“It seems like it has been a while since we were witnessing major hacks on corporate websites, but an entity calling themselves the ‘Outlaw Group’ has successfully defaced a Microsoft site. The MS Press site for the UK has been pulled for now, but so-called crackers managed to get access to the site and modify text on the page. The changes made were minimal, including three repetitions of ‘Owned by Outlaw Group,’ and a title of ‘Owned Outlaw Group by Pharoeste e WolfBlack.’ The majority of the page was not modified, but the breach is clearly an embarrassment to the company. No word from Microsoft on the matter, yet,” Ken ‘Caesar’ Fisher reports for Ars Technica.
Full article and links to screen shots of the defaced page here.
Well ain’t that a pitty.
I bet they’re using Windows Server 2003.
Hahhh ha.
According to Netcraft, they are running Win2k3 – and IIS 6 (crap).
Sputnik, where are you???
Bill Gates sez that security is the number one concern for Microsoft…
I thought Microsoft’s websites were all owned by an outlaw group. Am I missing something?
This shouldn’t cause a problem at all. They will just use shadow volume copy to replace the files, without having to call tech support!
And Gates sez Microsoft is more secure because it is hacked so much. Kinda like saying a hooker is better at being celibate.
The best way to keep an IIS server hacker proof is by unplugging the ethernet cable lol
Dave H
<grin>
Whenever I am having trouble evangelizing (you know, Macs are toys, there is no software, schools should get rid of them and use what the real world uses, I can do all the graphics on my PC, they cost too much, etc.), I ask how they like doing business with convicted criminals. This usually elicits a double take, a couple of mouth flaps, and then silence.
Sometimes the last word is the best you can do.
Mike
http://www.google.com/search?as_q=&num=100&hl=en&ie=UTF-8&oe=UTF-8&btnG=Google+Search&as_epq=microsoft+found+guilty&as;_oq=&as;_eq=&lr;=&as_ft=i&as;_filetype=&as_qdr=all&as_occt=any&as_dt=i&as;_sitesearch=&safe=images
Haha, security is a huge focus at MicroShit. Not we know!
Ok, we all know how shitty MIcroScheisse is, think about how liable they would be if they were a car company! They’d already be out of business! Boy, people are stupid.
If W2k/IIs 6 is crap why does the “real IT world” use it.
The wonderful tools ASP and the new .NET framework allow creation of the most progressive web sites available today! Try creating the functionality of a cutting edge Windows server site on any other platform.
As for security it is great, I am sure that a password was given to these thugs.
�
Sputnik: because lots of IT managers are idiots that believe all of the horse shit that Gartner shovels at them. Everyone knows that Gartner is the whore of the IT world. They’ll sell themselves to the highest bidder and guess who has lots and lots of money?
Magic quadrant, my ass!
“As for security it is great, I am sure that a password was given to these thugs.”
Uh… why?
and a password was also given out by everyone infected by sasser too…. riiiiiiiiight.
the security through hackability argument is even lamer than security through obscurity.
Hey, Paul Thurrott & Enderle, are you guys reading this? If so, take note:
http://www.microsoft.com/mspress/uk/ is running on Windows Server 2003 OS, and the server is Microsoft-IIS/6.0
Got that? Now, any comments? Also, please recall that site in Finland (or Norway?) a couple of years back running a Mac powered site where they offered a reward to anyone who could deface it. The amount finally got up to 10 grand, and they had over 200,000 attempts. It never got even one pixel hacked. Now c’mon… one of you guys step up to the plate and write an article on this; keep your readers educated. (Chicken)
I think this guy Sputnik is Thurrott in disguise.
“Uh… why?” – scopi
So that when a website is hacked, guys like Sputnik can say it’s admin’s problem and confuse social engineering and solid (as in swiss cheese solid) software, maybe?
“If W2k/IIs 6 is crap why does the “real IT world” use it.” – Sputnik
Because they have to recoup the MSCE fee?
Because they only know MS softwares?
Because companies don’t need so many of them if there are less software problems?
Why does the “real IT world” use it? One word: sheep. Most of the clowns in IT are not competent enough to make a decision on best of breed solutions. They go with what they know, so they end up with a second rate (third rate…) solution of Microsoft.
Nobody
Point two is generally correct from my experience. Even if another companies product will do exactly what is required now, many IT departments will wait for Microsoft’s approximation of what is required to be release 18 months later. It’s beyond me.
To contrast with Gandalf’s post:
http://www.google.com/search?num=100&hl=en&lr;=&ie=UTF-8&c2coff=1&as_qdr=all&q=+“apple+found+guilty”&btnG=Search
Hmmm…I wonder if Bill Gates will use this incident to try and further his quest to charge everyone an e-stamp for the use of email systems? He always seems to find a way to bring things back to that subject, lately.
Bizarro Jeff