Re: [News] [Rival] Apple's Safari Blob Hacked First, Windows Site (Euro 2008) Hacked

[Mark Kent <mark.kent@xxxxxxxxxxx>]

Roy Schestowitz <newsgroups@xxxxxxxxxxxxxxx> espoused:
> Hacker Super Bowl pits Mac OS vs. Linux, Vista
> 
> ,----[ Quote ]
>| The catch? They have to use a brand-new 'zero day' attack that nobody has 
>| seen before. The prize? $20,000, plus you get to keep the laptop. 
> `----
> 
> http://www.linuxworld.com/news/2008/032708-hacker-super-bowl-pits-mac.html
> 
> Mac hacked in two minutes flat
> 
> ,----[ Quote ]
>| A $10,000 PRIZE and a free laptop encouraged security experts Charlie Miller, 
>| Jake Honoroff, and Mark Daniel to expose a brand new vulnerability in Apple's 
>| Safari web browser within two minutes according to a report from Softpedia.  
> `----
> 
> http://www.theinquirer.net/gb/inquirer/news/2008/03/28/mac-hacked-two-minutes-flat
> 
> Safari is a blob. Apple could give BSD a bad name...
> 
> And then came this:
> 
> Euro 2008 ticket site hacked
> 
> ,----[ Quote ]
>| But not all of Cluely's colleagues think that football fans are being 
>| victimised by the attackers. According to SophosLabs' Fraser Howard, "the 
>| Euro 2008 ticket site has most probably not been specifically targeted, but 
>| caught up in a larger, widespread attack."   
> `----
> 
> http://www.itwire.com/content/view/17363/1054/
> 
> Case insensitive. Seems to be running Windows, unless mod_speling [sic] is
> used.
> 
> http://euro2008.uefa.com/countries/cities/city=1226/news/newsid=669032.htMl#berne+turn+town+blue
> http://euro2008.uefa.com/countries/cities/city=1226/news/newsid=669032.html#berne+turn+town+blue
> 
> This is made clearer here:
> 
> http://toolbar.netcraft.com/site_report?url=http://www.uefa.com
> 
> Netblock Owner  IP address      OS      Web Server      Last changed
> Verio ES madrid facility        81.19.110.11    NetApp NetCache Microsoft-IIS/6.0
> 22-Feb-2008
> VERIO DE frankfurt facility     213.198.96.11   unknown Microsoft-IIS/6.0       20-Feb-2008
> Verio FR paris facility 81.93.176.11    unknown Microsoft-IIS/6.0       16-Feb-2008
> Verio ES madrid facility        81.19.110.11    NetApp NetCache Microsoft-IIS/6.0
> 15-Feb-2008
> Verio UK london facility        83.231.156.11   NetApp NetCache Microsoft-IIS/6.0
> 14-Feb-2008
> Verio ES madrid facility        81.19.110.11    NetApp NetCache Microsoft-IIS/6.0
> 20-Jan-2008
> Verio FR paris facility 81.93.176.11    unknown Microsoft-IIS/6.0       27-Dec-2007
> Verio ES madrid facility        81.19.110.11    NetApp NetCache Microsoft-IIS/6.0
> 25-Dec-2007
> Verio FR paris facility 81.93.176.11    unknown Microsoft-IIS/6.0       23-Dec-2007
> Verio UK london facility        83.231.156.11   NetApp NetCache Microsoft-IIS/6.0
> 21-Dec-2007

When will the banking/finance people recognise that there are right and
wrong choices when it comes to financial security.  They wouldn't buy a
safe or a lock with hundreds of thousands of known problems, why are
they doing same with computing platforms?

-- 
| mark at ellandroad dot demon dot co dot uk                           |
| Cola faq:  http://www.faqs.org/faqs/linux/advocacy/faq-and-primer/   |
| Cola trolls:  http://colatrolls.blogspot.com/                        |
| Open platforms prevent vendor lock-in.  Own your Own services!       |