Iconbar.com hacked | Drobe.co.uk archives

Iconbar.com hacked

By Chris Williams. Published: 29th Jul 2004, 23:17:28 | Permalink | Printable

Many sites compromised

The NoughtPointOne network was hacked this evening by a Brazilian group calling themselves r00t_system, it's believed. Internet security monitoring website zone-h.org reports that the RISC OS forum website Iconbar and its satellite websites, which include the Photodesk resources site, the FTPc website, AcornArcade and many others, were ruthlessly defaced. A note left for 0.1 staff reads, "Upgrade your system! It's vulnerable!"

Iconbar webmaster Richard Goodwin has powered down the compromised server, and must travel to London in order to clear up any damage before bringing the system back up and online. It's currently unknown as to how long the server will be down for and how much data has been lost or altered. An insider also commented to drobe.co.uk tonight: "It's a bloody bad time for it to happen too, Rich goes on holiday next week."

Iconbar is the second high profile RISC OS website to be attacked in recent years, after MyRiscos was defaced in late 2001.

Links

OnePointNought website

Previous: STD mulls WinXP PDA
Next: New XScale supports PCI-Express

Discussion

Viewing threaded comments | View comments unthreaded, listed by date | Skip to the end

Can anyone comment on the feasibility of serving a large website on a RISC OS box? The different architecture would serve as a deterrent for many crackers/hackers, though this is perhaps security through obscurity.

ksattic on 30/7/04 12:19AM
[ Reply | Permalink | Report ]

If anyone wishes to see the hack in all its <un>glory heres the Zone-H mirror:

[link]

archez on 30/7/04 12:22AM
[ Reply | Permalink | Report ]

ksattic: It's certainly security through obscurity. That and RISC OS *really* sucks as a server OS. Windows 95 would be a better choice.

nunfetishist on 30/7/04 12:24AM
[ Reply | Permalink | Report ]

At least it happened *before* he went on hols, rather than when he was actually on them and unable to do much :-/

piemmm on 30/7/04 7:32AM
[ Reply | Permalink | Report ]

"Rich... must travel to London" WHY? The page says: " Don't be worry, nothing crashed. I just replace all index.* " so why do you need physical access? Just restore from backups and get on with life. Maybe TIB should get piemmm in to set it up properly? :-)

imj on 30/7/04 10:03AM
[ Reply | Permalink | Report ]

imj: since when where crackers trustworthy?

2.4.22 - blimey. With modern package management on Debian, Gentoo, etc - why would the kernel not have been upgraded which is how I guess they got in?

dansguardian on 30/7/04 10:20AM
[ Reply | Permalink | Report ]

imj: Problem is, they may have installed a rootkit or similar, which are actually quite difficult to get rid of remotely. Pepperfish tend to have serial consoles on their machines. I suppose we should also keep a Debian CD in the CD-ROM too, so we can boot off it if need be.

Do TIB still run Mandrake? If so, *why* on earth do they?

I'm sure Pepperfish would be willing to host TIB for a small fee.

nunfetishist on 30/7/04 11:16AM
[ Reply | Permalink | Report ]

I'm sure I could accomodate some people as well (maybe for a small fee too)

piemmm on 30/7/04 11:22AM
[ Reply | Permalink | Report ]

reply to ksattic I have run web,gopher, irc servers on RISC OS. One of the problems RISC OS has a server OS is lack of pre-emptive multi-tasking, this why I have called for it in the past. CTL have said they intend to implement it. As part of project Merlin I have asked for RISC OS to be given over server OS features.

speccyverse on 30/7/04 11:32AM
[ Reply | Permalink | Report ]

speccyverse: PMT isn't essential for serving. Lots of the high-performance web servers don't use the fork() model, and only have one process multiplex it all. (Which is how Netplex and that other free server do it, IIRC.)

What is essential is a fast file system, a decent IP stack, and reliability. RISC OS is too trivial to crash remotely if there's the tiniest of bugs in your server software.

nunfetishist on 30/7/04 11:35AM
[ Reply | Permalink | Report ]

Oh, and having PMT under RISC OS would really screw things anyway. You've have to make lots of changes that'd make current software incompatible. (In an ideal would, they would have started to make the changes at the same time as releasing RO5, where software had to be changed anyway.)

There are lots of things in RISC OS that there are only one of. Like the current directory, OS_Plot contexts. FileCore isn't re-enterant, lots of current programs didn't have their messaging code designed for PMT, etc. All sorts of reasons why it'll be an arse.

People'll be asking for more memory protection next, and then they'll complain everything's so radically different, nothing old will work at all.

nunfetishist on 30/7/04 11:39AM
[ Reply | Permalink | Report ]

It's interesting to see that unobscure software i.e. FLOSS has falled.

speccyverse on 30/7/04 11:47AM
[ Reply | Permalink | Report ]

reply to rjek Try running a server with a 100 people running programs and tell me PMT is not a good thing. On the subject of whether RISC OS can having PMT next you be saying the Amiga cannot be emulated because of all the specialist chips in it.

speccyverse on 30/7/04 11:58AM
[ Reply | Permalink | Report ]

speccyverse: You misunderstand the problems at hand. An http, gopher, or IRC server (your examples) don't require 100 people running programs on them. Nor does a single-purpose server actually need multitasking. (For example, Pepperfish uses a web server that's just one process. It can serve thousands of requests a second [quite literally] without the OS multitasking at all.)

I hope you'll also note that I didn't say that RISC OS couldn't be adapted to have PMT, simply that the changes would be so vast very little current software would work under it without them also having major modifications.

"It's interesting to see that unobscure software i.e. FLOSS has falled."

I can't actually parse this sentence, much less understand or reply to it.

nunfetishist on 30/7/04 2:08PM
[ Reply | Permalink | Report ]

to nunfetishist: I don't think that software needs to be amended for PMT - PMT basically means that the app is interrupted every once in a while and not just upon WIMP calls or the like. Unless it's software which needs to run continuously like the odd game perhaps it shouldn't matter. For software to make use of PMT adaption probably is a sensible thing to do. So adaption of the software might be a good idea but it should be no problem to have 99% of the software run unmodified.

hzn on 30/7/04 2:20PM
[ Reply | Permalink | Report ]

Just a question.

Without PMT how come that RISC-OS is so responcif to mouse clicks and drags? Can't the same be used for Ethernet events?

Jaco on 30/7/04 2:35PM
[ Reply | Permalink | Report ]

The problem with forcing PMT on everything is that a lot of apps expect their environment to be static between WIMP_Polls (interrupts excepted). Proper PMT systems allow you to control this - PMT RISCOS would need new calls added for software that needed to control this.

I wouldn't necessarily say that 'very little current software' will work - Wimp2 worked with a significant number of apps (though sadly not enough to actually warrant an improvment in performance).

ninja on 30/7/04 2:35PM
[ Reply | Permalink | Report ]

Jaco: RISC OS isn't very responsive to clicks when, for example, you're doing a file copy (especially if it's 'faster'). PMT would allow file copies to run at 'faster' speed until the millisecond you make a click, at which time the copy will temporarily pause to handle your request. You could even acheive full display updates at almost 'faster' speed, as you'd be able to update the display without all the other apps grabbing a slice of time needlessly.

Drags are faster because as soon as you start a drag, RISC OS actually stops multitasking and becomes a single-tasking OS, for example, stopping any servers you might have running. That's the case for window drags at least, I think. Not sure about file drags - I suspect the graphic is done via MOUSEV.

Meanwhile, Ethernet events actually require even faster responses than you or I. Just because it looks instant to us doesn't mean it's fast enough for a network.

ninja on 30/7/04 2:40PM
[ Reply | Permalink | Report ]

The only obvious thing which comes to mind with PMT problems is applications drawing into there windows used to asume that while there drawing nothing else is going on, so some things may need to be modified, even if many wouln't.

If RISC OS does gain PMT I suspect it will be optional as CMT is a perfectly valid system which may be favored by Castle's embeded customers.

NoMercy on 30/7/04 3:02PM
[ Reply | Permalink | Report ]

hzn: As ninja pointed out, there are lots of things in RISC OS where there can't be two concurrent states, such as the current directory, plot contexts, and alsorts of others. RISC OS would either have to enable each process to have their own, or provide some form of ugly locking API. The former's the better way, as it's more likely to work with current software, but it's a hell of a lot of work.

Also, big important parts of RISC OS aren't re-enterant (ie, FileCore), so you'd not be able to pre-empt lots of the kernel. So things like HDD and FDD access would still block everything.

Also, as I said a little earlier, I've seen loads of applications that assume nothing else will happen until they call Wimp_Poll, which is a dangerous assumption.

nunfetishist on 30/7/04 3:05PM
[ Reply | Permalink | Report ]

Diverting away from the (somewhat difficult to justify) topic of preemption (which has very little to do with Iconbar being hacked), the only IRC server that I'm aware of for RISC OS is mine. And that's laughably simplistic and not at all an example of running a serious server.

Gerph on 30/7/04 3:54PM
[ Reply | Permalink | Report ]

Hmm, I'd have thought that PMT would be of much less value (particularly for the task of writing a http server - trying to desparately bring this thread back on topic) unless you also has a re-entrant filecore. I find the fact that RISC OS stops as soon as it does any disc IO operations one of the most glaring difference when moving from other operating systems.

I don't think it's as simple as either having each process with its environment or having semaphores (and more specific locking APIs). There will always be shared resources, so you'll always need semaphores in any case, and separate environments it quite likely to break existing software.

For example, a case I encounter from time to time that's quite applicable to web servers is changing the current directory. When issuing such a command you need to be very aware of whether it's going to happen as a sub-process, or whether it will happen as part of the current process. If the former case, it may spawn a process with it's own environment, change the directory in that environment then immediately delete it as the process closes - so your call had no effect.

ninja on 30/7/04 3:59PM
[ Reply | Permalink | Report ]

Why in gods name would any web server ever change directory?

imj on 30/7/04 4:26PM
[ Reply | Permalink | Report ]

imj: The only reason I can think of is changing to the directory it's just chrooted to. Never after that, unless it's a really crap web server.

nunfetishist on 30/7/04 4:29PM
[ Reply | Permalink | Report ]

In reply to rjek: It's interesting to see that unobscure software i.e. FLOSS, failed "I can't parse this." It is simple to understand, do you still think that the StrongARM does not contain two 16K caches?

speccyverse on 30/7/04 4:43PM
[ Reply | Permalink | Report ]

speccyverse: FLOSS failed at what, though? It might be easy to understand if you'd spelt things correctly, and you provided some context.

Do you still thing that the GPL is anti-copyright?

nunfetishist on 30/7/04 4:53PM
[ Reply | Permalink | Report ]

RMS said "You might think of it[copyleft] as the opposite of copyright"

I notice you seem to be defending Linux (and an application that runs on it (Apache)) on a RISC OS forum. You also are advertising a non RISC OS computer company of own.

speccyverse on 30/7/04 5:08PM
[ Reply | Permalink | Report ]

RMS is a fool, though. I'm sure he now realises that copyright is central to the GPL working at all.

I'm not defending Linux, I'm critisizing RISC OS. I've also (although less directly) critisized Apache, and servers like it. In otherwords, almost the complete oppisite of what you've just suggested. Please learn to read. What makes you think Pepperfish is non-RISC OS? We host several RISC OS-centric sites, thanks. We even try to support RISC OS customers as best we can.

I see you're advertising non-RISC OS computers (in the form of your name), as well as grabbing at straws. Perhaps time to grow up?

nunfetishist on 30/7/04 5:47PM
[ Reply | Permalink | Report ]

Actually, thinking about it, what's wrong with defending competing theologies on a specific theology's forum? If people didn't people'd be spouting bulls*** all the time, rather than just most of the time.

nunfetishist on 30/7/04 5:50PM
[ Reply | Permalink | Report ]

"I find the fact that RISC OS stops as soon as it does any disc IO operations one of the most glaring difference when moving from other operating systems."

Thats funny, because I find the fact that this PC (Windows 2000) regularly stops (for about a minute) for no apparent reason the most glaring difference between the two computers I use regularly. Maybe most win2000 PCs don't do this, but my [work] one does. Presumably it is using PMT, so clearly it isn't a panacea. At least, M$' implemention isn't.

<Back on topic> How secure is fudgehole against the same sort of thing happening?

Loris on 30/7/04 5:58PM
[ Reply | Permalink | Report ]

In reply to rjek: "Oh, and having PMT under RISC OS really screw things anyway."

So rjek, do you believe that DOS could not be convert to PMT?

speccyverse on 16/08/04 6:48PM
[ Reply | Permalink | Report ]

Is the Iconbar down again? I can't reach it at the moment, could just be a transient thing of course!

anon/164.140.159.136 on 27/08/04 1:04PM
[ Reply | Permalink | Report ]

their DNS is broken.

piemmm on 27/08/04 4:49PM
[ Reply | Permalink | Report ]

It is not my fault

Revin Kevin on 29/08/04 3:43PM
[ Reply | Permalink | Report ]

Please login before posting a comment. Use the form on the right to do so or create a free account.

Search the archives

Today's featured article

South East 2008 show round up
News from the event in the south of the UK

42 comments, latest by diomus on 9/11/08 8:45PM. Published: 19 Oct 2008

Random article

Surftec wind ups DigiFlash
"We'll be back"

4 comments, latest by thegman on 25/2/03 4:51PM. Published: 23 Feb 2003

Useful links

News and media:
Iconbar • MyRISCOS • ArcSite • RISCOScode • ANS • C.S.A.Announce • Archive • Qercus • RiscWorld • Drag'n'Drop • GAG-News

Top developers:
RISCOS Ltd • RISC OS Open • MW Software • R-Comp • Advantage Six • VirtualAcorn

Dealers:
CJE Micros • APDL • Castle • a4 • X-Ample • Liquid Silicon • Webmonster

Usergroups:
WROCC • RONE • NKACC • IRUG • SASAUG • ROUGOL • RONWUG • MUG • WAUG • GAG • RISCOS.be

Useful:
RISCOS.org.uk • RISCOS.org • RISCOS.info • Filebase • Chris Why's Acorn/RISC OS collection • NetSurf

Non-RISC OS:
The Register • The Inquirer • Apple Insider • BBC News • Sky News • Google News • xkcd • diodesign

© 1999-2009 The Drobe Team. Some rights reserved, click here for more information
Powered by MiniDrobeCMS, based on J4U | Statistics
"..your knowledge seems to be below par"
Page generated in 0.093 seconds.