[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] close to home

On Jan 30, 2004, at 8:38 AM, Dan Newcombe wrote:
> On Thu, 29 Jan 2004, Jim Popovitch wrote:
>> Perhaps this is closer to home than we all realize.  That is, perhaps 
>> it
>> is closer to Linux than Atlanta.  Is this an attempt by someone at UGA
>> to test/show Linux as being hackable?
> I doubt it...it's more an example of not having enough time or staff 
> to do
> a job properly at institutions, not matter their size.  An 
> inexperienced
> admin, perhaps someone new at it.

Nobody seems to be considering the axiom of security that "There is no 
such thing as a secure machine."

Perhaps this was a brand new debian/BSD/OpenVMS/whatever system, with 
all the current software, a machine-based firewall, an external 
firewall, regular password rotation, no casual accounts, in an access 
controlled room (etc. etc. etc.), and the only way of making it more 
secure, even for the most experienced admin, would have been to unplug 

Maybe it was hacked because an undisclosed, publicly unknown 
vulnerability was exploited. Maybe someone got really lucky with random 
password/key guessing.

Having a machine hacked doesn't mean that everything that could be done 
wasn't being done. Sure, it's improbable, but it's certainly possible.