If you can read this, either the style sheet didn't load or you have an older browser that doesn't support style sheets. Try clearing your browser cache and refreshing the page.

(The Raw Story)   Anonymous completely (though briefly) deletes CBS.com from the Internet   (rawstory.com) divider line 252
    More: Spiffy, online, Anti-Counterfeiting Trade Agreement, DDoS, Vivendi, hacktivism, deep water blackout, Motion Picture Association of America, Universal Music Group  
•       •       •

29503 clicks; posted to Main » on 22 Jan 2012 at 10:53 PM (2 years ago)   |  Favorite    |   share:  Share on Twitter share via Email Share on Facebook   more»



252 Comments   (+0 »)
   
View Voting Results: Smartest and Funniest

Archived thread

First | « | 1 | 2 | 3 | 4 | 5 | 6 | » | Last | Show all
 
2012-01-22 11:43:09 PM  
rlv.zcache.com
 
2012-01-22 11:46:29 PM  

urban.derelict: DaveX: Assuming we believe the screen shot.

so... the stories reported by the 'lamestream' media about how Anonymous erased CBS's website ... aren't true?



No, I'm saying there is a much more likely explanation up there in the "cloud" than the possibility somebody got root and deleted their (likely) single-source production "truth".

/Hats off to them if they actually pulled something like that off though.
//You'd have to do something stupid, like have the same password for admin access as you used for your email (and likely social media).
 
2012-01-22 11:46:43 PM  

bmihura: Digitalstrange: Weaver95: GAT_00: Wow. That's a new one. Restorable from backups, but usually people don't get kicked completely off the Internet.

they'd probably have to restore from offsite backups, or fail over to an offsite mirror. I don't know anything about how they run their website disaster recovery plan. it's fixable (obviously) but its a pain in the ass to recover from. And they have to verify the integrity of their user data too, which is always tricky.

this is the sort of thing that gives sysadmins headaches for weeks afterwards.

It's actually easy to recover from. Websites like that have complete backups, thats why the outage was brief. It's the post recovery analysis and vulnerability patching thats a pain and the Sysadmins better hope a headache is all they get. A firing is also possible. Especially if, as you mention, user data was compromised.

Is there a way to make a hacker-proof website with an interactive database?

That sounds like a dumb question since all the big boys are getting hacked every day, but maybe there is a way.


Physical keys to toggle write protection on the hard drives for non user data. So yes and no.
 
2012-01-22 11:47:01 PM  

bmihura: Digitalstrange: Weaver95: GAT_00: Wow. That's a new one. Restorable from backups, but usually people don't get kicked completely off the Internet.

they'd probably have to restore from offsite backups, or fail over to an offsite mirror. I don't know anything about how they run their website disaster recovery plan. it's fixable (obviously) but its a pain in the ass to recover from. And they have to verify the integrity of their user data too, which is always tricky.

this is the sort of thing that gives sysadmins headaches for weeks afterwards.

It's actually easy to recover from. Websites like that have complete backups, thats why the outage was brief. It's the post recovery analysis and vulnerability patching thats a pain and the Sysadmins better hope a headache is all they get. A firing is also possible. Especially if, as you mention, user data was compromised.

Is there a way to make a hacker-proof website with an interactive database?

That sounds like a dumb question since all the big boys are getting hacked every day, but maybe there is a way.


It's honestly not that hard. I could throw up a basic site in Django or Rails with database support and you'd have a hell of a time getting in. Plus of course I salt everything and even if you get in, you can't read the DB.

Where you get me is when I'm a company with a massive layout and people forgot to patch something, they reuse passwords, open up a port on the server to run some other service and thus introduce a vulnerability. Or some IT drone installs something and never bothers to change the admin account from "admin" and "default".

Basically I gave you access to ports 80 and 443, sanitize my input, and keep Apache patched means you likely get nothing. When I'm running 20 different services on my servers, then you sneak in.

/everyone says you need good server layout and to avoid running a bunch of different instances of items on the same server
//very few companies give their IT folks enough money to follow that concept though
 
2012-01-22 11:47:09 PM  

simplicimus: So user = root, password = root was a bad idea?


password = toor

/slightly harder to guess.
 
2012-01-22 11:47:57 PM  

Weaver95: As described by Gizmodo, "The CBS takedown wasn't your regular DDoS attack because if you went to CBS.com at the time Anon attacked it, there was nothing except an index page with a single file. That's it. Basically, Anonymous gained access to CBS.com and deleted EVERYTHING."



wow. that had to be somewhat expensive to fix. hope they didn't have anything sensitive in any of those files.



Everyone in our apartment cheered. Screw you, CBS, and your worthless, derivative, headline-pandering crap.
 
2012-01-22 11:48:11 PM  
i1.kym-cdn.com
 
2012-01-22 11:50:14 PM  
i don't understand why destruction of property is considered spiffy. What does all this prove? That the Internet is vulnerable to massive attack.

How do these attacks improve anything, or change anything for the better? Internet security may improve, but that's doubtful. And even if it does, it won't last for long.

I just don't get it. Destruction for the point of destruction is useless
 
2012-01-22 11:50:32 PM  

12349876: Weaver95: [lh6.googleusercontent.com image 453x604]


AAAAAAAAAaaaaaaaaaaaaaaa! WTF is up with those fingers!?

It's Ann Coulter's long lost sister brother.

 
2012-01-22 11:52:04 PM  

ha-ha-guy: bmihura: Digitalstrange: Weaver95: GAT_00: Wow. That's a new one. Restorable from backups, but usually people don't get kicked completely off the Internet.

they'd probably have to restore from offsite backups, or fail over to an offsite mirror. I don't know anything about how they run their website disaster recovery plan. it's fixable (obviously) but its a pain in the ass to recover from. And they have to verify the integrity of their user data too, which is always tricky.

this is the sort of thing that gives sysadmins headaches for weeks afterwards.

It's actually easy to recover from. Websites like that have complete backups, thats why the outage was brief. It's the post recovery analysis and vulnerability patching thats a pain and the Sysadmins better hope a headache is all they get. A firing is also possible. Especially if, as you mention, user data was compromised.

Is there a way to make a hacker-proof website with an interactive database?

That sounds like a dumb question since all the big boys are getting hacked every day, but maybe there is a way.

It's honestly not that hard. I could throw up a basic site in Django or Rails with database support and you'd have a hell of a time getting in. Plus of course I salt everything and even if you get in, you can't read the DB.

Where you get me is when I'm a company with a massive layout and people forgot to patch something, they reuse passwords, open up a port on the server to run some other service and thus introduce a vulnerability. Or some IT drone installs something and never bothers to change the admin account from "admin" and "default".

Basically I gave you access to ports 80 and 443, sanitize my input, and keep Apache patched means you likely get nothing. When I'm running 20 different services on my servers, then you sneak in.

/everyone says you need good server layout and to avoid running a bunch of different instances of items on the same server
//very few companies give their IT folks enough mo ...


That explains your high blood pressure. Try cutting back on the sodium.
 
2012-01-22 11:53:12 PM  

Weaver95: [lh6.googleusercontent.com image 453x604]


AAAAAAAAAaaaaaaaaaaaaaaa! WTF is up with those fingers!?



her hand looks like one of those aliens

www.moviemobsters.com
 
2012-01-22 11:53:28 PM  
I'm just waiting for 'Nonnermouse to cross the line between "Oh you..." and "Nice job breaking it, hero."
 
2012-01-22 11:53:55 PM  
What happened to the episodes of Rob!?!?!

Are they still there?
 
2012-01-22 11:54:14 PM  
There are over 370 million websites on the Internet... because Anonymous lets them stay there.
 
2012-01-22 11:54:44 PM  
Shudder to think what Anon would do if SOPA passed. I foresee a number of congressional websites hacked and loaded with Disney movies and kiddy porn.
 
2012-01-22 11:54:51 PM  

Le Grand Inquisitor: Anonymous are Terrorists and are a illegitimate threat to America. They must be stopped


They have only their parents to blame.
 
2012-01-22 11:55:10 PM  
Actually, given how brief they say this outage was, someone may have just gotten access to CBS's Akamai admin account and deleted the cache or repointed the origin server so the outage was during Akamai's retrieval of all the content from the origin CBS site, which may have caused a bit of a spike in traffic and made things slow and not work?

I've pushed the Akamai "history eraser button" before, and it did kind of hiccup things before our content was fully available again.

/Steeempy, never touch the History Eraser Button
 
2012-01-22 11:55:23 PM  
So: safe to assume their password wasn't horsebatterystaple?
 
2012-01-22 11:56:01 PM  
 
2012-01-22 11:57:24 PM  

fusillade762: Shudder to think what Anon would do if SOPA passed. I foresee a number of congressional websites hacked and loaded with Disney movies and kiddy porn.


When the son of SOPA comes up I want to create a script that will take a picture of 4chan and add a banner that says "Do you really want these people off the net and in public?" then it will fax it to each senators office who supports the bill
 
2012-01-22 11:57:39 PM  

Weaver95: GAT_00: Wow. That's a new one. Restorable from backups, but usually people don't get kicked completely off the Internet.

they'd probably have to restore from offsite backups, or fail over to an offsite mirror. I don't know anything about how they run their website disaster recovery plan. it's fixable (obviously) but its a pain in the ass to recover from. And they have to verify the integrity of their user data too, which is always tricky.

this is the sort of thing that gives sysadmins headaches for weeks afterwards.


yeah, so the only really impact is that some poor sys admins have to do a lot more work.
 
2012-01-23 12:02:22 AM  
I wonder what the Anonymous response to Filesonic voluntarily ending it's file sharing aspect today will be.

Link (new window)
 
2012-01-23 12:07:10 AM  

UncleStumpy: i don't understand why destruction of property is considered spiffy. What does all this prove? That the Internet is vulnerable to massive attack.

How do these attacks improve anything, or change anything for the better? Internet security may improve, but that's doubtful. And even if it does, it won't last for long.

I just don't get it. Destruction for the point of destruction is useless


Yeah, it really does seem counter productive to their causes and never seems to work out for them.

But I don't care either way to be honest.
 
2012-01-23 12:07:16 AM  
I can understand Anonymous being upset at most of the sites they've attacked recently, but why cbs.com? What did they do?
 
2012-01-23 12:09:31 AM  

Cloudchaser Sakonige the Red Wolf: I can understand Anonymous being upset at most of the sites they've attacked recently, but why cbs.com? What did they do?


They did give us Rob!

And that show is a pile of crap. Maybe Anonymous thought this would even that out.

I do like CBS's News and Sports coverage. And CBS This Morning is actually a pretty informative program...a rarity for morning TV.
 
2012-01-23 12:09:45 AM  
You'd be amazed at how bad the security is at some of these places. Generally, the internal stuff is well protected, but the "posters" are darn close to the "root/root" scenario. Heck, there's a database that tells you what areas are vulnerable and how to patch them. Do you think these people who handle the external sites put on the patches? No. Do you think that any 12 year old kid can go here:

http://cve.mitre.org/

look at the list, and find out what they've forgotten to patch?

Kids these days. Back when I was young, they didn't have vulnerability databases. You had to actually work to break into a public site. Where's my onion?
 
2012-01-23 12:10:06 AM  
Plus 60 Minutes and Sunday Morning. The other networks have nothing like these.
 
2012-01-23 12:10:13 AM  

urban.derelict: Gramma: I doubt they'll make any real impact, but they are fun to watch.

they've published personal information on all the elected reps, it's only a matter of time before someone steps up and...uses it.

/for the greater good


The greater good
 
2012-01-23 12:10:26 AM  

dericwater: simplicimus: So user = root, password = root was a bad idea?

password = toor

/slightly harder to guess.


I'd say "oort". It's in the cloud already.
 
2012-01-23 12:13:06 AM  

Cloudchaser Sakonige the Red Wolf: I can understand Anonymous being upset at most of the sites they've attacked recently, but why cbs.com? What did they do?


They support SOPA and had/have a security vulnerably. It is like when a gang finds one of their rival members by them self; it doesn't matter if they are only a minor player, they are going to get farked up.
 
2012-01-23 12:13:25 AM  

zedster: For an operation their size I bet they have a lot of LTO5 or T10000s running and I would hope take hourly snap shots. I doubt they suffered any major data loss.


I'm sure they are on the ball, no way anybody could do something like kill the reputation of their news organization with MS Word or anything.
 
2012-01-23 12:16:15 AM  

Sock Ruh Tease: veryequiped: Anonymous is just a tool of the government. It's rather convenient that Anonymous starts shiat after SOPA gets rejected.

Anonymous' role is to give the government something to point to so that they can tighten their grip and get what they want the next round of the SOPA bill on the table

Anyone with even a fraction of a brain can see that Anonymous is nothing more than black ops at it's finest

[berkeley.intel-research.net image 410x307]


section 31 eh?
 
2012-01-23 12:17:35 AM  

veryequiped: Anonymous is just a tool of the government. It's rather convenient that Anonymous starts shiat after SOPA gets rejected.

Anonymous' role is to give the government something to point to so that they can tighten their grip and get what they want the next round of the SOPA bill on the table

Anyone with even a fraction of a brain can see that Anonymous is nothing more than black ops at it's finest



Anonymous actions remind me of those "terrorist" rocket attacks that kill nobody but give Israel the pretense to stop talking and just take more land.

CUI BONO mother farkers?
 
2012-01-23 12:17:43 AM  

SN1987a goes boom: This kinda shiat is exactly why people will push for stronger internet regulations. Anon does more harm than good, and is probably the worst thing to ever come from the internet.


Never played Ultima Online did you?
 
2012-01-23 12:18:51 AM  

UncleStumpy: I just don't get it. Destruction for the point of destruction is useless


It isn't pointless destruction, Anon is creating jobs. Every time Anon takes down a website they are creating work for lots of highly skilled and highly trained IS/IT professionals.

/Why do you hate jobs/America?
//Am I doing it right?
 
2012-01-23 12:21:22 AM  
I use nortons fire wall and ain't never been violated in my life. No one never sends me d's or o' or whatever and my website has been viewed at least sixty times since it went up in 1998. So I must be doing it right.
 
2012-01-23 12:26:13 AM  

DaveX: urban.derelict: DaveX: Assuming we believe the screen shot.

so... the stories reported by the 'lamestream' media about how Anonymous erased CBS's website ... aren't true?


No, I'm saying there is a much more likely explanation up there in the "cloud" than the possibility somebody got root and deleted their (likely) single-source production "truth".

/Hats off to them if they actually pulled something like that off though.
//You'd have to do something stupid, like have the same password for admin access as you used for your email (and likely social media).


Dan Rather is a turnip

/better not be obscure
 
2012-01-23 12:26:17 AM  

swangoatman: I use nortons fire wall and ain't never been violated in my life.


So, how you doing?
 
2012-01-23 12:33:48 AM  

Weaver95: GAT_00: Wow. That's a new one. Restorable from backups, but usually people don't get kicked completely off the Internet.

they'd probably have to restore from offsite backups, or fail over to an offsite mirror. I don't know anything about how they run their website disaster recovery plan. it's fixable (obviously) but its a pain in the ass to recover from. And they have to verify the integrity of their user data too, which is always tricky.

this is the sort of thing that gives sysadmins headaches for weeks afterwards.


Not really, it means that either A) someone is giving them access from inside B) it is someone inside or C) they used outdated passwords that someone never deleted.

All 3 are easily fixable, it just means sysadmins actually have to work for a few weeks then its back to playing wow/eq/runescape/starcraft/etc.....
 
2012-01-23 12:38:47 AM  

Damned In The Sand: Here's the thing though, when Anon does something like this the general public reaction is always one of "OMG THEY'RE FIRING THEIR LASER" whereas people who actually work with computers look at it as "Oh they took down the poster". If they had actually managed to, I don't know hack the actual server that contained data that was pertinent to their business model instead of just tearing down a web site it might be a more credible threat in the IT community. Say like when Sony had that major compromise of their player database and lost consumer information that could affect people in a real way. Otherwise this is more of an inconvenience then an actual threat.


The point of a protest isn't to cause damage. It's to make a highly-visible point. Anon's doing a damn good job with that aspect.

/Sometimes they're asshats, but this time, hell yes I'm rooting for Anon.
 
2012-01-23 12:38:48 AM  
As a home user trying to connect to his internet and dealing with slow connections because of farking portscanning script kiddies and there's not a damned thing I can do about portscanners, I farking hate anonymous, more specifically, the script kiddies.
 
2012-01-23 12:45:16 AM  

CrispFlows: As a home user trying to connect to his internet and dealing with slow connections because of farking portscanning script kiddies and there's not a damned thing I can do about portscanners, I farking hate anonymous, more specifically, the script kiddies.


Anonymous is a bunch of script kiddies just like the US armed forces is a bunch of high school dropout with guns.
 
2012-01-23 12:47:38 AM  

Weaver95: zedster: For an operation their size I bet they have a lot of LTO5 or T10000s running and I would hope take hourly snap shots. I doubt they suffered any major data loss.

Oh I agree - they probably didn't lose any data...but if I were in their IT department I'd be freaking paranoid after an intrusion like this one.


It's time to clean up the systems, and the resumes. Paranoia runs deep.
 
2012-01-23 12:51:49 AM  

Gramma: I find the hijinks of Anonymous to be highly entertaining.

I doubt they'll make any real impact, but they are fun to watch.


This.
 
2012-01-23 12:54:32 AM  

Captain_Ballbeard: Anonymous actions remind me of those "terrorist" rocket attacks that kill nobody but give Israel the pretense to stop talking and just take more land.


minus the fact that there have been deaths in Sderot, the rockets and Anon serve similar purposes. If you accept Max Weber's definition of state as "a monopoly of violence over a given area" any violence that occurs in that area that is not controlled by the state undermines it. The rockets serve to harm Israeli legitimacy by attacking Israelis within their pre-67 boarders. Likewise the world wide web was suppose to be a place of ultimate democracy instead we are seeing the WWW/HTML give way to increasingly walled gardens (Facebook, Apple/Itunes, Amazon with the Fire browser, Google, etc...) that give few dominion over a large swath of the Internet. The government(s) and industry like CBS feel the Internet is theirs, a tool for their use and use outside their bounds should be policed. Anon by striking at them and putting fear in them of a rogue element acting against them within their(the government's) walled garden and thus undermining them serves to show the government as weak. Either the government has to go the Chinese/Australian route and setup a huge firewall to create a true walled garden or admit that cyberspace is the wild wild west and trying to get a too tight of a grip on it will result in direct challenges to their authority.
 
2012-01-23 12:54:32 AM  

Captain_Ballbeard: swangoatman: I use nortons fire wall and ain't never been violated in my life.

So, how you doing?


ui05.gamespot.com

You ladies ever been penetrated?

/gif is hot
 
2012-01-23 12:54:47 AM  
I thought the most amusing thing done with hacked websites was to deface the hell out of them. Much like defacing a poster.
 
2012-01-23 12:55:14 AM  

DaShredda: CrispFlows: As a home user trying to connect to his internet and dealing with slow connections because of farking portscanning script kiddies and there's not a damned thing I can do about portscanners, I farking hate anonymous, more specifically, the script kiddies.

Anonymous is a bunch of script kiddies just like the US armed forces is a bunch of high school dropout with guns.


exactly.
you can poke fun at the script-kiddies /b-tards all day long, but don't taunt Anonymous.
 
2012-01-23 12:58:46 AM  

just_intonation: DaveX: urban.derelict: DaveX: Assuming we believe the screen shot.

so... the stories reported by the 'lamestream' media about how Anonymous erased CBS's website ... aren't true?


No, I'm saying there is a much more likely explanation up there in the "cloud" than the possibility somebody got root and deleted their (likely) single-source production "truth".

/Hats off to them if they actually pulled something like that off though.
//You'd have to do something stupid, like have the same password for admin access as you used for your email (and likely social media).

Dan Rather is a turnip

/better not be obscure


The dude is HOT!

/tuba solo!
//thank you for making me grin
 
2012-01-23 12:58:59 AM  
"Paranoia will destroy ya..."

Like some half-baked legislation will harm the internet.

45 seconds after some SOPA-like ban is passed, somebody figures a way to get around it.

Technology always wins.

Billions of people use this thing. What chance does the entertainment industry (or anyone else) have of regulating it?
 
Displayed 50 of 252 comments

First | « | 1 | 2 | 3 | 4 | 5 | 6 | » | Last | Show all

View Voting Results: Smartest and Funniest


This thread is archived, and closed to new comments.

Continue Farking
Submit a Link »
On Twitter





In Other Media


  1. Links are submitted by members of the Fark community.

  2. When community members submit a link, they also write a custom headline for the story.

  3. Other Farkers comment on the links. This is the number of comments. Click here to read them.

  4. Click here to submit a link.

Report