For over an hour today, the Microsoft website was brought offline. Reports indicate that it was a standard Denial of Service attack, rather than an exploit in their hosting platform itself (Windows Server 2003, at last check). However, there is a certain likelyhood that the launch-points for this attack were themselves exploited Windows-based computers. The Department of Homeland Security today issued an unprecedented second warning regaring recent Windows exploits. Is this an isolated incident, or is it an ominous indication of pending cyber attacks on popular internet sites?
Aren’t Linux boxes the easiest to configure for doing this sort of attack? SCO’s website was the last DOS I remember hearing about…
The “fun part” of the attack on SCO was, that it came from windows boxes.
The “fun part” of the attack on SCO was, that it came from windows boxes…
Sounds like you were personally involved. If not, where’d you hear that?
I seriously doubt that any linux advocate is going to spend time on a windows machine to create a windows worm. Windows is just too damn annoying to work with for more than 10 minutes.
I couldn’t access google last night for a while there either. I wonder if there was something going on.
there are discussions on the nanog list about this, it appears to be a exploit, i’ll post a link as soon as one of the researchers post a report.
From Microsoft.com
“This attack does not have any association with any known
vulnerability in Microsoft software.”
Sure it doesn’t, I bet it’s *nix machines doing this, I
mean they are so easy to inflict with worms and all.
“Aren’t Linux boxes the easiest to configure for doing this sort of attack? SCO’s website was the last DOS I remember hearing about…”
No. Because a DDOS is a distributed attack. It generally requires that a client be installed on the systems that the attacker plans to use for attacking. Often, these clients listen for instructions from their attacker on an IRC port or something.
Basically, the majority of DDOS attacks come from end users won’t don’t even realize they are participating because they don’t know that their system has a DDOS client installed on it.
“So far, Solaris and Linux systems have been used as agents in DDoS attacks.”
http://www.networkmagazine.com/article/NMG20000512S0041
That article may be a little dated, but there are plenty of others that acknowledge this.
that is weak man,
try harder
“So far, Solaris and Linux systems have been used as agents in DDoS attacks.”
Ok. This is BS. And no, I am not biased towards Linux, as you can tell from my other posts in different threads. But this just BS, plain and simple.
By far, the largest source of DDOS agents is home users running Windows who have broadband Internet connections. I’ve seen logs after DDOS attacks. And the vast majority of addresses in them came from @home.net, and other large broadband ISPs.
…because the system gives access to Raw Data Sockets even if you’re not an administrator, IIRC. This gives the ability to spoof IPs – something you should know about, since you claimed to do it yourself.
Do you even know how a DDoS works?
Hint: go read up on it at Steve Gibson’s site:
http://grc.com/dos/grcdos.htm
I like this little tidbit (this is from Windows advocate, btw):
“For no good reason whatsoever, Microsoft has equipped Windows 2000 and XP with the ability FOR ANY APPLICATION to generate incredibly malicious Internet traffic, including spoofed source IP’s and SYN-flooding full scale Denial of Service (DoS) attacks!”
Also, read up on “Why Windows XP will be the Denial of Service Exploitation Tool of Choice for Internet Hackers Everywhere.”
http://grc.com/dos/winxp.htm
Most security analysts agree that Windows boxes are what’s used in a DDoS attacks.
When do you want to crash today?
“For no good reason whatsoever, Microsoft has equipped Windows 2000 and XP with the ability FOR ANY APPLICATION to generate incredibly malicious Internet traffic, including spoofed source IP’s and SYN-flooding full scale Denial of Service (DoS) attacks!”
The only reason is so that they can say it is fully compliant with the TCP/IP standard, which in the past, Windows wasn’t. But of course, there is no reason for it be. Apparently its just so they can say it is fully TCP/IP standard compliant.
Go read up on that utter fraud at http://www.grcsucks.com
Besides everyone knows it was the Zeta beta testers who DOS’d Microsoft!
…and likes overdramatic statements. But in this case, he is right. It’s a lot easier to generate an army of Windows zombies when the OS gives apps direct access to raw sockets.
Now, is it a good or bad idea to give that access…well, that’s another debate. Like, of “security by obscurity” rather than “security by responsibility”. Sure, someone can make their Winbox immune to such voodoo with a properly configured firewall. So responsible users won’t become zombies in a DDoS attack. But those irresponsible ones (and they are the majority, unfortunately) will become unwitting pawns in these online assaults.
I’m a big believer in security by repsonsibility myself, but the truth remains: all these insecure Windows boxen are what are being used for the massive DDoS attacks.
I do not see why Steve Gibson is so up in arms about raw sockets being available in windows 2000. I mean every other OS has the ability to create raw sockets so why cant windows 2000.
dDoS attacks come for all types of machines if you were to run a tool that does passive OS fingerprinting on the packet data you’d see that. Windows is definatly more widely used in ddos, because
A.)they are all basically configured the same way, everything running by default.
B.) The average windows user doesn’t have any idea how their machine works. or even care if its protected because “i don’t have anything important on it”
C.) Since everyone runs as Admin to check mail/browse a worm has no problem propagating itself or doing whatever it wants on the system.
D.) Unix systems are full of incompatibilitys meaning, If I wrote an exploit for solaris x86 it wouldn’t work on solaris sparc. If i wrote one for Gentoo it wouldn’t work on RedHat (possibly).
Windows was built to avoid complexity in user interaction which everyone claims is its strength, can also be someone elses idea of weakness. The unix culture is forced to be aware, as an example when I started using linux I tried to open IRC as root a dialog box came up with “don’t run IRC as root unless you are stupid”. Any admin will tell you the biggest security threat is not hackers outside it is the users on the system you’re responsible for and with things like this IRC analogy it attemps to secure the biggest threat of all..You.
I think Gibson’s beef is that apps run as normal users have access to Raw sockets – therefore, it opens up a world of possibilities for Worm and Virus writers.
Personally, I think that there is no substitute for a well-protected home network. So I don’t necessarily view MS’s decision as wrong, however it is to be expected that, the majority of “mom and pop” users will not secure their computer, and therefore are setting themselves up to become pawns in DDoS attacks.
I can’t connect to MSN (Trillian) or ICQ for the last hours. Can somebody confirm if there is a problem with the MSN-, ICQ-servers or is it just on my ISP or Comp.???
Thanx!
Thanks, I don’t even know you, but I trust you more than that guy Great Cthu or whatever he goes by now, his real name is Archie Shill, he just changes his name whenever he gets exposed.
I’ve been having problems connecting to msn with trillian pro all day long, i guess microsoft blocked trillian from msn and someone didn’t like it.
I didn’t change my name when I got “exposed”, because I didn’t get exposed in the first place. You have failed to provide proof that my IP address pointed at IBM, while I provided proof that it in fact didn’t. I’ve done whois on a variety of addresses in that IP range, and never did I get IBM. But you keep lying about it, without ever giving proof.
And no, I didn’t change my name to hide my identity. I admitted that I was formerly Archie Steel on the second post I made under this new name. I chose this name for Coral Snake, since he seems to be quite the Illuminati aficionado.
Now, to stay on-topic: nothing that this other guy said invalidates Gibson’s opinion. He just did what you always do: shoot the messenger when you don’t like the message. Like, for example, when I invariably prove you wrong, you attack me personally instead of trying to counter my arguments.
In any case, I’m still waiting for the “proof” that connects my work IP to IBM (and please, no links to your original lie about it). Until we get that proof, we can only assume that you are a liar about this, and possibly about pretty much everything else.
Since you hackjobs already obviously know this link anyway, check out how the # of Linux/Unix (or any *nix for that matter) DOS attack tools outnumbers the Windows ones, even though there is incredibly more (~85% to 15%) ‘Windows’ computers in existence. Simply shows what you diehard 15% percenters do with your operating system.
…IBM’s derivative Unix work is the property of…IBM, not SCO!
“IBM negotiated with AT&T [the original holder of the Unix copyrights and patents] a very detailed side letter to their license agreement,” Carey told internetnews.com. “That side letter is Exhibit C to the SCO complaint. That side letter negates many of the key license terms that SCO relies upon in its complaint. For example, the basic license agreement says that IBM is authorized to create derivative works, but those derivative works will become the property of AT&T. The side letter says exactly the opposite, that those derivatives will become the property of IBM.”
He added, “The format of this is unusual. It appears that AT&T insisted that IBM sign their standard form agreement and that any changes be set forth in a separate document. The side letter clearly takes precedence.”
http://asia.internet.com/asia-news/article/0,3916,161_2243311,00.ht…
(Yeah, it’s off-topic, but I just couldn’t resist…)
Actually I’m not going to post that link, because I don’t endorse it, but you can find it by searching for dos database on attrition.org. Be careful for whatever fleas you may pick up while visiting there.
In any case, the fact that there are more “tools” available can not be taken as proof that there are more instances of these tools being used.
For example, there are more Web Browsers available for Unix than Windows, yet there are more people surfing the web on Windows computer. There are more word processing programs available for Linux than Windows, yet most word processing work today is done on Windows.
Again, you are being dishonest, trying to make Linux users guilty by association. Well, I’ll reverse your argument: since most DDoS attacks are done by Windows machine, then I shall conclude (using your twisted logic) that most Windows users are malicious hackers who have no respect for the private property of others. Aren’t you ashamed of yourself?
@topspeed: could you please stop insulting all linuxusers as crackers and criminals!
@Eugenia: could you please tell topspeed to stop this nonsense or just kick him out of here!
Thanx!
I’m i the only one sick of this?
Nah, pretty much everyone except other anti-Linux trolls (roybatty, XBe) is fed up with these baseless allegations. He won’t even offer proof of what he claims – he once refused to accept that ftp://ftp.sco.com/pub was a publicly accessible FTP server, accusing me of using a “back door” access!
Concerning Archie Shill’s claim that any contractactual agreements between IBM and ATT or SCO granted ownership to IBM is WRONG.
Read the Agreements yourself, they are in PDF file on SCO’s website. What they say is clear, right near the top of them (secton 2.1 or something close):
No Right is granted by this agreement for the use of SOFTWARE PRODUCTS (as capitalized in the contracts) directly for others, or for any use of SOFTWARE PRODUCTS by others.
@topspeed: could you please stop insulting all linuxusers as crackers and criminals
Sorry, I’m just posting comments to the tread which was about a denial of service attack of M$. What are your ideas of who it might have been?
What the heck should i know who DDoS MS! And you don’t know either. You just use every opportunity to suggest all kind of bad things about Linux users, cause you don’t like the idea of the GPL and sharing. That’s not a good basis for a discussionboard (same apply for other OS-BS-zealots). I won’t further reply to your msg’s ’cause 1) it ain’t worth it 2) my english is just too bad to express myself well and 3) i still wish eugenia or somebody kick you out of OSnews!
Concerning Archie Shill’s claim that any contractactual agreements between IBM and ATT or SCO granted ownership to IBM is WRONG.
If you had bothered to read the article I pointed to, you’d have read that these provisions were contained in a side letter to the agreement. This side letter has precedence over the agreement. Anyway, this is the opinion of a lawyer, and since we’ve already established that you know very little about legal matters, I’m more inclined to follow his opinion rather than yours.
Check out section 2 of the side letter in question:
http://www.sco.com/scosource/ExhibitC.qxd.pdf
“Regarding Section 2.01, we agree that modifications and derivative works prepared by or for you are owned by you. However, ownership of any portion or portions of SOFTWARE PRODUCTS included in any such modification or derivative work remains with us.”
In other words, IBM’s derivative work belongs to them, not SCO, though any code taken directly from Unix remains SCO’s property. However, if IBM developed something without SCO code, and SCO subsequently incorporated it in its Unix, it cannot claim ownership over it. Therefore SCO cannot prevent those derivative works that do not contain actual Unix code to be included in Linux, and cannot lay any kind of IP claim on Linux. And if the derivative work did contain Unix code, then only those portions needed to be changed.
(Not that it matters, since SCO has since distributed this code under the GPL.)
SCO doesn’t have a case, they will lose. Get over it.
man, you need to just grow up. the more you talk the more you paint your self in to a corner. you have already made it quite clear that you have no idea what you are talking about.
the only point to anything posted by you is that you are a windows fan boy.
though there is nothing wrong with having a preference to windows, you atleast should know what you are talking about before you go and diss anything else beyond your own understanding.
How can you copy one of the clauses but still not be able to read it?
However, ownership of any portion or portions of SOFTWARE PRODUCTS included in any such modification or derivative work remains with us (ATT/SCO)
THAT’S AN ATT CONTRACT. CHECK THE TOP.
But watch, even though you are completely backwards, you will still argue.
If any of you foul mouthed crybabies have any links from reputable places that dispute the ones I keep posting, by all means let’s see them. But please quit crying to the moderator (who does a fine job) as if she was you Momma.
LMAO! SCO inherited the AT&T contracts. That’s the basis of their ownership of UNIX. They are therefore bound by the AT&T contracts (hey, the AIX license is an AT&T contract as well). Everyone who has been following this case knows this by now!
As I have said, if there is actual Unix code (what they call “software products”) in the derivative work, that code remains the property of SCO (since they bought AT&T’s rights and contracts). But the derivative work itself belongs to IBM.
Since one can assume that most (if not all) code in derivative code is original (you don’t need to reuse code in the OS, but just make system calls to it), then one can safely assume that most if not all of the code in derivative works belongs to IBM, not SCO as they’ve been claiming.
Proven wrong again, TopSpeed. Don’t you ever get tired?
What’s the point? When we present you with proof you just ignore it, and refuse to offer proof in return. Like, where is the proof of your false allegations that I connect from IBM while at work? I’ve asked you before: give me a link to an online whois engine pointing to my work IP address (it hasn’t changed) showing that it is related to IBM in any way. And no, a link pointing to your original false allegation does not count as proof.
http://asia.internet.com/asia-news/article/0,3916,161_2243311,00.ht…
“IBM negotiated with AT&T [the original holder of the Unix copyrights and patents] a very detailed side letter to their license agreement,” Carey told internetnews.com. “That side letter is Exhibit C to the SCO complaint. That side letter negates many of the key license terms that SCO relies upon in its complaint. For example, the basic license agreement says that IBM is authorized to create derivative works, but those derivative works will become the property of AT&T. The side letter says exactly the opposite, that those derivatives will become the property of IBM.”
“The format of this is unusual. It appears that AT&T insisted that IBM sign their standard form agreement and that any changes be set forth in a separate document. The side letter clearly takes precedence.”
http://www.lamlaw.com/
Perhaps the best that SCO can hope for is that well healed customers will pay the extortion money and get screwed as a result. They will not have anything more than they have now. And, they will have created a situation where they could be sued in the future for having violated the license they get now from SCO.
Without quoting portions of your own article that dispute the portions you posted, it says clearly “legal observers are divided” right at the top of the article.
Concerning the second link (which actually was to a link about the DOS, which is what we should be discussing on this thread), the author loses all credibility when in his first sentence he DISAGREES with the following statement by SCO:
“Because it is line-by-line copying from Unix System V, a customer’s use is in violation of our copyrights”.
That is absurd and doesn’t even merit a response in regards to an IP theft case.
Assuming for the moment, that code was copied from Unix System V to Linux or any other product. Let’s assume that is true…
Again concerning that second link, he apparently doesn’t even think they are liable even if they copied line by line direct from Sys V.
You don’t need to copyright license to use copyrighted work, only to redistribute it. Eben Moglen is right when he says that you don’t need to have a copyright license to read a newspaper – heck, you don’t even need to own a copy of a newspaper to read it. Therefore you don’t need a license to use software – the license is there to prevent you from redistributing it.
In essence, what EULA say is that you can only install the software if you agree not to copy it and redistribute it. Incidentally, the GPL is different in the sense that it gives you explicit permission to redistribute, as long as you redistribute the GPLed software under the GPL (therefore transferring the rights you received with the software).
So in fact the man (who is a lawyer, something which you’re not) is completely right: customers are not responsible for using Software that would have been improperly distributed. The offense is not in using the soft, but in distributing it. The same way the RIAA cannot sue you for downloading copyrighted files, but rather for allowing others to download such files from you. This is why the RIAA’s lawyers have targeted big sharers instead of leeches (though in any case, it would be a lot harder to track leeches…)
There’s not much worth discussing when I guys premise is “yes we are willing to admit we have line by line copies of Sys V code which SCO has a copyright on right here in Linux, but that doesn’t matter.”
What was even more ridiculous was the article your second link actually connects to that BLAMES M$ for this recent vulnerability. How in the world is it their fault, this is a vulnerability that goes back to Windows NT, and how many years old is that? Hackers have spent half a decade looking for this flaw, and finally found it, but it’s somehow M$’s fault?
I wonder if your parents know that you spend to much time online and have lost touch with the real world.
He’s not saying that it’s okay if there’s SCO copyrighted code in Linux.
He’s saying that customers are not responsible if there is.
Look at it this way: if MS was to lose their patent suit against InterTrust, and distribution of Windows 2000 became illegal, would you be considered legally liable if you continued to use your copy of Windows 2000? No, you wouldn’t.
That’s what the guy, a lawyer, said. You can continue to misrepresent it, but that won’t make it any less true.
Oh, by the way, I’m still waiting for my proof, liar.
Here is a recent DOS vulnerability in Linux and Apache (5/29/2003)
http://www.linuxsecurity.com/advisories/redhat_advisory-3302.html
Wonder if it was somehow exploited during the M$ attack?
you are getting pathetic.
Patrik Dampier, is that you?
Seriously though, after the last few shenanigans you’ve pulled, no-one is even remotely interested in having a discussion with you.
Sorry, now go away please.
…though at its London Internet Data Center it does use Linux with AkamaiGhost.
http://uptime.netcraft.com/up/graph?site=a100.ms.a.microsoft.com
…Is this an isolated incident, or is it an ominous indication of pending cyber attacks on popular internet sites?
Wow, I didn’t know http://www.microsoft.com was actually popular. How about that. Sure, it’s got purty blue colors and all but popular? Come on now…
Hey, wasn’t this thread about the DOS’sing of Microsofts website? How some people manage to get from there to SCOs beef with IBM is beyond me…too bad they’re the most noisy ones too.
This site is turning into slashdot. Fix it before it’s too late.
I use Mandrake, the latest update kernel corrects them. It was available within hours after publication of the vulnerabilities. And other distros did the same.
So what’s your point ? If you think you can scare Linux users with vulnerabilities, when those are corrected in less than 24 hours…
Great post, exactly right as usual. No I certainly do not want to infringe on OSNEWS, and am only defending myself most times. Archie Shill (or whatever he calls himself now)is the one that needs moderation. He jumps right in the middle of this thread spouting something about how IBM contracts give them ownership, but he got it backwards and those contracts actually say right at the top they belong to SCO! Is that not hilarious or what! Anyway, let’s try not to invite these guys to free republic anymore, they’re enough of a problem over here. Plus I’d rather keep these discussions more technical, and those more political (which you previously suggested). Thanks Snake.
Hum…you do know that there is more than one party in a contract, right? Those contracts were between AT&T (and now, SCO, since SCO bought those contracts) and IBM. You seem to be under the impression that those contracts were between SCO and AT&T. Perhaps you should read them again.
In any case, the paragraph I cited is clear: IBM retains ownership of derivative work, except for all included SCO code. No SCO code in derivative work, then it belongs to IBM 100%.
And yes, it’s off-topic, so mod me down. But also consider moderating TopSpeed flamebaiting in the same stroke…
funny sidenote.
a few weeks ago , peter dampier, pdampier, a ms employee by his own words, was banned for a week from the arstechnica forum, for pulling flamebaits and posting certain offtopic messages, his favourite trick was to pull out the redhat errata list.
about the same time as he got banned “top speed” started to turn up here.
oh and peter got banned again.
presto, now who’s here?
seriously i cant imagine why this guy/thing hasnt been moderated yet…
“Because it is line-by-line copying from Unix System V, a customer’s use is in violation of our copyrights”.
That is absurd and doesn’t even merit a response in regards to an IP theft case.
No, it does.
Here is a simple example. You buy a car. It is later found out that the whole engine design was stolen from another car company. Do you deploy policemen to the roads and tell them to stop and impound all the cars on the road. No. Because it does not make sense. (The law does make sense at times top speed!!!). You go and sue the guys who made the car into oblivion.
Ditto with software. Users have absolutely no obligation to check that the software they buy/license has not violated any copyright, especially when the violation has not been proven and a judgement passed in a court of law.
Would you really want to go to Microsoft and ask them for their code to see that is doesn’t violate the copyrights of any other OS out there. That would entail possibly checking the codebases of a gazillion other operating systems, from UNIX to classic Macintosh to who knows what?
To distribute is a different matter. If you want to distribute the software, you have to take reasonable steps to ensure that you are not selling copyrighted code. Which is fine, although there is a margin allowed for workability’s sake. With books and stuff it is easy. All books are published, and their contents are not secret. With code the issue becomes complex, so you canot really accuse someone who had NO ACCESS to the code. You could ask them to remove it, and if they don’t comply, you can take the requisite action.
With SCO, it becomes very tricky. They had the responsibility to ensure their code was not in Linux, something they seemed to not be doing until late last year. Given they were dealing in two very similar products, UNIX and Linux, they ought to have made sure their proprietary stuff didn’t end up polluting Linux. In a way, they were in violation of the same copyright law they want to protect them now. (The law cannot protect you if you steal something as a group, and you discover you stole your own stuff). Not to say that it is exactly the same here, but for SCO to try shift the responsibility to someone else, who did not have access to the code is nefarious.
So, yes, EVEN IF parts of the kernel were line-by-line copied from SCO UNIX, the users cannot be held liable, because copyright law does not allow that.
At first I had laughed a lot at his/her/it’s comments but now it’s getting tired and old. Seriously if OSNews staff wants to turn OSNews into /. then letting this guy go around accusing people and providing no evidence for his/her/it’s claims is the way to go. Frankly I am very close to just not visiting this site at all anymore. The trolling by Topspeed and others is really getting on my nerves not to me. You can’t have a rational debate with people like this since their only goal is to troll and drag everyone down. Not to mention the fact that this guy and others keep trying to bring in politics into the discussion which IMHO has no place here in OSNEWS !
Don’t you think that it is strange that BOTH OSs that tend to be used in these DdOS attacks are FREE. (Solaris free as in beer only for non commercial use and Linux free as in beer and source code. Sorry for the “Free Software” cult buzz words but that is what most people here tend to understand.) Seems to be more proof of the criminal mindedness of some “Free Software” cultists. I wonder how the BSDs rate in this area since three of the four of them are also free. (The fourth is a proprietary dirivitive of FreeBSD I think. You can do that sort of thing under BSD Open Source licensing without it being stealing.)
It is far more likely that the boxen used in these DDoS attacks use proprietary (i.e. Windows) OSes than free. For one, it’s easier to infect Windows boxes with the trojans that will turn them into zombies.
BTW, do you understand how a DDoS is done? The owners of the actual computers performing the attack are not aware of what is going on: someone has planted a trojan who will (usually) go to an IRC chatroom and wait for instructions, or else they will go off at a predetermined time, etc.
The hapless Windows user’s machine then begins the attack without their knowledge. That’s why they’re called zombies. Since the black hat hacker wants as many zombies as possible, he’ll release the trojan so that it can infect as many machines as possible. Target Linux boxen doesn’t make much sense here, especially since they are generally much more resilient to trojans anyway (such programs need to be run with Administrator rights to infect a machine).
Please, people, do some research before spreading out FUD like this! This is a Windows problem, Windows machine zombified to attack Windows servers…
Maynard I understand your point, however there is no protection clause in the law for “innocent infringement”. In the case of the car, there would certainly be other ways of returning payments back to the original owner, even should it include transfer of manufacturing equipment/facilities if that is the only available asset of those who stole the technology. With Linux software however, hardly anyone paid anything for the software to begin with, so their claims of “innocent” is even more hollow, and they are more likely to be liable.
Again, can we please stick to the article at the top of the thread, anybody have any leads on who might have done the DOS attack on M$ or why?
It is interesting that free software provides such an extensive environment of advanced hacking tools as I described exists on hacker website attrition.org, since free operating systems are actually only loaded on about 10% of the world’s computers. But when you add it up, they appear to have as many if not more hacker tools for their own personal 10% of the overal market than the other 90% of of the market have for themselves.
…and there is no copyright infringement when using copyrighted software without a license, so there is no need for “innocent infringement.” Repeat after me: you do not need a license to use software, only to distribute it.
Is it just me, or do coral snake and topspeed need to get a life away from posting on message boards? Talk about spewing a lot of useless and unconstructive nonsense. Enough already!
Sorry, I have wireless handheld that has range all over the the complex here, so I really can take this stuff anywhere around here. And this is enjoyale, most of the responses are so comical, like that guy Archie Shill that still doesn’t realize the contract that says “sofware belongs to us” actually has ATT at the top and not IBM. I just LOL every time I see that.
I said <quote>
So, yes, EVEN IF parts of the kernel were line-by-line copied from SCO UNIX, the users cannot be held liable, because copyright law does not allow that.
Yes, there is no such thing as ‘innocent infringement’ because no infringement occured. Copyright is for REDISTRIBUTION. So copyrights do not come into effect if there has been no redistribution by anyone. So a user who has not been redistributing does not violate copyright.
The reason such a clause will not exist is because it is unnecessary, would be redundant. You do not include in the law something to the effect that ‘if a person does ABC they will not get prosecuted’ if doing ABC is not illegal. That is REDUNDANCY.
And for the use of Linux in DDOS attacks, well, one reason crackers may like it is because they can really get to know the system well enough for their own protection. And they are usually computer savvy anyway and will probably prefer the best tool for their job!!!!! Not that I like what they do. I use Windows too and I hate having to look out for these people.
Most modern court decisions have accepted the understanding that each time software code is loaded into a systems memory bank, it was copied there, and therefore whoever loaded it must have permission.
http://www.irvingisd.net/~cshafer/copy_right_law.htm
“A copy of a computer program is also being made when loaded into the memory of a computer.”
Coral Snake and TopSpeed may be the same person…one thing is for certain, they certainly appreciate each other very much!
However, ownership of any portion or portions of SOFTWARE PRODUCTS included in any such modification or derivative work remains with us.
What this clearly says is, IBM can have the patents we know they have. However, all SOFTWARE PRODUCTS (bold like in contract) belong to ATT, that is, SCO.
What this clearly says is, IBM can have the patents we know they have. However, all SOFTWARE PRODUCTS (bold like in contract) belong to ATT, that is, SCO.
Huh, nowhere does it talk of patents here, but of ownership (i.e. copyrights). What it says is that derivative work (i.e. IBM’s own code, built to work with AT&T’s Unix) belongs to IBM. However, if that new code written by IBM contains any of AT&T’S software products (i.e. AT&T’s code), then those portion of code belonging to AT&T continue belonging to AT&T.
In other words, if derivative work by IBM contains AT&T code, that code remains the property of AT&T. The rest of that derivative work belongs to IBM. If there is not original AT&T code in the derivative work, then it all belongs to IBM.
They all belong to SCO, if they are derivative. Besides, there is more identical Unix code in Linux than just what IBM put there. But that is not what this thread is about, this thread is about who attacked M$ and why. Not that you would have any accurate info about that, either, despite you proclaimed expertise in DOS type attacks.
The paragraph is quite clear. Derivative work belong to IBM. It says so in black and white, and all your misrepresentations won’t change that fact. All of this is irrelevant to Linux, however, since SCO has since released the kernel under the GPL, so the point is moot.
And as of the DDoS attacks, if I knew who did it, I’d tell the authorities, not you. My guess is that it’s some script kiddie, who did it for the same reasons all vandals do: as a gesture of defiance towards authority. Pretty stupid, if you ask me.
But that’s not the real issue: the real issue is MS’s dismal security record.
…which you two (one?) seem to be desperate to peg on Linux users.
However, since you both plainly know very little about network security, I really wonder how you can shed any light on this subject at all!!
I have just re read this entire thread and noticed that it stayed pretty well on topic (The Microsoft DDoS attack and by extention DDoS attacks in general) until the great whatever (aka Archie steel) came on to to turn it into the usual political off topic mess…
He’s a slashdot poster boy all right. Anyhow I will be checking out now Snake, hope you have a great remainder of the weekend. Peace to all.
TS OUT.
Wow, where is ELQ, she gotta see this.
Why is it that top speed always has to bring in this
Archie whatever stuff into every news article, like we
cared who he was or wasn’t?
Don’t have much to add to the actual topic, other people
have pretty much covered it all already, too bad we have
to see about 40 extra post here tho.
Please moderate it down. As far as TopSpeed is concerned, he seems to obsess about the fact that I may be an IBM employee (which I’m not). I’m just here to counter his trolling…though I must admit it’s a losing battle, as he’ll never ever admit that he’s wrong, even when proof is offered.
So, I guess that’s enough being off-topic. Back to compiling kernel 2.6…
top speed wrote:
“So far, Solaris and Linux systems have been used as agents in
DDoS attacks.”
http://www.networkmagazine.com/article/NMG20000512S0041
That article may be a little dated, but there are plenty of
others that acknowledge this
Um, if you think 3 years is little dated, you are definetly
in the wrong field, maybe you should try archeology?
Anyway, I think it’s pretty clear to all that all you try to
do here is discredit Linux, but having links that are 3
years old is pretty pathetic.
Well, ok, we all know 3 years in not much innovation on
Windows, but on Linux it’s a bit different.
Am I understanding this right?
RedHat is liable for distribute copyrighted software.
SuSe is liable for distribute copyrighted software.
Conectiva is liable for distribute copyright software.
At least 1500 other enterprises too.
None of these can alegue: “Oh, we did not know there was stolen code in the kernel”
WHY THE HELL SCO CAN ALEGUE THIS IN HIS OWN FAVOR?
Are not all equal in the law?
The point is, if RedHat (or the other “guys”) are wrong, so is SCO, and if SCO is wrong, then he can not alegue, “Redistribute the kernel in the GPL do not allow “our” code to be GPL too”
Sorry my very bad english.
please remember that this message board is for discussing the DDoS attacks against M$, not the IBM-SCO battle.
You really make no sense to me at all, you seem to drone on and on about the same thing even when you have been PROVEN wrong. Like a confused child…
Great Cthulhu has stayed thoughout this battle on the side of logic and reason, Nice job man
What ever happened to moderating down/hiding off topic posts? This is the 2nd or 3rd story thats degraded down to a 100 post flamewar between trolls and the fools how feed them. Sifting through pages of this for a few on topic posts is ridiculous.
please stop talking about archie shill. This was off topic when you started and it is now just annoying. Can you please limit yourself to comments about the topic?
This entire thread should be locked.
http://news.netcraft.com/archives/2003/08/index.html
Also, on that same page, a little tidbit specially for our friends the wintrolls…
“Following on from last month, Microsoft continued to lose sites as Network Solutions migrated the rest of their domain parking system back to Solaris from a Windows based system hosted at Interland. This is primarily responsible for Microsoft’s 2.2% fall, with a net loss of 810,597 sites.”
I LOVE it. Someone has finally CRAFTed a post that is on topic.
interesting, it is now called a worm using a recent exploit, so how many holes has there got to be in the barge before the people understand there’s no way to fix all the holes…
…is that a varied ecOSystem is always healthier. Despite the wintrolls on the site, whose anti-Linux agenda sees no place for a GPLed OS, I think most folks would be happy with a computing environment where proprietary and open source code can coexist.
Let natural selection play its course!
P.S. For the HPL fans, obligatory Cthulhu smiley: 8E
I was hoping there would be some insight into the attacks in this thread. Instead there is top speed who is bitter that he doesn’t know how to use *NIX and so he brings up the fact that people write hacking tools on *NIX. Then Great Cthulhu comes around and tells him how wrong he is and uses weak analogies to try and prove him wrong. The truth is that hackers have 2 boxes. They have a Linux machine to write their offensive code, and a windows machine to test it on. The hacker then launches the attack on microsoft by bouncing the attack off of the dumb microsoft users (aka people like top speed). Why do hackers use linux? Because hackers know a lot about computers, and people that know a lot about computers use Linux. Now that I have said that . . . I will no longer check this thread to see what kind of tripe either top speed or Great Cthulhu post. You two are both trolls. So does that make me a troll also for pointing this out about you two. Probably, but I don’t care.
…I know of at least one ex-hacker who has never used Unix. He’s of a younger generation (less than 25 years old) who grew up with Windows and nothing but Windows. So hackers do not necessarily use Linux to program their exploits…in fact, it’s pretty safe to say that black hat hackers use a great variety of OSes (Linux, BSDs, Windows, OS/2, whatever) for programming, through the great majority probably use *nix (because it is a superior OS for programming – now that is a troll! 🙂
And, yes, I was trolling with the SCO bit. I readily admitted that. So the whole SCO sub-thread does indeed warrant your comment – but as far as I’m concerned, I wasn’t trolling when on-topic. (Counter-trolling, at worst.)