More on the Hack

Posted By: Ryan Friday, September 8, 2000 4:22:02 PM

As most noticed, we got a return visit from "Pimpshiz" and the site was compromised again. As seen in this News.com article, "In an email interview, Pimpshiz claimed to have defaced 110 sites with the message in four separate rounds of attacks--using an unpublished hole in Microsoft Windows NT to infiltrate the Web servers. The hacker promised a "huge episode 5" soon." More as it develops, many thanks to everyone who alerted us to the attack.

Other sites that were also compromised include:
NASA Spartan - Innovative Recoverable Spacecraft
www.fmc.gov
www.stockport.gov.uk
www.gm.gov.cn
Verizon Wireless\Airtouch
KMIZ TV: ABC 17
Don Henley(Anti-Napster music artist)
Models Network International
Oriental Bank & Trust
Nike TW
The Norway Post
Ovation Television

Articles in the media about the attacks:
Hacker smears Web sites with pro-Napster messages (News.com) (Yahoo!)
Web vandal strikes again for Napster (ZDNET.com)
Hacker verziert Web-Seiten mit Pro-Napster-Aufruf (Heise.de)
Napster fan hacks 50 more sites (The Register)
PalmInfocenter Hacked (PalmStation.com)
We were hacked (PalmInfocenter)
The hacker's defaced page

Article Comments

 (17 comments)

The following comments are owned by whoever posted them. PalmInfocenter is not responsible for them in any way.
Please Login or register here to add your comments.

Comments Closed Comments Closed
This article is no longer accepting new comments.

Down

don't give him the pleaseure

I.M. Anonymous @ 9/8/2000 2:33:34 PM #
You folks should not have mentioned the hacks on your site. Your are only giving the 'hacker' (more like a turd who explotis security holes that OTHER people find) attention and satisfaction. Cover your security holes, and focus keeping up the good work about Palm information!

stfu , let news be news

I.M. Anonymous @ 9/8/2000 3:37:43 PM #
nt

**

I.M. Anonymous @ 9/8/2000 4:26:24 PM #
Maybe you guys should run a real os (Unix)??

And your still running NT ?

I.M. Anonymous @ 9/8/2000 6:07:03 PM #
what gives? Are you hard-headed and stubborn ? Is Billy Gates paying
you money or giving you free *gifts* for using it ? Part of your contract ?
Its really too bad your stuck in that deal because if you guys had any clue,
you would immediately dump this security hole and replace it with something
that works.

PalmInfoCenter can't market itself. They need hackers.

I.M. Anonymous @ 9/8/2000 8:10:11 PM #
They won't switch from NT to Unix because if they get hacked once a month, the site gets free exposure on CNET.com.

RE: PalmInfoCenter can't market itself. They need hackers.
Ed @ 9/9/2000 9:45:16 AM #
Fine, blame the victim. I thought this only happened in rape cases.

---
Plenipotentiary
Palm InfoCenter
RE: PalmInfoCenter can't market itself. They need hackers.
I.M. Anonymous @ 9/9/2000 5:12:55 PM #
Change to Unix if you really don't want the hacks then. If you are comparing this to rape, it's like you continue to walk in dark alleyways, though you have been raped before. You clearly don't mind the hacks. Interesting.

RE: It Takes Time
Ed @ 9/9/2000 7:59:23 PM #
Dude, we got hacked for the first time ever on Wednesday. It is now Saturday. If you think switching a site with hundreds of man hours of work in it to a whole new OS is something we can do on Thursday between 4 and 5 pm, you haven't a clue what you are talking about. We are considering all the options. Switching to Linux is one of them. But keep in mind this is a hobby site and we all have real jobs and just don't have the next solid week to devote to dealing with this. We are doing the best we can.

Also, and I want to make clear I'm speaking just for myself and not for Ryan when I say, if you think having all my hard work screwed with by some jerk face only to turn around and be accused of taking part in some conspiracy that I'm enjoying, then just go the FUCK away and never come back to the site again, you goddamn waste of skin.

Hey, now that I've got that out I feel a lot better.

---
Plenipotentiary
Palm InfoCenter

RE: PalmInfoCenter can't market itself. They need hackers.
I.M. Anonymous @ 9/10/2000 3:08:24 PM #
Amen my brother!

It's obvious by the comments posted about switching the server to a new OS, that they've never managed a site of this size and complexity.

The guys here at PalmInfoCenter are doing a bang up job given that this is a "HOBBY" site. But, let's have the loudmouths put their money where their mouth is. If you want PalmInfoCenter to run on Linux, then they'll need about $1000 dollars for ChiliSoft (http://www.chilisoft.com), since they're using Active Server Pages.

So who wants to be first?

RE: PalmInfoCenter can't market itself. They need hackers.
I.M. Anonymous @ 9/10/2000 3:59:07 PM #
Excuse me Ed, but I never said you were "taking part in some conspiracy". Funny you skip to that conclusion. I simply said that you don't want to switch to Unix, because it helps your site when somebody hacks your site (not that you hacked yoruself) and you get free promotion.

It's also interesting that your site is one of few mentioned in the article on CNet.com. I can only assume it was you that e-mailed CNet for the article.

Also, don't tell me I don't know how to switch from NT to Unix. I have made the change several times, with sites much larger than PalmInfoCenter. If you know what you are doing, it can be done in a few days.

You were hacked again yesterday, and the hacker is warning that episode 5 is coming soon. If switching your OS is too much, at least take the hackers advice and (in his words) "If you would like to know how to patch the vulnerability then mail me...".

windows 2000 is the way to go.

I.M. Anonymous @ 9/8/2000 10:18:08 PM #
unix users have to use NETSCAPE which is a piece of utter crap. windows 2000 is an amazing platform to develop on.

anyway, you put a space before your punctuation? did you skip grammar class or are you stubborn?

You just want promotion, so you let the hacker in.

I.M. Anonymous @ 9/9/2000 5:09:37 PM #
I posted this information yesterday, and it was deleted. Why? Because it is probably true. PalmInfoCenter doesn't want to use Unix, because they want the hacker to get in, so they get free promotion on News.com and other tech news sites.

Why are you deleting my posts PalmInfoCenter? Other posts are negative towards your site, and my post was the only one to get deleted. Interesting!

RE: You just want promotion, so you let the hacker in.
Admin @ 9/9/2000 7:49:04 PM #
Mr Anon,
Myself nor Ed has deleted any posts, we do not censor the forums unless there is something wholy inappropriate.
There is no patch to stop this hacker, yet.

Trust me, I am not a big fan of Redmond and NT, I am looking into other options.

------
Ryan
PalmInfocenter webmaster
webmaster@palminfocenter.com

RE: You just want promotion, so you let the hacker in.
Weasel @ 9/10/2000 4:57:30 PM #
Hey free promotion is free promotion but like as said above, changing OSes takes time.

I think everyone would agree: A Linux/*nix box that a NT sysadmin was trying to run would be just a open to an attack that a NT box would be. You just can't set it up and say "now we're safe, we run Unix" cause that's bullshit. I run a Linux box and know you still have to look over each and every door and make sure it's locked or monitored. So jumping to Unix after being scared by a kiddy who found a hole isn't the brightest idea.



Amazingly stupid people

EGarrido @ 9/11/2000 6:29:50 AM #
It's amazing to me that there are so many people accusing this site of "allowing" the hacker in for publicity. DO YOU REALLY THINK ANY SYS ADMIN OR WEB MASTER REALLY WANTS A HACKER INTO HIS SYSTEM FOR ANY REASON? No. In fact hell no. Why would they *want* to deny their content to their viewers and allow the hack for promotion? It doesn't make any sense at all because whoever sees a mention of this site elsewhere in a news article will find the site hacked and inoperational and he will never come back here again.

Go use your minds before you say something so stupid.

RE: Amazingly stupid people
I.M. Anonymous @ 9/12/2000 1:40:54 AM #
Why?

Because it is free promotion. NO, when visitors come from news sites they will NOT find the site hacked. Because PalmInfoCenter fixed the hack before alerting News.com (for the free media atention). You use your head!

Assholes!

I.M. Anonymous @ 9/12/2000 12:20:19 PM #
Who are these a-holes who think they have a right to tell a webmaster how to run *his* site??! Butt out and let the guys run their own shop. Goddamn smartasses piss me off! Its not constructive, it's just criticism for criticism's sake.
PalmInfocenter is one of the few AvantGo posts I read every day and I think the guys do a fantastic job. Just because they get hacked, doesn't mean it's open season. Wind your necks in and get back to running your own lives (if you have one, that is).
Top

Account

Register Register | Login Log in
user:
pass: