|
|
| Now They Say They Are Down -- Since Saturday Night |
 |
|
Sunday, February 01 2004 @ 03:39 PM EST
|
It's certainly hard to keep up with the changing SCO story. Groklaw reader Dana Sibera says she thinks the explanation is that SCO is being run by Eliza bots, and they can't get the story straight as they try to communicate, bot to bot, and put out conflicting press releases.
Now they say that actually some attack began Saturday evening and they are knocked to their knees. Off the internet totally. But they have some strategies to cope and by Monday they will tell us what they are.
How about implementing them now? Then you don't have to tell us anything. It seems now would be the operative moment. Someone tell Hal to behave. Or Eliza. Or whoever is running that spaceship.
Meanwhile, Microsoft, targeted for Tuesday, and being a professional software company, has already said they expect to be able to handle whatever comes their way. It seems the B version of MyDoom has some bugs so it isn't spreading well anyway. Ah, irony. Here's SCO's press release about their inability to cope:
SCO Experiences Massive Denial of Service Attack
Mydoom Virus Blamed For Exponential Internet Traffic to www.sco.com
LINDON, Utah, Feb. 1 /PRNewswire-FirstCall/ -- The SCO Group, Inc.
(Nasdaq: SCOX), the owner of the UNIX(R) operating system and a leading
provider of UNIX-based solutions, has confirmed that a large scale, Denial of
Service attack has started that has made the company's Web site, www.sco.com,
completely unavailable. Internet traffic began building momentum on Saturday
evening and by midnight Eastern Time the SCO Web site was flooded with
requests beyond its capacity. The company expects these attacks to continue
through Feb. 12.
"This large scale attack, caused by the Mydoom computer virus that is
estimated to have infected hundreds of thousands of computers around the
world, is now overwhelming the Internet with requests to www.sco.com," said
Jeff Carlon, worldwide director of Information Technology infrastructure, The
SCO Group. "While we expect this attack to continue throughout the next few
weeks, we have a series of contingency plans to deal with this problem and we
will begin communicating those plans on Monday morning."
About The SCO Group
The SCO Group (Nasdaq: SCOX) helps millions of customers in more than
82 countries to grow their businesses with UNIX business solutions.
Headquartered in Lindon, Utah, SCO has a worldwide network of more than
11,000 resellers and 4,000 developers. SCO Global Services provides reliable
localized support and services to all partners and customers. For more
information on SCO products and services visit http://www.sco.com.
SCO and the associated SCO logo are trademarks or registered trademarks of
The SCO Group, Inc., in the U.S. and other countries. UNIX is a registered
trademark of The Open Group in the United States and other countries. All
other brand or product names are or may be trademarks of, and are used to
identify products or services of, their respective owners.
Netcraft begs to differ: SCO have done the public spirited thing and taken www.sco.com out of the DNS. This means that there will be no more http traffic travelling across the internet from the infected machines to www.sco.com. . . .
Generally, conditions on the Internet seem very acceptable at the moment, with few hosting company sites experiencing failed requests . This contrasts markedly with forecasts from Anti-virus companies and this morning's press release from SCO which reported the Internet as being overwhelmed. So, who is telling the truth, do you suppose? Both stories can't be true, since they are mutually exclusive. So what will the media report? The exciting sounding one from SCO? Or the more normal one from the folks whose job is to monitor the state of the internet? Let's wait and see.According to this Globe and Mail story from Canada, Stowell is still saying SCO believes the Linux community is responsible, which is no doubt why they are putting out press releases about their failure to cope, but notice what he let slip: SCO does not expect the website interruption to affect its business.
"The way we really look at this, people don't come to our website to conduct commerce," Mr. Stowell said. "They come to obtain information and maybe receive a product update or software patch." That doesn't match what they said in their SEC filing, does it?
IBM and the SuperBowl
If you are watching the SuperBowl this evening, you'll see an IBM ad. Guess what it will be about? Yup. Linux. Here's the news about the spot, called "Linux is Shaking Things Up". My favorite detail, aside from the fact that IBM is dedicating their spot to Linux in the first place, is how they got involved with the NFL: In a bold statement by
the company that the Linux operating system is here to stay, the ad
will instead feature Muhammad Ali with the blond-haired boy from IBM?s
ongoing Linux campaign, which promotes the open-source movement. . . .
Though the ad and other Linux spots that ran during the playoffs are perhaps IBM’s most visible football tie-in, the National Football League signed a three-year agreement last year that made IBM the NFL’s official information technology partner. This agreement is centered on providing the NFL with a digital media solution that will transform 80 years of film and assets into a digital format that can be accessed on demand by fans, coaches, League members, broadcasters and business partners. By exploiting the power of technology, the NFL will be able to distribute its assets faster and more efficiently, keeping costs down and gaining the most return on its investment.
As part of the agreement, IBM received the rights to use NFL and Super Bowl marks and imagery in its advertising and marketing. The agreement is to help the NFL create a technology system to support next-generation digital media and other critical new business ventures. IBM has made a commitment to Linux, and it shows. You can the ad here, in case you aren't a football fan. They even provide an HTML version for those of us allergic to things like Real Player. Eureeka. You think maybe that's why SCO is waiting for Monday? They're want to watch the SuperBowl? They won't like the ads, methinks. Speaking of IBM, notice this story? They think of everything. Looks like they've got the Harvard angle covered. Take a look at this exciting project: Harvard University and IBM are developing a universitywide computing grid for student and faculty research, data sharing and collaboration in life sciences, engineering and applied sciences, they announced today.
The "Crimson Grid" will be based on Open Grid Services Architecture and is expected to eventually be available to other universities in the region, said Robert Eades, worldwide executive for academics, government and health in IBM's life sciences division. The grid also will be part of a Massachusetts biotechnology grid.
"I am just excited beyond words," said Jayanta Sircar, CIO and IT director at Harvard's Division of Engineering and Applied Sciences. His division is where the grid will start, and then it will be expanded to the rest of the university and beyond. The grid is a milestone in Sircar's IT career and has the potential to be a transformative step in how science and engineering tools and technologies are developed because of Harvard's reach and importance in those fields, he said.
Harvard and IBM will develop and pretest tools and protocols for the grid. Harvard is receiving an IBM Shared University Research award as part of the initiative and will get eServer systems for a blade center that will power the grid. Harvard's Division of Engineering and Applied Sciences IT group, along with IBM computer scientists, will implement and build the Grid Reference System Implementation, which is the grid's core development environment. The Faculty of Arts and Sciences and Harvard University Information Systems will provide the network backbone service. . . .
"Why rely on Bill Gates to give you technology and say, 'This is what is good for you to use'?" he said. Instead, scientists and researchers will increasingly insist on letting vendors know what commercial products they want and need. As things are now, many scientists and researchers develop their own proprietary software and tools because they don't like what is available commercially or what they need doesn't exist. But that likely will change with more integrated, collaborative efforts, such as the grid computing concept, Sircar said. IBM is way cool. And Linux is here to stay. InfoWorld did some performance tests on the new kernel, and they say it sizzles: "If commercial Unix vendors weren’t already worried about Linux, they should be now."
|
|
|
|
| Authored by: Waterman on Sunday, February 01 2004 @ 04:05 PM EST |
| CNN has picked it up too. What hogwash. [ Reply to This | # ]
|
| |
| Authored by: Nick_UK on Sunday, February 01 2004 @ 04:06 PM EST |
According to a poster I saw somewhere, SCO have effectively removed their domain
from the Internet - so it isn't the worm:
Authoritive nameservers for SCO.com:
NS.CALDERASYSTEMS.COM = 216.250.130.1
NS2.CALDERASYSTEMS.COM = 216.250.130.5
C7NS1.CENTER7.COM = 216.250.142.20
NSCA.SCO.COM = 132.147.210.253
host -t A www.sco.com NS.CALDERASYSTEMS.COM
Using domain server:
Name: 216.250.130.1
Address: 216.250.130.1#53
Aliases:
Host www.sco.com not found: 3(NXDOMAIN)
========================================================================
bucksy:~ # host -t A www.sco.com NS2.CALDERASYSTEMS.COM
Using domain server:
Name: NS2.CALDERASYSTEMS.COM
Address: 216.250.130.5#53
Aliases:
Host www.sco.com not found: 3(NXDOMAIN)
========================================================================
bucksy:~ # host -t A www.sco.com C7NS1.CENTER7.COM
Using domain server:
Name: C7NS1.CENTER7.COM
Address: 216.250.142.20#53
Aliases:
Host www.sco.com not found: 3(NXDOMAIN)
========================================================================
bucksy:~ # host -t A www.sco.com NSCA.SCO.COM
Using domain server:
Name: NSCA.SCO.COM
Address: 132.147.210.253#53
Aliases:
Host www.sco.com not found: 3(NXDOMAIN)
These are _not_ my tests - just copied.
Nick[ Reply to This | # ]
|
- SCO have removed the DNS record for www.sco.com - Authored by: smtnet1 on Sunday, February 01 2004 @ 04:21 PM EST
- Huh...interesting... - Authored by: darthaggie on Sunday, February 01 2004 @ 04:52 PM EST
- Now They Say They Are Down -- Since Saturday Night - Authored by: thiegroe on Sunday, February 01 2004 @ 05:39 PM EST
- Looking too deeply into it - Authored by: Anonymous on Sunday, February 01 2004 @ 05:45 PM EST
- DNS entries - Authored by: Anonymous on Sunday, February 01 2004 @ 05:56 PM EST
- DNS entries - Authored by: Anonymous on Monday, February 02 2004 @ 01:41 AM EST
- Now They Say They Are Down -- Since Saturday Night - Authored by: Anonymous on Sunday, February 01 2004 @ 07:10 PM EST
- Now They Say They Are Down -- Since Saturday Night - Authored by: Anonymous on Sunday, February 01 2004 @ 07:45 PM EST
- Now They Say They Are Down -- Since Saturday Night - Authored by: Anonymous on Sunday, February 01 2004 @ 08:27 PM EST
- Now They Say They Are Down -- Since Saturday Night - Authored by: John on Sunday, February 01 2004 @ 10:35 PM EST
- upwith www.thescogroup.com - Authored by: Anonymous on Monday, February 02 2004 @ 06:35 AM EST
| |
| Authored by: whitehat on Sunday, February 01 2004 @ 04:09 PM EST |
The SCO Group, Inc. (Nasdaq: SCOX), the owner
of the UNIX(R)
operating system
SCOG does not own the rights to the Unix
name. Unix(R) is a
registered trademark of The Open Group, who also owns the
"Unix
Specification". I am not aware of any disputes of these ownerships,
other than the phony tagline from SCOG.
Novell assigned
the trademark
and the Unix specification to The Open group (then
known as X/Open) before any
deal with old SCO. [ Reply to This | # ]
|
| |
| Authored by: jmccorm on Sunday, February 01 2004 @ 04:11 PM EST |
Since www.sco.com doesn't exist, where is this flood of traffic that is swamping
the Internet, much less taking down their own site? Oh... "overwhelming the
Internet with *REQUESTS* to www.sco.com"... DNS requests... not HTTP (web)
requests. Allegedly, the Internet itself is being overwhelmed by these requests
for a DNS entry that isn't there.
And it wasn't SCO's pulling the plug that made their website unavailable. It was
the worm.
They really are horrible liars.[ Reply to This | # ]
|
| |
| Authored by: Anonymous on Sunday, February 01 2004 @ 04:13 PM EST |
Now they own the UNIX(R) operating system? They already
start the press release off with an untruth. Were it to
say, we are the owner of an UNIX(R) operating system, that
would be a little better.
And what does leading provider mean? How is that
determined? Target is the leading provider of socks. For
me. [ Reply to This | # ]
|
| |
| Authored by: radix2 on Sunday, February 01 2004 @ 04:21 PM EST |
Netcraft coverage:
http://news.netcraft.com/archives/2004/02/01/sco_drop_wwwscocom_from_th
e_dns.html
SCO took themselves out of the DNS system to eliminate undue
traffic. This was actually a public spirited thing...[ Reply to This | # ]
|
| |
| Authored by: El_Heffe on Sunday, February 01 2004 @ 04:36 PM EST |
I don't get it. There's nothing on there but a bunch of corporate marketing
double-speak about how wonderful they are.
How does DOSing their website hurt them? It's not like Ebay or some other site
where they actually sell stuff.
[ Reply to This | # ]
|
| |
| Authored by: richardpitt on Sunday, February 01 2004 @ 04:38 PM EST |
As of 13:35 PST - I can't "find" the www.sco.com site. It appears
they've removed the Domain record for it from their DNS server. I can find the
bare domain "sco.com" as well as the "ftp.sco.com" site, but
not the web site.[ Reply to This | # ]
|
| |
| Authored by: jobsagoodun on Sunday, February 01 2004 @ 04:38 PM EST |
why they don't host their content on it is a mystery to me! Its old stuff from
the caldera/sco/tarantella days...
Perhaps they've forgotten about it?[ Reply to This | # ]
|
| |
| Authored by: Kaemaril on Sunday, February 01 2004 @ 04:41 PM EST |
A BBC News Story, Mydoom cripples US
firm's website reports upon this. I saw this before checking Groklaw, so I
didn't have the full story...
But I did send them this via their
feedback section on reporting factual errors.
With regards to the
news story 'Mydoom cripples US firm's website', I should like to bring your
attention to the statement 'The company - which owns the Unix operating
system'.
As the BBC knows, or should know, there is currently a
dispute over who precisely 'owns' Unix. SCO do not own the Unix trademark, and
are currently in dispute with Novell over a number of copyrights pertaining to
Unix.
The bald-faced statement that SCO 'owns' Unix I would
therefore regard as a factual error. Please either correct it or expand upon the
statement.
Further, SCO are NOT in a legal dispute with the
'open-source community'. How can one be in a legal dispute with a world-wide
community of hundreds of thousands of people? Currently SCO is involved in
disputes with Novell, Redhat and IBM. The current shenanigans with SCO would
make for a fascinating story in its own right. If the BBC news team are unaware
of it, I would suggest an excellent starting point for research regarding SCO
would be www.groklaw.net, which can expound upon the facts of the matter far
more accurately and eloquently than I can in a short e-mail.
Thank
you.
My first complaining letter to the BBC. Hope it didn't let the
side down too much (fingers crossed)... [ Reply to This | # ]
|
- Now They Say They Are Down -- Since Saturday Night - Authored by: PJ on Sunday, February 01 2004 @ 04:50 PM EST
- The more people tell them about Groklaw, the better! - Authored by: cybervegan on Sunday, February 01 2004 @ 05:05 PM EST
- Now They Say They Are Down -- Since Saturday Night - Authored by: Anonymous on Monday, February 02 2004 @ 03:51 AM EST
- BBC story changed! - Authored by: Anonymous on Monday, February 02 2004 @ 09:18 AM EST
- Now They Say They Are Down -- Since Saturday Night - Authored by: Anonymous on Monday, February 02 2004 @ 11:36 AM EST
- Now They Say They Are Down -- Since Saturday Night - Authored by: Anonymous on Monday, February 02 2004 @ 11:37 AM EST
- Now They Say They Are Down -- Since Saturday Night - Authored by: cricketjeff on Monday, February 02 2004 @ 01:26 PM EST
- Now They Say They Are Down -- Since Saturday Night - Authored by: Anonymous on Monday, February 02 2004 @ 04:20 PM EST
- Now They Say They Are Down -- Since Saturday Night - Authored by: Anonymous on Monday, February 02 2004 @ 04:32 PM EST
| |
| Authored by: geoff lane on Sunday, February 01 2004 @ 04:54 PM EST |
| Lets do some simple math. There are reports that up to 500K PCs are infected
and each has a 25% chance of performing a DDOS on SCO. Each PC runs 64 threads
each performing a GET.
That's potentially 64*500,000/4 = 8 million hits. But
the PCs are not sync'ed and each GET may take 10 seconds to time out.
So the
approx. hit rate is 800K/sec (please remember this is back-of-envelope
stuff.)
Few web servers can cope with 800K GETs per second (there are some
though, based on wide area distributed load sharing.)
But this assumes that
the MyDoom is as widespead as claimed. I've seen very little evidence of it on
the systems I look after. It also assumes that every PC is on broadband or
better networks -- most PCs will be on slower network connections which will
slow down the attack rates.
So it's quite possible that the actual hit rate
will be 10 or 100 times less. That is still a very high hit rate, but is a lot
more survivable, especially if you present a very simple, text only page. You
could even wheel a few PCs in and set up round-robin DNS load sharing and may be
even keep some kind of service running. If not, then at least you
tried.
Or you could just hide in the basement while screaming against the
injustice of the storm.
(It is possible that the up stream ISP may have
pulled the plug on SCO, in which case I apologise. But Centre7 isn't a
man&dog operation and should be able to look after itself.)
[ Reply to This | # ]
|
| |
| Authored by: Anonymous on Sunday, February 01 2004 @ 05:08 PM EST |
If a SCO server falls in the forest, and no one is paying attention, does Darl
make a sound?[ Reply to This | # ]
|
| |
| Authored by: Anonymous on Sunday, February 01 2004 @ 05:11 PM EST |
First of all, taking the SCO web site off the DNS was undoubtedly the best
action as far as the the internet in general is concerned. It pretty much
ensures there won't be a pile of packets heading towards that server, provided
it was done with enough time to propagate change through the DNS. That doesn't
in any way excuse the truth-stretching that SCO has been using effectively in
their press releases, but it was the right thing to do.
Given the global nature of the internet, it's likely that the attack would have
started on Saturday afternoon/evening in Utah, which is 19 hours behind the
International Date Line. This when the first countries on the eastern side of
the IDL (New Zealand, Australia, etc.) would be entering February 1st. and
infected systems in those countries would start the attack phase of the virus.
My annoyance is at the person or group who actually targetted this attack at
SCO. Whoever they are, whether intended or not, they have managed to very
effectively shoot Linux support groups in their virtual foot and given major
publicity to SCO. The management team at SCO must be very happy with the
results so far (lots of free publicity, CEO on CNN, etc.)
[ Reply to This | # ]
|
| |
| Authored by: rand on Sunday, February 01 2004 @ 05:12 PM EST |
| SCOG says they were hit Saturday, Jan 31, the same day that, co-incidently, Netcraft says they
switched over to BSD. There was earlier speculation that they might do
that, since they wouldn't want to be seen as relying on Linux to avoid a DDOS,
and everybody seems to think SCOG's own OS are not up to the task.
Since
their present troubles began around the 28th, when they dropped Linux for
something Unknown, I suggest that they're trying to re-host their site...and
botching it up miserably. ---
The Wright brothers were not the first to fly
an aircraft...they were the first to LAND an aircraft. (IANAL and whatever) [ Reply to This | # ]
|
| |
| Authored by: Anonymous on Sunday, February 01 2004 @ 05:17 PM EST |
>So what will the media report? The exciting sounding one
>from SCO?
Or the more normal one from the folks whose job
>is to monitor the state
of the internet? Let's wait and
>see.
Thanks to Netcraft's own
Mike Prettejohn ("mhp"), at least LinuxWorld falls into the
latter category. [ Reply to This | # ]
|
| |
| Authored by: Anonymous on Sunday, February 01 2004 @ 05:28 PM EST |
The newsite of Der Spiegel one of the bigest
german political
news magazins
report about mydoom and SCO.
Horrible! While usually good informed in politics,
this is pure crab.
They state: "Because the virus has SCO on it's
target some
computer experts think the programmer of mydoom comes from the linux
community. Since SCO sues in several cases against the use of the operating
system Linux, because its existence violate the ownership of their company of
the Linux-predecessor Unix."
(I did my best to translate but don't
claim perfect accuracy!)
As far as I know the subject, this paragraph is in
all aspects just wrong. I would be glad if a german speeker, can give them a
polite response and give them the background to report
correctly about what's going on.
To my knowledge:
mydoom is not a
virus
SCO hasn't sued anybody till know because of the usage of linux
Unix is not the predecessor of Linux
I don't know any computer expert who
claims mydoom is
from somebody of the linux community
Unix(tm) is not
owned by SCO
Unbelivable how much one get wrong in two sentences.
[ Reply to This | # ]
|
| |
| Authored by: Gruntmaster6000 on Sunday, February 01 2004 @ 05:40 PM EST |
From Excite
(AP)
news:
SCO does not expect the Web site interruption to affect its
business.
"The way we really look at this, people don't come to our Web
site to conduct
commerce," Stowell said. "They come to obtain information and
maybe receive
a product update or software patch."
My head is spinning,
didn't SCOG claim that DoS attacks posed a risk to
their
business?
[ Reply to This | # ]
|
| |
| Authored by: IMANAL on Sunday, February 01 2004 @ 05:41 PM EST |
Could this be "going down in flames", for real? It all has a very nice
Ragnarok touch to it too. Apocalypse Two, anyone? :)
Seriously, this may be all smoke and mirrors. The villain may be still alive,
for now buried but briefly under those ruins of a once flourishing culture.
I'm not a brat. I'm not! I'm not! I'm not! I'm not! I'm NOT!
No, I would not be surprised if this attack WAS rigged.[ Reply to This | # ]
|
| |
| Authored by: Anonymous on Sunday, February 01 2004 @ 05:42 PM EST |
By Tuesday we'll have a comparison how Microsoft handles the attack vs. SCO.
I'm sure Microsoft won't issue a press release saying "we're down."
Why isn't SCO more professional? And why doesn't SCO, ask for help if they're
so inept at dealing with such issues? It's almost as if they want to be down,
so they can say "See!"
Oh the drama of it all.
[ Reply to This | # ]
|
| |
| Authored by: Anonymous on Sunday, February 01 2004 @ 06:28 PM EST |
A number of betting sites have been the victim of a protection racket. Pay
US$15,000 now for 12 months protection, or we will bring your site down with a
DOS. At this point, you can pay US$25,000 for 6 months protection.
This protection racket was targeted against betting sites that covered the US
Superbowl (Huuuge revenues).
Could MyDoom be a vehicle for protection racketeering ?
In this case, SCO and M$ DOS could be a test to see what protection the DOS
would be.[ Reply to This | # ]
|
| |
| Authored by: Anonymous on Sunday, February 01 2004 @ 06:28 PM EST |
| http://www.arstechnica.com/wankerdesk/03q2/nigerian-sco.html [ Reply to This | # ]
|
| |
| Authored by: Anonymous on Sunday, February 01 2004 @ 06:35 PM EST |
It seems the virus writers were very competent in their work, it seems there
were three parts to their plan:
1) Their social engineering sucessfully tricked a large
number of people into installing the virus.
2) With the infected machines they were able to:
a) create a large army of spam drones,
b) log keystrokes and collect passwords and credit card
numbers,
c) leave a back door open to allow them to control the
machines in the future for whatever reason.
3) By including a minor attack on a company known for
frequent and alarmist press releases, they were able
to get the media to virtually ignore item 2.
[ Reply to This | # ]
|
| |
| Authored by: phrostie on Sunday, February 01 2004 @ 07:11 PM EST |
first things first
i take bak some of the things i said about harvard
second.
my kids got a kick out of the IBM/Linux commercial.
"hey Dad!, it's Linux on TV!"
---
=====
phrostie
Oh I have slipped the surly bonds of DOS
and danced the skies on Linux silvered wings.
http://www.freelists.org/webpage/cad-linux[ Reply to This | # ]
|
| |
| Authored by: Anonymous on Sunday, February 01 2004 @ 07:13 PM EST |
Solaris, AIX, or HP/UX typically get the nod when an application demands
the highest levels of performance and scalability.
Note that the product
from the company that "owns" Unix didn't make the list. ;) [ Reply to This | # ]
|
| |
| Authored by: dtfinch on Sunday, February 01 2004 @ 07:18 PM EST |
Because www.sco.com should have already expired from everyone's dns records
yesterday, they shouldn't be getting worm traffic anymore, not much at least.
The server would be up and running now if they so wished. And sco.com without
the www still resolves to their server's ip address. But the site http://sco.com
is down.
This makes me think that they blocked the attack to reduce their bandwidth
usage, but took their site down anyway so that they could blame it on the Linux
community.
> www.sco.com
Server: ns.calderasystems.com
Address: 216.250.130.1
*** ns.calderasystems.com can't find www.sco.com: Non-existent domain
> sco.com
Server: ns.calderasystems.com
Address: 216.250.130.1
Non-authoritative answer:
Name: sco.com
Address: 216.250.128.12
[ Reply to This | # ]
|
| |
| Authored by: Anonymous on Sunday, February 01 2004 @ 07:41 PM EST |
Once you start lying it is hard to stop.
Sure, Ralphy wishes it didn't apply to him - but it does.
[ Reply to This | # ]
|
| |
| Authored by: Stumbles on Sunday, February 01 2004 @ 07:44 PM EST |
| I like this site a lot and has been one of the few reliable and most
importantly accurate sites I have ever seen. The coverage of SCO
and
McBride's despicable behavior has been beyond outstanding.
The recent
talk and speculation of what, how and why SCO may or
may not have done
whatever with DNS records or pulling the plug,
while interesting, seems, well
speculative. I'm sure after normalicy
has returned a clearer picture will
emerge. I don't know what I mean
by all that, yet there it is.
Anyway
what I'm trying to lead towards in a fumbling fashion is this....
since I
don't know how to send this directly to PJ. Groklaw doesn't
back down from
the truth, whatever it may be. I'd like to see the
same tenacity directed
towards the RIAA. If there is any other group
that is as despicable as SCO it
has to be them. [ Reply to This | # ]
|
| |
| Authored by: Anonymous on Sunday, February 01 2004 @ 07:47 PM EST |
Actually, it's not Eliza bots. They've secretly hired Muhammed Saeed al-Sahaf
(the Iraqi Information Minister) to consult on their PR compaign. The confusing
PR blitz you're seeing is the result of his invisible hand.[ Reply to This | # ]
|
| |
| Authored by: pooky on Sunday, February 01 2004 @ 08:20 PM EST |
Well, if they are "off the net completely", they have a funny
definition of that.
nslookup on sco.com shows the following:
Non-authoritative answer:
sco.com MX preference = 10, mail exchanger = mail.ut.caldera.com
sco.com nameserver = ns2.calderasystems.com
sco.com nameserver = nsca.sco.com
sco.com nameserver = c7ns1.center7.com
sco.com nameserver = ns.calderasystems.com
nsca.sco.com internet address = 132.147.210.253
telnet mail.ut.caldera.com 25
220 mail.ut.caldera.com ESMTP
250 mail.ut.caldera.com
Mail server responds just fine, so I assume that is not down.
There are serveral hosts on-line, most notably ncas.sco.com which is displaying
web pages. As far as anyone can tell, www.sco.com was simply taken out of DNS.
Certainly not the work of a DDOS attack, but might be a response to one.
However, it's ludicrous to say that SCO is totally down.
-pooky
---
Veni, vidi, velcro.
"I came, I saw, I stuck around."
[ Reply to This | # ]
|
| |
| Authored by: Jude on Sunday, February 01 2004 @ 08:25 PM EST |
SCO should really get out of their current business and become a football team.
Look at how they've performed during this virus outbreak:
They had a first down days before the game even started.
[ Reply to This | # ]
|
| |
| Authored by: Anonymous on Sunday, February 01 2004 @ 08:40 PM EST |
SCO's plan to deal with the virus:
1) Get everybody in the world to switch to Linux, thus halting the spread of the
worm.
2) Charge everybody in the world $1399 for using Linux.
3) Profit !!!
[ Reply to This | # ]
|
| |
| Authored by: Anonymous on Sunday, February 01 2004 @ 09:18 PM EST |
Well, they didn't really predict 'iminent death of internet', but they sure
do sound hysterical...
KSL TV "NEWS" shouts:
"THIS IS LIKE A CATEGORY FIVE STORM THAT IS HITTING OUR WEBSITE,
SPECIFICALLY TARGETING OUR COMPANY.":
On Super Bowl Sunday...a Utah-based
software company is trying to play defense against a worldwide blitz from
cyberspace.
The company is a primary target of the Mydoom
virus.
Early today...as promised...Mydoom knocked the company's website
out of service...and crippled computers around the world.
Jed Boal joins
us live...Jed, how damaging is this virus?
MYDOOM was described today as
the fastest spreading e-mail worm in history...
It's crashed hundreds of
thousands of computers...already cost an estimated 26 BILLION
dollars...
AND sidelined a software company in
Lindon.
[...]
(For those who might be unaware:
"Imminent death of the Net" has been repeatedly predicted by some of the most
famous net.kooks in net.history. So laugh already... :-)
[ Reply to This | # ]
|
| |
| Authored by: grouch on Sunday, February 01 2004 @ 09:21 PM EST |
MathFox or PJ:
Could you please remove this post and the one near the top that has useless,
long lines with no spaces? Browsers use whitespace to break lines. Horizontal
scrollbars are annoying.
Thanks in advance (regardless of your decision)!
[ Reply to This | # ]
|
| |
| Authored by: The Mad Hatter r on Sunday, February 01 2004 @ 09:21 PM EST |
Netcraft hasn't reported it yet, but www2.sco.com is now down, as is
ftp.sco.com. It looks like they've been removed from the DNS to me, but I'm not
an expert.
---
Wayne
telnet hatter.twgs.org
[ Reply to This | # ]
|
| |
| Authored by: The Mad Hatter r on Sunday, February 01 2004 @ 09:47 PM EST |
An email I sent to the office of the GM of KSL-TV:
In regards to Jed Boal's story on the Mydoom Worm, there were a couple of errors
in fact. Netcraft (www.netcraft.com) has reported that SCO removed one of their
sites from the DNS records. As of 6:00 Eastern Standard all of the others
remained up and accessable.
Later on that night all of their sites when down, including www.canopygroup.com
went down EVEN THOUGH THEY WEREN'T TARGETED BY THE WORM.
Why does SCO have problems with a Denial of Service attack, but Microsoft is
able to sail through with no problems? Why does Netcraft report one thing, and
SCO another?
For that matter why doesn't KSL TV report on the descrepencies? Inquiring minds
want to know.
---
Wayne
telnet hatter.twgs.org
[ Reply to This | # ]
|
- KSL TV - Authored by: Anonymous on Sunday, February 01 2004 @ 10:07 PM EST
- KSL TV - Authored by: The Mad Hatter r on Monday, February 02 2004 @ 12:13 AM EST
- KSL TV - Authored by: Anonymous on Monday, February 02 2004 @ 02:53 AM EST
- OT Query - Authored by: Tomas on Monday, February 02 2004 @ 03:12 AM EST
- OT Query - Authored by: Fruny on Tuesday, February 03 2004 @ 02:45 AM EST
- Picketing and threats - Authored by: Anonymous on Tuesday, February 03 2004 @ 12:36 AM EST
| |
| Authored by: johan on Sunday, February 01 2004 @ 10:20 PM EST |
| Before, www.darlmcbride.com used to be
a site by itself, but now it appears to be a forward to http://www.sco.com/darlmcbride/ and
is thus unreachable too.
If memory serves me right, on Jan 28'th it was not a
forward to www.sco.com, but a site on its own (or at least a virtual server on
www.sco.com pretending to be www.darlmcbride.com). I have no idea when this
changed, or even if the apparent change is just an artifact of www.sco.com being
down so that the virtual server for www.darlmcbride.com isn't responding
properly and thus "revealing" its true nature.
Netcraft has some info for
www.darlmcbride.com that shows recent changes to the OS, and even a change
in netblock owner on Jan 17'th.
And you thought it couldn't get any
weirder... [ Reply to This | # ]
|
| |
| Authored by: tredman on Sunday, February 01 2004 @ 11:23 PM EST |
I'm actually quite impressed by some of the coverage that MSNBC is giving to the
event. They barely mention SCO's name more than a few times in the article, and
completely acknowledge that a) SCO took their own site down, and b) that the
DDOS against SCO and Microsoft are more likely a diversionary tactic away from
the true purpose of the virus, all the while, not making the article sound like
a paragraph from Revelations.
As an aside, am I the only one that finds it amusing that if you go to
www.darlmcbride.com, it comes up blank? In my opinion, that's the first wise
response I've seen from him since this whole thing started.
I'm with an earlier poster. I think that, after IBM has put this thing to bed,
all of the people who have a copyright notice in the Linux kernel (even if it's
just the American ones) should file a class action lawsuit against the giblets
of SCO for defamation of character, slander of title, and possibly even good
old-fashioned libel. It's not like they don't have enough ammo to use in the
proceedings.
Tim[ Reply to This | # ]
|
| |
| Authored by: rand on Sunday, February 01 2004 @ 11:43 PM EST |
Well, I don't know about SCO, but I suddenly got 29 simultaneous emails from 29
different servers containing 29 different redirects through rd.yahoo.com
offering me 29 different spam products, and as far as I know, trying to hand me
29 more virii, and ALL offering to show me Janet Jackson's tits. Good thing I'm
not a breast man...
---
The Wright brothers were not the first to fly an aircraft...they were the first
to LAND an aircraft. (IANAL and whatever)[ Reply to This | # ]
|
| |
| Authored by: Anonymous on Sunday, February 01 2004 @ 11:58 PM EST |
SCO bets $250,000 on catching the person who sent out the virus. They are
featured in the New York Times, and probably make many other newspapers (I
assume this was in the Times print edition, though I read it online)
IBM puts down $2 million for a 30 second spot obout Linux in the Super Bowl.
Again. Practically the only copy is "Linux" and "IBM".
Expected number of people who will see the super bowl ad. 140 Million.
Circulation of the Sunday New York times. 1.7 Million.
Essay question:
Discuss both the short-term opportunity presented to each company, what each
actually risked, what the intended long-term reward is expected by each company,
and why they might believe in that reward.
Since this is a partisan crowd, don't stop at the simple answer. And I expect
to see actual math in your answer.
[ Reply to This | # ]
|
| |
| Authored by: Anonymous on Monday, February 02 2004 @ 01:18 AM EST |
| http://www.smh.com.au/articles/2004/02/02/1075570348783.html [ Reply to This | # ]
|
| |
| Authored by: Anthem on Monday, February 02 2004 @ 01:57 AM EST |
Ok, can somebody please explain this to me? I'm not the sharpest tack in the
box when it comes to law, and I think a lot of this went over my head.
http://www.linuxworld.com/story/43495.htm
What the heck is this about? He's a member of the FSF, but claims the GPL is
invalid and viral?
I'm lost.[ Reply to This | # ]
|
| |
| Authored by: Anonymous on Monday, February 02 2004 @ 03:52 AM EST |
Ran Windows since 3.1 and just tried Mandrake Move and Knopix, just to have a
look see at what has changed since I attempted a command line install 5 years
ago.
The current Linux platform is AWESOME!!! The desktop is equal or better than XP,
(IMO), and the real value is in the massive amount of great applications. Open
Office requires very subtle adaptation from my years with MS Office. Certainly
no re-training as I have read about.
Knocked my socks off. I'll be making bunches of copies of these Live CD distros
and passing them out like candy. Far better than XP in my opinion and the
massive amount of apps is stunning.
Before yaal flame me for posting this on your introspective SCO bashing law
site, I should remind you... I am on topic to PJ's post info. I hope yaal keep
the gloom and doom coming from SCO in perspective. [ Reply to This | # ]
|
| |
| Authored by: trox on Monday, February 02 2004 @ 04:49 AM EST |
IBM's awesome. What they are doing is not just being a part of the Linux's
future they are working at becoming a dominate force. No PR just action. And
Darl doesn't think you can make money as a Linux company. While SCO is working
on there next PR, IBM is out doing things you don't know about untill you hear
about it from someone else.
[ Reply to This | # ]
|
| |
| Authored by: JoSch on Monday, February 02 2004 @ 04:59 AM EST |
What really strikes me, is how the roles are reversed:
When I was beginning computing in the eighties, IBM was considered the bad guys
(like in "The Blue Giant and the Seven Dwarves") and MS was the
young, innovative company that kept IBM on their toes.
Now, IBM obviously turned around and became nice again.
Let's see how this develops.
[ Reply to This | # ]
|
| |
| Authored by: jaydee on Monday, February 02 2004 @ 04:59 AM EST |
| http://computerwire.info/cwdirectionsvw/8C5AECEDEDC1843980256DF20051424E [ Reply to This | # ]
|
| |
| Authored by: wllacer on Monday, February 02 2004 @ 05:39 AM EST |
I just picked a spanish speaking media outlet (unknow to me till today)
Story
Fast translating, the article claims that
FBI has seized SCO
premises and detained several employees, in regards to MyDoom
The
information has been filtered out by an unnamed IBM source
¿Any info in the
US about is? Is this a troll or is there any real ground behind ?
PS.
The
article cites as source a "Enciclop
edia virus" whose article names "several press agencies"[ Reply to This | # ]
|
| |
| Authored by: Greebo on Monday, February 02 2004 @ 06:04 AM EST |
| Hi,
Just came across this News
Story.
It seems the guy who first wrote to SCO in Aus didn't get a reply
*Gasp!* and has written again, confirming that he is going to take legal action
if they don't cough up evidence.
I think he will have a long
wait!
Cheers,
Greebo [ Reply to This | # ]
|
| |
| Authored by: Anonymous on Monday, February 02 2004 @ 06:18 AM EST |
What gets me is SCO is not even getting investigated for any of the
contradictory comments they have made.
*these are not in any order, just claim and counter evidence I've seen discussed
on Groklaw.
1) SCO claims MyDoom originated from linux community specifically to attack
SCO.
2) Security experts have reason to believe professional spammers are
responsable.
3) SCO state in SEC filing that MyDoom was effecting them.
4) SCO website fails to respond and SCO blaim MyDoom attack for it.
5) SCO now stating they have hardly seen anything and ISP's are blocking.
6) A quick check of SCO records shows www.sco.com removed from DNS.
7) SCO reveal evidence under NDA of unix code in linux
8) All code is prooved to not originate from unix
9) SCO send letters to fortune 1000 companies claiming illegal use of unix code
in linux
10) Groklaw showed the code was contributed by SCO
11) SCO claims JFS in linux originated from unix
12) IBM's JFS devel path shows JFS in os/2 1st, ported to linux, then added to
aix.
Surely trying to gain a business advantage by lieing about competetors has to be
against some laws, and most certaintly breaches business ethics.[ Reply to This | # ]
|
| |
| Authored by: Greebo on Monday, February 02 2004 @ 06:54 AM EST |
| Hi,
Just checked on the FT, and seen this for SCOX.
Nice to see the investors
catching on, although i'm sure some more FUD will pop up, to promote Operation
Pump and Dump.
Cheers,
Greebo [ Reply to This | # ]
|
| |
| Authored by: Anonymous on Monday, February 02 2004 @ 07:27 AM EST |
http://biz.yahoo.com/rc/040202/tech_worm_1.html
has this quote from Blake Stowell.
"Rather than try to continue to fight, we felt it was more advantageous to
bring the site down and make that bandwidth available for other users,"
said SCO spokesman Blake Stowell.
I suggest they just keep that as a company policy from here on out! Yeah,
that's the ticket.
By the way, Netcraft (www.netcraft.com) has some interesting reports about
MyDoom's non-effect on Internet traffic. One gets the distinct impression that
they are relying on facts at Netcraft, and that they aren't at The SCO Group.[ Reply to This | # ]
|
| |
| Authored by: Anonymous on Monday, February 02 2004 @ 07:32 AM EST |
Be wary of IBM. They're in it for the money, and nothing else, remember that.
IBM was the 'Microsoft' of the computing industry for about 30 years, and still
is in areas such as mainframes.
IBM has more patents than any other company. Many of them are software patents.
IBM is an ally of Linux, for the moment. IBM is an enemy of SCO, which is an
enemy of Linux.
But be wary. IBM can and will turn on the F/OSS movement the second their common
interests diverge.
[ Reply to This | # ]
|
| |
| Authored by: Anonymous on Monday, February 02 2004 @ 07:45 AM EST |
SCO will most likely try to claim massive damages from their
site being down. Maybe something like 20 billion? I agree with
another poster that mentions that their site is no more than advertisement for
Unix. It doesn't hold enormous amounts of information that others tend to want
to read. They are looking for anything to distract from what they are doing.
Borrowing more time to comb the code. Nothing will ever come out of this except
Linux bashing from SCO.
They are like corporate children. They are acting like 3 year olds and the world
is becoming more knowledgable about their ways.
Quite rediculous and makes me wonder who in the world Darl is going to work for
when this is all over?
Would you like fries with that?
[ Reply to This | # ]
|
| |
| Authored by: Anonymous on Monday, February 02 2004 @ 09:01 AM EST |
| Press release here They have
moved the site to http://www.thescogroup.com/
[ Reply to This | # ]
|
- Oh and... - Authored by: Anonymous on Monday, February 02 2004 @ 09:07 AM EST
| |
| Authored by: valdis on Monday, February 02 2004 @ 10:38 AM EST |
Now they say that actually some attack began Saturday evening and
they are knocked to their knees. Off the internet totally. But they have some
strategies to cope and by Monday they will tell us what they
are.
This sounds awfully familiar.... "by a Monday a week or so at
least"...[ Reply to This | # ]
|
| |
| Authored by: jmichel on Monday, February 02 2004 @ 01:25 PM EST |
Well here is a new twist. If you go to just the root 'sco.com'. The website is
there in all its half-truths glory. You will not be able to go to the www
though. A lot of their links are to the www and are still unavailable. I
really abhor this kind of coding, but too many people do it. None the less the
site is up and branded thescogroup.com.[ Reply to This | # ]
|
| |
| Authored by: rc on Monday, February 02 2004 @ 03:55 PM EST |
| I am sending a comment to my local newspaper (the arizona republic,
http://azcentral.com) because of their running of an article by Thiessen
'covering' the SCO 'takedown' this weekend. (A google search for 'Mark Thiessen
Associated Press' should turn up multiple locations where the article shows
up).
Here's my reply:
I write in reference to the article by Mark
Thiessen of the AP and the supposed SCO site takedown.
There are some
incorrect items in that article, and I would like to bring 2 of them to your
attention.
1 - "A computer virus that targeted a small Utah
software company performed as its perpetrators promised Sunday, bringing down
The SCO Group's Web site".
This is untrue, as you can see by
looking at netcraft,
(http://uptime.netcraft.com/perf/graph?site=www.sco.com),
the internet traffic
report (http://www.internettrafficreport.com), and from researchers who post at
groklaw (specifically, the article
http://www.groklaw.net/article.php?story=20040201153918322).
2 -
"SCO, which has been targeted at least twice this year with such attacks because
of its threats to sue users of the Linux operating system in an intellectual
property dispute."
This is unsubstantiated rumor, slanderous,
and all but demonstrably false. In fact, the worm (oh, by the way, its not a
virus, its a worm) is actually more likely a spammer tool or a thief's tool
since it installs (a) a key logger (to capture all your passwords and credit
card numbers and such, (b) an smtp server (i.e. a mail transport agent - or, put
more simply it installs software that allows someone 'out there' to use the
compromised machine to send email to anyone on the internet anonymously from
your machine), and (c) opens up ports to allow a remote attacker to control your
machine. Again, a search of groklaw.net will turn up much good info, including
references to other researchers, refuting the false theory that 'the linux mafia
are behind this worm'.
I am sorry to see the Arizona Republic publish such
an incorrect and not very well-researched article.
----------end of email
sent to azcentral -----
---
IANAL - surprise ;-)
[ Reply to This | # ]
|
|
|
|
|
