supercaffeinated

Sco Website Is Unreachable.

Recommended Posts

Funny, don't you think?

Humorous or odd?

Anyway, what I find to be odd, and not a wee bit humorous, is the fact that with all the money that these victims and potential victims represent and all of the potential free-lance talent available, that teams are not now working on a permanent solution to these little pricks.

A $250K reward? These guys need to get serious.

A nice quiet solution might be OK, though I have long held that a few dozen of 'em being discovered very publicly in a Mussolini-like fashion would resolve the issue once and for all.

Share this post


Link to post
Share on other sites

Have to say, MyDoom is probably the only public service worm out there right now...too bad it leaves back doors open on infected machines rather than just hitting SCO and being done with it. The back doors make it a baddie, rather than a SCO-bashing white-hat worm...

Future Shock

Share this post


Link to post
Share on other sites

I wouldn't call a DDOS worm a "white hat worm" even if the only target is a company like SCO.

Share this post


Link to post
Share on other sites
I wouldn't call a DDOS worm a "white hat worm" even if the only target is a company like SCO.

agreed. certainly not a way to show linux supporters in a good light.

Share this post


Link to post
Share on other sites
they pulled it themselves.  it's not getting DoS'd, it doesn't exist.

Correct - they did the honorable thing and by "disappearing" avoided the impact that would have been felt on millions of other systems, routers, hoses, etc.

Unless it cured cancer for those infected, there's no such thing as a "white hat virus".

Share this post


Link to post
Share on other sites
Unless it cured cancer for those infected, there's no such thing as a "white hat virus".

SCO is a cancer IMHO...and I don't even currently run Linux at present.

FS

Share this post


Link to post
Share on other sites
Unless it cured cancer for those infected, there's no such thing as a "white hat virus".

SCO is a cancer IMHO...and I don't even currently run Linux at present.

FS

Hmm, litigation is a nasty business, even when well-justified. I confess to lacking sufficient knowledge about the issue to have an opinion on who is right - in terms of the litigation. Frankly though, with the number of worthless barely post-pubescent spanks out there perpetrating nasty bits of work like Napster and then acting petulant - or even self-righteous - about their theft I am skeptical.

What I know for certain is this: I own a small business, and among other things am responsible for quite a lot of potential bandwidth. I pay a lot for that potential, but could and would have to pay a whole hell of a lot more if that bandwidth potential was utilized in any substantial way for any period of time. If that happened w/o a client being responsible, and thus paying the way for it, then at the very least things could get very unpleasant for me.

Fortunately all systems reacted correctly and we were protected against the virus while I was still figuring out what it was - this was not a very smart bug and it was caught very early.

But still, the SOBs tried to pick my pocket. And many thousands of others, including those with a lot more to lose than I.

Any you know what, they obviously don't care.

Not about what happens to me.

Not to my business.

Not to my employees.

Not to my children.

And at the very least SCO understood the threat - the threat to everyone else - and did a very decent thing and saved a lot of folks a whole lot of a whole lot.

So right now I'd have to say "Full marks to SCO".

Hint kiddies: Someone has to pay for your little playground.

Share this post


Link to post
Share on other sites
And at the very least SCO understood the threat - the threat to everyone else - and did a very decent thing and saved a lot of folks a whole lot of a whole lot.

So right now I'd have to say "Full marks to SCO".

It's pretty easy to do the decent thing when you don't have any other choice. SCO was unavailable anyway and apparently some ISP's were complaining to SCSO to take sco.com out of the DNS. Their new (backup) www2.sco.com has already disappeared as well.

With luck they'll experience trouble for some time to come. "Overwhelming the internet" my hairy ass...

Share this post


Link to post
Share on other sites

So there seems to be a strong feeling with at least some of the assemblage here that theft is OK? What, "little tiny small ones"?

The damage done may be of a different sort, but the logic says 100% al Queda to me.

If SCO had exhibited similar arrogance their attitude would have been "You should have protected your networks better."

Share this post


Link to post
Share on other sites
sco would have been knocked offline if they didn't voluntarily go offline.  they were likely avoiding a bill.

And that's all you have to say about this?

Share this post


Link to post
Share on other sites

i fail to see what else there is to say. could you please explain what i am missing? they were going to get DoSed off the face of the planet, so they shut down.

Share this post


Link to post
Share on other sites

i re-read your posts. am i reading this correctly when i say that you believe that sco going offline somehow mitigates the effects of the virus? it will still spread, and it will still try to send packets as fast as it can to www.sco.com even if it doesn't exist.

Share this post


Link to post
Share on other sites

Well, I guess there are two issues here:

First, if there is no DNS entry then will the virus actually do anything? I mean, bandwidth-wise for the DDoS? Yes, it continues to spread and continues to be a threat to those systems affected, but not to the intervening bandthwidth, correct? If so, erasing SCO does mitigate much of the potential damage.

The second issue is the rest of it - there is a virus, wreaking havoc, jeapordizing systems, and threatening innocent bystanders. Given all of that, I suppose I am more than a little disappointed that the general level of response ranges from "Good - I hate SCO" to "SCO did nothing noble".

Share this post


Link to post
Share on other sites

Yeah, that's the problem. The DNS system is still getting slammed.

Oh... and there's the flooding of packets on the internet at large...searching for a DNS listing with SCO in the name.

Thanks Mr. I'll-flood-the-whole-internet-to-get-back-at-a-company. I appreciate your efforts to ruin my internet experience.

If SCO loses the case that Linux is a copy of Unix...then I will lose the last shred of respect I have in the U.S. legal system.

Of course if that happened, I could build a replica of Windows and call it Gindows and give it away...

Microsoft won't mind. :)

Dogeared

8^)

Share this post


Link to post
Share on other sites
Yeah, that's the problem.  The DNS system is still getting slammed.

Oh... and there's the flooding of packets on the internet at large...searching for a DNS listing with SCO in the name.

So the issue is perhaps reduced, but not all that much.

Thanks Mr. I'll-flood-the-whole-internet-to-get-back-at-a-company.  I appreciate your efforts to ruin my internet experience. 

Agreed.

If SCO loses the case that Linux is a copy of Unix...then I will lose the last shred of respect I have in the U.S. legal system.

I am curious about this. What is the gist of the beef?

Share this post


Link to post
Share on other sites

'sco did nothing noble' is not an anti-sco statement, it is a matter of fact.

as for what the absence of the 'www.' A record for the sco.com domain, what exactly will happen will depend upon the virus' construction. it clearly does at least 1 attempt at name resolution, because it is directed at www.sco.com and not a specific ip address. if it will retry the lookups (probable) after a failure, the effect will be that the victim's isp's primary nameserver will be slammed with repeated requests for a domain that doesn't exist. after it discovers this once the information will be cached for a modest period of time, but it will still have to answer 'no that still doesn't exist' every time it is queried.

at no point did i claim that the mydoom virus was justified or good. scroll up and you will see that i said the OPPOSITE.

my involvement in this particular aspect of the discussion is purely technical, not emotional, and not based upon whatever feelings i may or may not have about sco. the step they took to sidestep the attack was not altruistic.

Share this post


Link to post
Share on other sites
at no point did i claim that the mydoom virus was justified or good.  scroll up and you will see that i said the OPPOSITE.

I stand corrected.

Share this post


Link to post
Share on other sites
If SCO loses the case that Linux is a copy of Unix...then I will lose the last shred of respect I have in the U.S. legal system.

Why on earth would you say that? Do you actually understand the lawsuits?

In the first suit, SCO is asserting that IBM and other development partners did work on code for Linux, and then included copies of that code into their own branded OSes (AIX in IBM's case). That violates the letter of their development licenses. However, their is also a strong case that IBM developed that code as a result of their OS/2 OS work, or developed it in a clean room environment isolated from their Linux work. SCO has been asked to show proof of this by the presiding judge, and has missed the deadline to show actual proof, instead stating that they cannot until IBM turns over it's AIX source code to them! But if that's the case, then how did they know to begin with??? I have dealt with IBM's lawyers - they are formidable, and know the law. There is NO WAY in my thinking that IBM screwed this up - they know intellecutal propery law better than anyone. I think the chances of IBM having mis-used the code is slim to none, and SCO's stalling is making most observers feel the same.

In the second suit, SCO is asserting the Linux 2.4.2 kernel contains whole sections of code ripped from the proprietary Unix, who's license SCO bought from Novell, who in turn bought it from AT&T. Despite REPEATED demands to show what code they are claiming to be stolen, they will only show it in fragments, and only after signing a non-disclosure. So far, those that have seen it and talked are not impressed by SCO's claims. If ANYTHING, it appears that Linus copied the ERROR NUMBERS and such from old Unix header files, in an effort to achieve compatibility. The problem for SCO: much of the old AT&T code (including the headers in question) was placed in the public domain by AT&T itself, prior to Novell purchasing the rights. Linus can't be sued for copying code that was in the public domain - so if it is found that that is what he did (as it appears at present), then there is no case.

SCO's transgressions are SO bad that both IBM and Novell are suing SCO - IBM a plain jane countersuit, and Novell is saying that SCO doesn't own those specific rights to begin with, based upon their contract.

There is a possiblility that SCO can win one or both suits, based upon some legal technicality or other, but it would be a travesty of justice if they WON, not if they lost...

Future Shock

N.B. - notice that the case is NOT that Linux is a copy - it is about if it contains CODE. The public domain release from AT&T short-ciruits ANY effort to restrict the look-and-feel of Unix, or command compatibility.

Share this post


Link to post
Share on other sites
If SCO loses the case that Linux is a copy of Unix...then I will lose the last shred of respect I have in the U.S. legal system.

Why on earth would you say that? Do you actually understand the lawsuits?

It is obvious that he doesn't.

Frank

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now