“A McAfee security researcher Tuesday warned that a self-proclaimed Mac user had hacked and defaced two Mac fan sites for… excessive fandom,” Thomas Claburn reports for InformationWeek. “A screen shot of the hack reads, ‘This site has been flagged for excessive Apple fanboism, and has been taken down for 24 hours.’ The image depicts a green Apple riddled with worms.”
“Take that, AppleMatters.com and iPhoneMatters.com. ‘This is possibly the first time a hacker is targeting Mac-related Web sites,’ said McAfee security researcher Harish Garg in a blog post on Tuesday,” Claburn reports.
“But the AppleMatters.com hack turned out to be nothing of the sort and before Tuesday came to a close, founder, publisher, and editor-in-chief Hadley Stern was doing his best to dispel the suggestion that EllisLab’s ExpressionEngine software, used to publish AppleMatters.com, might be vulnerable to attack,” Claburn reports.
“‘When I was first approached about the hoax I thought it was a little harmless fun,’ Stern said in a blog post on Tuesday,” Claburn reports. “‘I am literally shaking right now because I did not fully understand the impact of this, so lesson learnt. Again, Apple Matters, running on ExpressionEngine, was in no way hacked. It was a joke publicity stunt that I thought would be funny to attract attention.'”
Claburn reports, “An apology posted by John Casasanta, who runs the MacHeist site, which was involved with the ‘hack,’ also stressed that AppleMatters.com’s Web host and CMS software were in no way deficient. ‘We really hope that the people behind the ‘hacked’ sites, their hosting compaines, and the companies that create their content management systems aren’t looked upon negatively by you all,’ he said in a forum post. ‘The intent of everyone wasn’t malicious but just to have some fun.'”
Full article here.
MacDailyNews Take: ‘Twas obviously a hoax since we — who are often held up as the poster boys for “excessive Apple fanboism” by those who don’t appreciate the truth — have long used the excellent ExpressionEngine and remained “unhacked” throughout the debacle.
It should be ‘TM’ for trademark, or even ‘R’ for registered–you can trademark a name, but you can’t copyright it on its own, per se.
@ ChrissyOne
If anyone shld flog you, it shld be me! In fact, if you act now, i’ll even throw in some spanking & breakfast for free.
So what time can i expect your arrival?
” width=”19″ height=”19″ alt=”wink” style=”border:0;” />
As long as I get breakfast, I’m in.
This is a pretty awful article. The initial site that was hacked was glennwolsey dot com which is hosted by Media Temple and runs WordPress. Both Media Temple and Andreas Lengyel had discovered the “hack” was a fake soon after it started and did nothing to notify the community of open-source developers that were looking into potential WordPress vulnerabilities. A few days later, the macapper dot com site was defaced and the site owner, Miles Evans, wrote that the hack was indeed due to a WordPress vulnerability. Again, all of the parties involved remained silent and allowed the situation to escalate within the Apple and WordPress developer community. Around this time, a Norwegian blog and a few others began looking into the hack and suggested that it may be an elaborate hoax. Finally, applematters dot com were “hacked.” In this case, however, their hosting company immediately took the site down and began an investigation. When they discovered the prank, they notified the public and Hadley Stern was forced to apologize and admit the fraud. A few hours latter, the owners of macapper dot com, macheist dot com and glennwolsey dot com sheepishly posted explanations for their actions.
Given the history of John Casasanta and Phil Ryu there are quite a few people questioning the sincerity of his apology as a good deal of money was probably passed between all the people involved.
My thoughts can be summarized as:
http://rixstep.com/1/1/20071130,00.shtml
Wonderful article, very well explained.