Feeds

back to article Hacktivists torch C4's Jon Snow's web diary, reveal 'nuke strike' on Syria

Syrian hacktivists have chalked up more media-luvvie victims after hacking into and defacing blogs run by British broadcaster Channel 4. The Syrian Electronic Army, which backs the regime of President Bashar al-Assad, took over an online diary maintained on behalf of veteran newscaster Jon Snow before posting a fictitious story …

COMMENTS

This topic is closed for new posts.
Bronze badge
Facepalm

Ahhh!

Hearing about never-ending hacks and break-ins is becoming wearisome. Like a cracked repeating 78 (if yuh know what that is), the 'noise' is beginning to even irritate this diehard.

How about solutions for a change?

1
1
Silver badge
Devil

Re: Ahhh!- How about solutions for a change?

I'm working on it... :-)

The real thing - as El Reg said a week or two back, is that the actual success of a high security IT strategy is indistinguishable from a rubbish site that hasn't been hacked (yet).

I am frankly APPALLED at how crap most CMSs are.

Real security takes a lot to achieve - been on the case a couple of months and no website is even visible. Its like a building with earthquake foundations, and shock absorbers..none of it shows and all of it is wasted till someone actually has a go.

To do serious damage someone has to fight through three layers of security. Obviously stealing passwords works, but then accesses are logged, when and where. And the same administrator cant be online in two different places. And will get thrown off if he fails to enetr passowrds coorectly enough times, this defetang brite force attacks.

DOS is catered for with firewalling at the earliest possible level, and by having per IP address rate limiting, so you need multiple IP addresses to mount successful attacks. Which is possible with spambots, but hey nothings perfect.

I might even build a honey pot, and let putative hackers trawl thorough reams of entirely fictitious data. While the police get time to ID them.

None of this is rocket science, but its all money on stuff that shows no visible signs of excellence.

As with backups, you never know how good yours is till something fails (my backup disk did, last week, I was up and running with zero data loss in less than 6 hours, and most of that was creating a new full backup ) or you get hacked, spammed or DOSsed.

3 months ago my dashboard showed unusually high network INBOUND network traffic, but no increase in outbound. No logs revealed any unusual process activity. After a couple of hours it stopped. DOS? PORT scan? Probably, bouncing off the firewall, but logging that would have slowed the machine more than simply discarding the data.

IT can be done, but it costs money and skill to do it. It will be interesting to see if anyone is interested in it, when I have. Its a hobby project really.

1
0
Silver badge
Happy

IT crowd...

'Channel 4′s blogs were taken offline in response to the breach and replaced with a message stating "Something’s broken (or we’re making things better)" alongside a picture of characters from The IT Crowd sitcom.'

Surely, 'Please be patient while we turn it off and on again' would be a more appropriate message.

5
0
g e
Silver badge
Facepalm

Turdpress. Dear God.

Presumably other El Reg readers have had the misfortune to witness the coding standards 9/11 that is the fragile and inconsistent guts of WP. Especial MU.

You'll know what I mean.

1
2
Anonymous Coward

Re: Turdpress. Dear God.

Not only have I experienced it, but I had to argue against Marketing taking their blog away from our managed, but slightly limited CMS, and instead to some no-name host that Marketing had chosen themselves, who would install WP for them (as there's no fucking way I would).

Of course, it was one of those "list-the-reasons-why-IT-dont-want-marketing-to-outsource-their-IT-but-never-mind-we've-already-decided-to-let-them-do-it" meetings. Here's hoping I'm off the ship before they get hacked..

1
0
Anonymous Coward

Re: Turdpress. Dear God.

Perhaps if the IT department tried to meet the needs of the company rather than implementing systems simply because they make life easier for members of the IT department, then marketing wouldn't be forced to outsource?

2
2
Anonymous Coward

Re: Turdpress. Dear God.

Whether or not I agree with your sentiments, anyone who does that sort of thing with a company name or product (eg, Micro$oft, crApple, etc) gets an automatic downvote from me for their childish name calling.

0
0
Anonymous Coward

Re: Turdpress. Dear God.

To be fair, apart from the annual user privilege escalation exploit - AKA why you shouldn't let people you don't trust have accounts on your WP install - the main problem is the lack of limiting login attempts by default, making it easy to attempt to brute force passwords, combined with suggesting 'admin' as the username for account #1, meaning you don't need to bother to work out a good user name to try to hack.

0
0
Anonymous Coward

Anon?

Where is the Anon collective when you need them to defend us from these Syrian skiddies? I would have thought a Counter Cyber Jihad would have been right up their alley. Thats the trouble with anarchist collectives - not reliable.

1
2

I think they also managed to hack my alarm clock this morning, thus making me late for work by two hours.

This is my excuse, and I will stand by it.

2
0
Silver badge

Yesterday the alarm on MY phone went at some godawful hour and I looked at it, and it said 'A***'s birthday'.

The I remembered this was in fact my wife's phone with my 15 year old SIM in it, that a friend repaired after she dropped it and I bought her a new one.

And A*** was her sister. Still is actually.

wheres the 'restore to factory defaults' button?

0
0
Paris Hilton

Is your wife's name B*** by any chance?

Gosh. Your in-laws have some unconventional attitudes to naming.

Paris, because they named a hotel after her.

1
0

Unusual name...is she Irish?

The news the other day was about old SIMs, a surprising number of which include a relatively short DES (I think) encryption key and something called JavaCard. So, old SIMs are not so good to have.

Come to think, mine is at least three phones old. Hmm.

There are charming but puzzling Irish names, I know, such as Roisin (I think it means "dried grape") and Saoirse ("English go home"), so I'm not much surprised to see your A*** ("Happy Christmas", perhaps? According to Kirsty Macoll...)

0
0
Anonymous Coward

Graham Cluley no longer at Sophos?

The real news here, which I appear to have missed El Reg's coverage of, is that Graham Cluley is no longer at Sophos (as of June 2013).

End of the world is nigh, by the look of things.

0
0

game of groans....

Nuclear winter is coming, Jon Snow

2
0

Game of Groans

Nuclear winter is coming, Jon Snow.

0
0

This post has been deleted by its author

This topic is closed for new posts.