Posted on 10/03/2005 4:01:39 PM PDT by Golden Eagle
Three Novell OpenSUSE community web site were defaced on Sunday by politically motivated hackers. Defacement archive Zone-H reports that a group called IHS Iran Hackers Sabotage broke into OpenSUSE.org, wiki.novell.com and forge.novell.com to post a message stating that it was Iran's right to develop nuclear power. All three sites were defaced in the same way.
(Excerpt) Read more at securityfocus.com ...
Just because they are from Iran, who says we can't punish them? ;)
(maniacal laughter)
Well its a trade off. Some information there is no benefit to releasing it for scrutiny. But when it comes to computer security public scrutiny is generally accepted as good. All the popular encryption algorithms are open source. They are considered more secure because more people can scrutinise them.
They've all pretty much been cracked now, haven't they? Keeping one's encryption key private is the key element of encryption anyway.
LOL, we dang well should, if we can catch them.
Which have been cracked? If I had sensitive data I wouldn't feel comfortable security it with an algorithm that wasn't open to public scrutiny.
Paging Sam Fisher...
You can't even spell your supposed source right, LOL. Here's the definitive source, clearly says Linux.
http://www.zone-h.org/en/defacements/mirror/id=2917402
Which haven't been cracked?
http://search.yahoo.com/search?p=encryption+cracked&fr=FP-tab-web-t&toggle=1&cop=&ei=UTF-8
Besides, as I said, keeping your key obscure is the lynchpin of encryption security. Without obscurity of the key, there effectively is no encryption.
A private key is data. I am talking about algorithms.
http://www.zone-h.org/en/defacements/mirror/id=2917402
N3WBI3...do you care to withdraw any previous posts based on this information? Or will you continue to refute the obvious as you often do?
I know. But they are completely useless in providing security without the obscurity of the key. Weren't you trying to claim obscurity isn't important for security? I seem to recall you were.
Let me give you some friendly advice...if I were you I'd quickly admit you were mistaken (as usual [/LOL]) and drop the whole netware angle.
Then I'd go back and respond to previous posts appropriately.
Of course you can do what you want even though by choosing to ignore the obvious will only make you look silly; however, that hasn't stopped you before.
and the point of subjecting encryption algorithms to public scrutiny is to find out if they are secure. The point is not that releasing them to public scrutiny will somehow prevent them being cracked.
The phrase "security through obscurity is no security at all" refers to algorithms
BTW have you ever seen me say Linux cant be hacked? heck on this thread alone I admitted there are bugs that I see..
Shilling? ROFL, going to finally admit it was Linux?
I almost jumped in on the wrong side of this thing...I was thinking GE was saying algorithms are best to be hidden from public view. Which isn't always the case.
But now I see this started with bobdsmith saying something to the affect that security through obscurity isn't security at all.
But like most simple sayings it has it's weaknesses. And yes you still must keep the private key obscure. I think GE pulled a fast one on both of us as I wasn't thinking about security with a wide enough umbrella to realize that the saying isn't 100% true.
Good point GE.
My first responce was that this was poor administration as it is for pretty much any server getting hacked.
It's possible that it's Open Enterprise Server, which are Novell NetWare services that can run either on top of the Novell NetWare OS or Suse Enterprise Linux 9.
Novell has also been using Apache as their web server since NetWare 6.0, running natively on the NetWare OS.
Mark
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.