00
- Contact:
Re: Anonymous vs. Some Security Firm
http://arstechnica.com/tech-policy/news ... y-hack.ars
A high level description about how the hack was pulled off. It contains perls like the e-mail conversation between the hacker and an admin which results in the hacker getting full SSH access, after being told the password and user account of the admin's boss, or an example why it is bad to use the same password for multiple accounts.
A high level description about how the hack was pulled off. It contains perls like the e-mail conversation between the hacker and an admin which results in the hacker getting full SSH access, after being told the password and user account of the admin's boss, or an example why it is bad to use the same password for multiple accounts.
I do what I think is right. But I don't think that what I think is right can not be wrong.
- MindyMcfly
- Die-Harder
- Posts: 4283
- Joined: 17 Dec 2007 19:47
- Location: Nottingham, Midlands - Go Robin Hood!
- Contact:
Re: Anonymous vs. Some Security Firm
Very smart, we use CMS here.... hmmmmm
----------------------------------------
GM of Real-Life™
(\__/)
(='.'=)
(")_(")
GM of Real-Life™
(\__/)
(='.'=)
(")_(")
- Tiel
- Die-hard
- Posts: 2154
- Joined: 01 Jan 1970 01:00
- Location: Utrecht, Netherlands
- Contact:
Re: Anonymous vs. Some Security Firm
Every site uses a 'CMS', but the CMS with the name CMS that you might mean is not the custom made CMS used on the HBGary site.MindyMcfly wrote:Very smart, we use CMS here.... hmmmmm
Every web developer should know how to prevent simple cracks like mentioned in the article. In many custom made cases when software is unsafe, it's because it has been written too quickly in a limited timespan where the focus lies on looks rather than security. Customers don't want to pay for security, but they do pay for beauty. Dev companies will then simply make the decision to give the client what he pays for and nothing more. However, a good and fast programmer in a company like that should not make these mistakes.
Software that is being developed for years by many people (like this PHPBB forum) is usually much safer and hard to crack. However, if a security flaw is discovered, all the websites running the same version of the software are vulnerable. So it doesn't necessarily mean you're more secure, but if you patch/upgrade as often as possible you can avoid many problems.
The most fun part of this hack is the 'social engineering' part. The hacker tricked someone over e-mail into believing he was someone else and got him to open up ports and lower security. Something the famous hacker Kevin Mitnick was good at too.
All in all, this was not the most impressive hack in history, most script kiddies with some experience should be able to pull this off as well. 'Proper' hackers do something that hasn't been done before, like break into a bank They exist.
- Dust
- The Boss
- Posts: 9093
- Joined: 01 Jan 1970 01:00
- Contact:
Re: Anonymous vs. Some Security Firm
Maybe not the most impressive, but surely a quite funny one :)
I do what I think is right. But I don't think that what I think is right can not be wrong.
Who is online
Users browsing this forum: No registered users and 3 guests