Forgot your password?
typodupeerror
Security Government United States

FBI Reports US Agencies Hacked By Anonymous 156

Posted by timothy
from the can't-quite-put-a-finger-on-it dept.
Rambo Tribble writes "Reuters is reporting that the FBI has issued a warning to several U.S. Government agencies that the Anonymous collective has hacked their systems. Included in the list of compromised agencies are the U.S. Army, Department of Energy, Department of Health and Human Services, and potentially many more agencies. The avenue of attack: Adobe Cold Fusion."
This discussion has been archived. No new comments can be posted.

FBI Reports US Agencies Hacked By Anonymous

Comments Filter:
  • by Anonymous Coward on Saturday November 16, 2013 @11:34AM (#45442827)

    I thought the only people left in Anonymous were FBI informants.

    • by pieterh (196118) on Saturday November 16, 2013 @11:45AM (#45442891) Homepage

      The War on the Internet is as much about creating an environment of fear that will justify increased spending, as it is cracking down on the young smart kids who are the real threat to the corporate para-State.

      So it's fairly likely that the FBI/NSA and their legal or criminal subcontractors are heavily involved in any dramatic security-related event. The fact that government websites are targeted makes no difference. Simple little false flags that keep the pressure up on legislators.

      It's easy to mock all this but the threat to our digital lifestyle is real and serious. We're a few years away from a fully regulated Internet where if you don't conform -- by running approved hardware, approved software, approved monitoring -- you simply won't get access, period. Clipper chip, remember that?

      And the only way to convince the mass of "who cares?" public are a series of dramatic, dangerous, unacceptable attacks on websites, infrastructure, transport, etc.

      • by Anonymous Coward on Saturday November 16, 2013 @12:04PM (#45442993)

        I was about to post something that would go line by line of your post arguing the usual things against conspiracies that I'd parrot from Skeptics like Michael Shermer.

        Then, I though about the latest events, the PATRIOT Act. the lobbying by big IT firms and defense contractors, and just the pathetic power hungriness and narcisism of our elected officials.

        So, I said to myself, "What the parent has suggested is completely probable in this day and age."

        It's not an individual super villian, but it is bunch of sociopathic people all working towards the same goal as stated in the parent's post. And they have the greatest weapon on Earth - people's irrational fear and desperation to feel safe.

        We are all fucked.

        • by pieterh (196118) on Saturday November 16, 2013 @12:20PM (#45443073) Homepage

          There's a dark irony in so-called skeptics pushing their own conspiracy theories (mysterious gangs hate our way of life) to muffle out the obvious truth that it's (always) all about the money.

          It's not only probable, it's by far the simplest explanation, that the military-security complex needs to create threats to justify its existence, so a handsome slice of its budget consistently goes back into black operations against the very people it's meant to be protecting. If you argue that only crooks would do this, then my question is, what evidence do you have that the FBI, CIA, NSA, GCHQ et al are not run by simple crooks?

          As for being pessimistic, it's a normal feeling but not useful. Read my book (free, see below) for a background into how this state of affairs came to be, and how to fix things.

          • by girlintraining (1395911) on Saturday November 16, 2013 @12:42PM (#45443209)

            There's a dark irony in so-called skeptics pushing their own conspiracy theories (mysterious gangs hate our way of life) to muffle out the obvious truth that it's (always) all about the money.

            You're one of those so-called skeptics, buddy. You just vomited up a Level 5 Tin Foil Rant in this very thread with false flags, the matrix has you, and a limited-edition Agent 'NSA' Smith on display. Then you turn around and invalidate your own post by saying "it's (always) about the money."

            As for being pessimistic, it's a normal feeling but not useful. Read my book (free, see below) for a background into how this state of affairs came to be, and how to fix things.

            On sale now: "The Sky Is Falling", by Chicken Little. A stunning critique of the government, with intro by Sir Tinfoil Hatsalot.

          • by cavreader (1903280) on Saturday November 16, 2013 @03:09PM (#45444085)

            The FBI, CIA, or the NSA are not collecting credit card information or other personal data used to commit online fraud against the average citizen. If your credit card information or your SSN has ever been compromised your screwed. If you live in the US I assure you the government already has a lot of your personal data. Just your SSN and Tax Returns provide everything the government would need to find you if they wanted to. Of course they have had this data long before the Internet ever came into play. The FBI, CIA, and NSA are not randomly publishing the confidential information in every media outlet on the planet regardless of the consequences large or small. The FBI, CIA, and NSA are not launching nuisance attacks to tie up or deface websites. As a matter of fact there has been no verifiable proof that the FBI, CIA, or NSA has caused any harm to US citizens or misused the data collected. So far all the complaints and accusations are about what they "could" do not what they are actually "doing" with the information. If everything published about the NSA capabilities is true then they would certainly be able to identify the people behind these type of attacks. After all they are supposedly intercepting and storing all the traffic moving on the Internet. The have supposedly cracked SSL, TOR, and other encryption systems used by companies and individuals. They are suppose to be able to compromise Google data centers as well as other large data centers at will. With all these capabilities tracking IP's back through multiple proxies is child's play in comparison. But it's always possible that the capabilities ascribed to the NSA are exaggerated in the extreme. Personally I am more worried about private and public corporations collecting and selling my data and online habits to others for profit. Hell Google drives down every street they can find collecting addresses and scanning for active Wi-Fi signals. Of course they just want to improve their mapping applications and they swear they are telling the truth about their motives.

          • by FriendlyLurker (50431) on Saturday November 16, 2013 @06:55PM (#45445247)

            what evidence do you have that the FBI, CIA, NSA, GCHQ et al are not run by simple crooks?

            What, facilitating the sale hard drugs [wikipedia.org] in America or selling military equipment on the black market [wikipedia.org] to "axis of evil" type countries is not criminal enough? People forget the criminal history [wikipedia.org] of some of these organizations rather quickly and seem to ignore the current ongoing [commondreams.org] continuation of the same [matthewaid.com]. Guess that propaganda and a firm grip on the corporate mass media message reaching the majority just works. We have a serious amount of evidence that those organizations have committed egregious crimes, so the real question is: How do we know/guarantee that they are NO LONGER being run by criminals?

          • by rtb61 (674572) on Sunday November 17, 2013 @06:38AM (#45447455) Homepage

            This is not a conspiracy it is simple logical extrapolation. The FBI is aware of incursions into specific computer networks, they do not know who has committed the incursions, hence literally those person or persons are anonymous, as they are anonymous logically they must be a member of "Anonymous", else they would not be anonymous.

            Fucking, Bloody, Idiot, thinking, what could be more obvious. Here's a hint, unless they have been caught and prosecuted and they publicly claim to be a member of Anonymous, they are not members of "Anonymous". Which in turn, logically would be illogical, because once your claim to be a member of "Anonymous", you are no longer anonymous and logically can no longer be a member of "Anonymous". After all logically to be a member of "Anonymous" one must be and remain anonymous.

            So now extrapolating the current claim according to Fucking, Bloody, Idiot, thinking every questionable act committed by person or persons unknown, who are anonymous as a result of being unknown, must all be members of "Anonymous", which then according to the FBI must be by far the largest conspiratorial multi-national organisation upon the face of the planet. Here's betting with that kind of logic the FBI will end up spending an awful lot of time chasing their own tails.

      • by Anonymous Coward on Saturday November 16, 2013 @12:12PM (#45443017)

        Yeah... I do because I'm old enough to remember that fiasco.

        Is it in existence today? No.

        You talk about the internet being clamped down to approved hardward/software/etc/etc... History proves that you can't shut down the flow of information.

        Every PROHIBITION has backlash... Hell, prohibition is actually increasing the number of "Manic Psychosis" incidences in our youth today [slashdot.org]. There are tons of other examples but you should already be aware of them.

        Prohibition of internet access will never work. lol

        Keep it Clean! :D

      • by s.petry (762400) on Saturday November 16, 2013 @12:36PM (#45443175)

        It's not beyond these people to lie to achieve what they want. Hopefully I didn't even need to mention that, but I did just to be sure we were on the up and up here. Reading the article, there is nothing I can see to verify that this was in fact the work of Anonymous. Some things don't line up with the normal activities. This article not only spreads FUD for internet censorship and control, but FUD about activism/hactivism.

        From TFA, they first claim that anonymous used PDF exploits. Well, just about every botnet on the planet gets infected by some type of Trojan filled file. Anonymous is more well known for MITM attacks than trojaned files. Nothing convincing yet that it was anonymous.

        Then they claim that anonymous stole 2,0000 bank accounts. That on a Rueters article should be a dead give away that this potentially propaganda. It didn't make it through normal editing.

        The article does mention someone in the UK being indited on hacking into the US DOE, but then they lump everything else to that one person at anonymous. Maybe they have much more detail on proving that all of these hacks were anonymous and didn't show it. I'm not convinced by what was released here, and have not trusted these people to tell the truth for decades (amplified in the last few years).

      • by nurb432 (527695) on Saturday November 16, 2013 @01:41PM (#45443553) Homepage Journal

        The War on the Internet is as much about creating an environment of fear that will justify increased spending, as it is cracking down on the young smart kids who are the real threat to the corporate para-State.

        Just like the 'war on drugs' is. And people get in line willingly to support it.

        • by tlambert (566799) on Saturday November 16, 2013 @04:59PM (#45444711)

          The War on the Internet is as much about creating an environment of fear that will justify increased spending, as it is cracking down on the young smart kids who are the real threat to the corporate para-State.

          Just like the 'war on drugs' is. And people get in line willingly to support it.

          The war on drugs doesn't crack down on young smart kids, it cracks down on kids who spend all day on the couch eating Cheetos and watching T.V. because they can't muster up the energy to play Call of Duty after the last bong hit, and then they head out to White Castle at two AM because they saw Derek and Kumar do it in a movie, and, besides, they have the munchies and there's no food left in the house. Neil Patrick Harris on the unicorn is optional at that point.

          Typically, the war on the Internet also only cracks down on the young smart kids who have overstayed their welcome on the wrong side of the "you are no longer a minor" line, or have been sufficiently annoying to move that line past the "you will be tried as an adult" boundary.

      • by sgt_doom (655561) on Saturday November 16, 2013 @04:52PM (#45444679)
        pieterh, you pretty well summed it up, dude!

        I'm with you, brother!
      • by romons (2767081) on Sunday November 17, 2013 @06:15PM (#45450557)

        The War on the Internet is as much about creating an environment of fear that will justify increased spending, as it is cracking down on the young smart kids who are the real threat to the corporate para-State.

        So it's fairly likely that the FBI/NSA and their legal or criminal subcontractors are heavily involved in any dramatic security-related event. The fact that government websites are targeted makes no difference. Simple little false flags that keep the pressure up on legislators.

        It's easy to mock all this but the threat to our digital lifestyle is real and serious. We're a few years away from a fully regulated Internet where if you don't conform -- by running approved hardware, approved software, approved monitoring -- you simply won't get access, period. Clipper chip, remember that?

        And the only way to convince the mass of "who cares?" public are a series of dramatic, dangerous, unacceptable attacks on websites, infrastructure, transport, etc.

        If you consider who stands to gain from this sort of control, it becomes apparent that any alleged 'war on the internet', if it exists, is likely to fail. I've been using what became the internet before it was called the internet (usenet and arpanet, from UC in 1982, arpanet at BBN in 83 and beyond). Folks have been ranting about the internet going to the dogs since the thing started. (Remember folks putting 'terrorist' keywords into their usenet posts to foil the NSA?) The sky hasn't yet fallen. I realize that the fact that the sky has not fallen isn't argument against the possibility that it will, but really? "corporate para-state"? "The threat to our digital lifestyle"? Even "Clipper Chip?". Sigh... John Boehner likes his porn (well, gay porn) as much as you do. Nobody is going to cut it off. I believe your digital lifestyle is safe.

    • by Charliemopps (1157495) on Saturday November 16, 2013 @12:02PM (#45442981)

      You just don't understand what Anonymous is then.

    • by Opportunist (166417) on Saturday November 16, 2013 @12:19PM (#45443067)

      Erh... yes? So? How do you plan to justify the next batch of internet-lockdown legislative?

      Is it me or is it interesting that this "attack" hit Healthcare and Energy instead of, say, NSA or HS, two targets that would be much more fitting to the Anonymous profile?

    • by LifesABeach (234436) on Saturday November 16, 2013 @01:08PM (#45443341)
      It would appear that it has become a case of FBI vs. FBI?
    • by melikamp (631205) on Saturday November 16, 2013 @01:45PM (#45443581) Homepage Journal
      I can't shake off a feeling that the law enforcement and friendly news sources are using "Anonymous" as a boogeyman. When I see "Anonymous collective has hacked their systems", I read "Their systems were hacked. FBI has no leads". The law enforcement has finally found a perfect line for every situation where they demonstrate incompetence, since "anonymous" turns into "Anonymous" so easily.
    • by symbolset (646467) * on Saturday November 16, 2013 @04:16PM (#45444481) Journal
      Anonymous includes people who actually run these systems all day at their JOB. They don't have to steal info from inside... just a hint on an anonymous board will do. "mbry at fbi.gov, mid-level bureaucrat, local and net admin access, clueless, valuable shared volume access, DB admin, fancies /., Chase, FB, FARK and Brony fansites. Cannot resist smiley packs and IE toolbars."
    • by gweihir (88907) on Saturday November 16, 2013 @06:02PM (#45444999)

      They probably have gone rogue after realizing where the US is headed...

    • by RockDoctor (15477) on Sunday November 17, 2013 @03:41PM (#45449779) Journal
      So ... the FBI have stopped paying, and now the informants are turning on their handlers?

      Just a second while I get my popcorn. This is going to be good.

  • by etash (1907284) on Saturday November 16, 2013 @11:35AM (#45442833)
    who watches the watchers. it iz t3h 31337 h4x0rz t34m.

    i pity the fool
  • by Anonymous Coward on Saturday November 16, 2013 @11:38AM (#45442859)

    They're way more afraid of hundreds or thousands of mini-Snowden Mannings popping up. Thing is, if these guys can get in so easily, what about hostile foreign gov'ts like the Chinese and Russians? Seriously. They were probably already there. This could also be a false flag pre-emptive strike. So, how can we vote for no confidence in our own system?

    • by Grishnakh (216268) on Saturday November 16, 2013 @01:35PM (#45443505)

      They don't have to worry about hundreds or thousands of mini-Snowden/Mannings popping up; it only takes one or two to cause a huge shitstorm, so they have to be very worried about that. However, there's not likely to be than many Snowden/Mannings either, because the risk is so insanely high. Manning was caught and is now in a military prison for a very long time, and Snowden evaded capture by the skin of his teeth, and is now stuck in crappy Russia trying to make a new life (after living in warm and beautiful Hawaii, I hope he likes snow and cold). Given the high risk of capture and imprisonment, there aren't likely to be very many people willing to try this in the future, however as I pointed out, it only takes one to cause an international incident.

  • We wuz hacked! (Score:4, Insightful)

    by oldhack (1037484) on Saturday November 16, 2013 @11:39AM (#45442867)
    Now double our budget so we can counter them. And yeah, pass some laws against these terrorists.
  • by Anonymous Coward on Saturday November 16, 2013 @11:43AM (#45442885)

    And the party hasn't even begun yet,
    you didn't really think that tapping 6+ billion peoples Internet would not have consequences ?

    that Mr Anderson, is the sound of inevitability

  • by ZeroNullVoid (886675) on Saturday November 16, 2013 @11:48AM (#45442901)

    2,0000 bank accounts....
    Is that 2k or 20k?

    TFA needs to be reviewed before going out.
    I expect more from Reuters.

  • "Hacked!"? (Score:4, Insightful)

    by BringsApples (3418089) on Saturday November 16, 2013 @11:54AM (#45442931)
    Ok, I know what hacking is. But I hate how it's become a term that allows for future explanation(s). "We've been hacked!" is something that someone who knows what just happened, tells another person that hasn't got a clue, to tell the masses, while some story is created to eventually explain to the masses, or not at all.

    "An FBI Spokeswoman declined to elaborate"

    I mean to say, what the hell happened? "Being hacked" isn't a real thing. You're missing stuff, or you see that stuff was accessed, or you found some new shit that shouldn't be there... Why aren't they telling us? Could it be because they left something wide open, and cannot legally admit to that?

    • Re:"Hacked!"? (Score:5, Insightful)

      by Dunbal (464142) * on Saturday November 16, 2013 @12:03PM (#45442985)
      Considering this is the FBI we're talking about, it's probably a bunch of people they managed to convince to snoop around in their wide-open honeypots. Just like the "terrorists" they arrest that were recruited, encouraged and even trained by them because one day someone happened to make a politically incorrect remark to a nearby agent. Government manufactures its own terrorists. Just like it prints its own money, causes its own social problems and creates its own wars. It's all a dog and pony show to keep you distracted while they pick your pocket.
      • by BringsApples (3418089) on Saturday November 16, 2013 @06:28PM (#45445125)
        You are exactly correct. The FBI telling the public, "We were hacked" is the same thing as me telling the FBI "I was hacked". They'd want to know what I meant by "hacked". Because "Hacked" isn't a real term on any level, it just means to be Macgyver-like in an approach to problem-solving. So basically the FBI issued a statement that there was a problem, and someone came up with a clever way around the problem. I don't get it, and that they expect me to get it, makes me think that they're trying to sneak something by.
    • by Anonymous Coward on Saturday November 16, 2013 @12:17PM (#45443045)

      seriously, being hacked in all probability means a few webservers breached. big fucking deal.

    • by Bite The Pillow (3087109) on Saturday November 16, 2013 @01:17PM (#45443397)

      Quick look at ColdFusion vulnerabilities suggests this is probably a real hack. And they aren't saying because its not patched everywhere.
      You seem to imply that if details are not known, nothing of substance happened. Save your objections for when the details are known, and it is actually not a hack.
      Preemptive objections make you seem stupid.

  • by ulatekh (775985) on Saturday November 16, 2013 @11:56AM (#45442947) Homepage Journal

    If there was ever any argument for not letting the U.S. government collect massive amounts of data on us, take over the entire healthcare system, etc., it's stories like this. They're simply not competent to do so. They're not even close.

    The U.S. government was originally envisioned as a limited government, with a short list of enumerated powers, and all other government functions were left to the states. Over the years, and in wild violation of our Constitution, the federal government has grown way past that. Not only is their size and function not legally justifiable, but it's simply too big to work.

    A wonderful reform would be to cut down the size of the U.S. government to just what the Constitution allows. Anything that requires coordination between the 50 states can be done in a "clearinghouse" manner, with the federal government providing a mechanism for coordination, but not control over it. That would be a much better way than letting the federal government assume primacy on subjects not in its Constitution.

    • by the eric conspiracy (20178) on Saturday November 16, 2013 @12:22PM (#45443093)

      The reason the healthcare system is broken is that private enterprise and the states completely broke it. Any problems that are in progress are due to obstruction by the Republican Party who are actively working to sabotage this bill and this President. Even before Obama took office they said they would oppose everything and anything he tried to do.

      There are several large Federal agencies like the IRS and Medicare don't have problems with collecting personal data.

    • by gtall (79522) on Saturday November 16, 2013 @12:45PM (#45443223)

      Okay, let's zero out your expected take from SS and Medicare when you are too old to fund yourself. And while we're at it, it would be okay if Grandma moved in with you, right? Her meds only run a few thou a month, but that's a small price for you to pay to be freed of the Fed. Gov. Let's remove NiH, because you will never get cancer, contract a food born illness, or get nailed by the next pandemic. You'll let the mentally ill live with you, 'cause they'll need a place to stay. They usually need meds too.

      Let's also turn the world over to the Chinese because in 20 years, we'll be entirely self-sufficient and won't need any open trading partners. And while we're at it, lets get rid of NTSA and the FAA, you won't die in an airline accident because the airlines cut corners. Let's abolish the SEC, Wall Street and the Banks have your best interests at heart.

      And let's get rid of that awful FBI, if your father gets whacked, you won't need no stinking investigation as to whom did it. Come to think of it, we won't have to worry about young kids getting kidnapped because there will be no federal agency to track them down. They shouldn't have gotten their asses kidnapped in the first place. We also don't need the federal prison system, them guys can kip at your house right...be sure to keep your gun loaded and by your bedside, they tend to sleepwalk a bit.

      • by Hatta (162192) on Saturday November 16, 2013 @02:24PM (#45443805) Journal

        Okay, let's zero out your expected take from SS and Medicare when you are too old to fund yourself. And while we're at it, it would be okay if Grandma moved in with you, right? Her meds only run a few thou a month, but that's a small price for you to pay to be freed of the Fed. Gov. Let's remove NiH, because you will never get cancer, contract a food born illness, or get nailed by the next pandemic. You'll let the mentally ill live with you, 'cause they'll need a place to stay. They usually need meds too.

        Let's also turn the world over to the Chinese because in 20 years, we'll be entirely self-sufficient and won't need any open trading partners. And while we're at it, lets get rid of NTSA and the FAA, you won't die in an airline accident because the airlines cut corners.

        You're all good up to here.

        Let's abolish the SEC, Wall Street and the Banks have your best interests at heart.

        The SEC exists to legitimize financial fraud. When the banks steal billions of dollars, we can all blame the SEC for not doing its job, instead of blaming the people committing the fraud. They've done absolutely nothing to reign in banks, and don't intend to.

        And let's get rid of that awful FBI, if your father gets whacked, you won't need no stinking investigation as to whom did it.

        The much bigger threat is people dying because of bad diets, because of federal ag subsidies. Or people dying from the side effects of drugs they don't need because of a profit driven pharmaceutical industry. Or people dying in needless wars of agression. I'm much more concerned about the FBI causing deaths because they infiltrate and disrupt groups trying to advocate for reforms that would help people.

        The FBI exists only to add a thin veneer of "we're here to protect you" that covers up a massive amount of corruption that harms us far more than helps us. They exist to ensure that entrenched power remains entrenched.

      • by ToddInSF (765534) on Sunday November 17, 2013 @02:15PM (#45449219) Journal
        Every example you've given has a real-world counter-example of where this extremism and remarkable faith in the absoluteness of the efficiency of these systems falls short. To put it very politely.

        But you've conveniently omitted all that.

        What I want to know is, why ?

        People don't want to be told to shut the hell up, everything's fine, when it obviously isn't. And we don't need statist apologists constantly lying to us and pretending that everything's fine and that no other options can be implemented. All you've done here is prove that you have an agenda, and it's an ugly agenda that yields a very dystopic outcome.
    • by Bite The Pillow (3087109) on Saturday November 16, 2013 @01:26PM (#45443457)

      "Stories like this" meaning flaws in Adobe products? I don't know the purpose of the attacked systems, so I can't say whether having the leaked data was appropriate, therefore extrapolation is not supported.
      Any way you look at it, your conclusion is at bestmisplaced, which is why you are modded as troll.

  • by Coditor (2849497) on Saturday November 16, 2013 @11:59AM (#45442963)
    ... we can't tell.
  • by HansKloss (665474) on Saturday November 16, 2013 @12:05PM (#45442995)

    We just learned from the press that targets and directions come from agency.
    So, typical of government
    - create a project
    - fund it
    - find a disposable hacker to perform the "attack"
    - report success
    - ask for more money and staff

  • by Lost Penguin (636359) on Saturday November 16, 2013 @12:05PM (#45442997) Homepage
    The real threat is the people who have been compromised in these organizations.
  • by mevets (322601) on Saturday November 16, 2013 @12:18PM (#45443057)

    Is there anything your software canâ(TM)t do?

  • by davidwr (791652) on Saturday November 16, 2013 @12:30PM (#45443143) Homepage Journal

    Since when did Anonymous == Borg ???

  • by Anonymous Coward on Saturday November 16, 2013 @12:32PM (#45443153)

    All your base are belong to us!

  • by Anonymous Coward on Saturday November 16, 2013 @12:33PM (#45443161)

    Quid Pro Quo? Given the NSA's "hacking" of everyone's data, why should we be surprised that Anonymous is hacking the feds?

    To quote the Bard - screw you assholes!

  • by Anonymous Coward on Saturday November 16, 2013 @01:41PM (#45443549)

    The downfall of this government will not be accomplished by 2nd amendment nuts and their horded ammo, rather by kids clicking from their parents' basements. You go guys!

  • by lapm (750202) on Saturday November 16, 2013 @01:53PM (#45443629)
    Hand up anyone thats suprised US goverment IT systems got hacked once again...
    • by lightknight (213164) on Saturday November 16, 2013 @04:00PM (#45444371) Homepage

      *facepalms*

      Ok...let's just have them burn static HTML pages on a DVD containing the operating system, and work from there. The other side can then play to win against Write Once media.

      I'll be on my island, brooding, and watching anime. ;-)

      • by Lodlaiden (2767969) on Sunday November 17, 2013 @12:23AM (#45446585)

        *facepalms*

        Ok...let's just have them burn static HTML pages on a DVD containing the operating system, and work from there. The other side can then play to win against Write Once media.

        That's actually a very interesting idea for a web front end where you wouldn't actually expect anything to change without an onsite admin being involved. Even dynamic webpages themselves do not change.

  • by WindBourne (631190) on Saturday November 16, 2013 @03:28PM (#45444195) Journal
    Seriously, under W, national security was put aside. Now, we need to focus on this and make good with securing our systems.
  • by Anonymous Coward on Saturday November 16, 2013 @03:32PM (#45444207)

    Department of Energy was hacked via Cold Fusion. How fitting.

  • by DontLickJesus (1141027) on Saturday November 16, 2013 @04:20PM (#45444503) Homepage Journal
    Anon reported back at the beginning of Operation Last Resort that they were already much more deeply entrenched in US government networks than anyone had found. This isn't a new revelation, it's an ongoing event.
  • by sgt_doom (655561) on Saturday November 16, 2013 @04:50PM (#45444673)
    I read this /. post, but I also just read this:

    http://www.wired.com/opinion/2013/11/this-is-how-the-internet-backbone-has-been-turned-into-a-weapon/ [wired.com]

    Who to believe? ? ?
  • by runeghost (2509522) on Saturday November 16, 2013 @05:09PM (#45444763)

    A Justice department that claims it's getting hacked (to worrisome levels) by teenagers. A National Security Agency that spends hundreds of billions spying on the citizens it claims to be protecting while accomplishing nothing. A Defense Department whose specialty is fighting foreign wars badly, while shelling out trillions to contractors.

    It's well past the time where an honest government, or a real democracy, would say "enough failure" throw in the towel, and start again from scratch.

  • by Anonymous Coward on Saturday November 16, 2013 @07:42PM (#45445403)

    Krebs and Holden Security bloggers reported circulating copies of an Adobe Source Code archive. Implict is the archive contained Coldfusion source code. At the time they reported the archive encrypted and they were unable to break the encryption.

    Fast forward, code surfaces from the archive unencrypted for sale on the internet.

    Websites running Coldfusion 8 (an old version no longer supported or monitored for security fixes) is compromised on a number of websites. Re-developing and re-deploying websites developed for an older unmaintained code base is expensive, if possible at all and institutions with limited budgets rarely do it, even if prosecuted. Its easier to "notify" users.

    Krebs and Holden also notice a credible exploit and report it to Adobe, who notes it is effective but not against current products-- however they release a patch for the vulnerability later Nov 12 against CF10.. report its relevant for CF10, CF9.. and that CF8 is no longer supported and that they believe CF8 has been compromised and is the attack vector for hackers currently.

    Moral.. stop running CF8, destroy the old websites using CF8 and re-commission new websites with modern and security supported server software, stop using "notify next of kin" as a cost mitigation factor. And apply security patches for CF9 and CF10 immediately, the attack is being suggested as "Zero Day" and having been used for some time.

  • by MobSwatter (2884921) on Saturday November 16, 2013 @08:16PM (#45445555)
    Sometimes when you hack the planet, the planet hacks you!
  • by ahabswhale (1189519) on Saturday November 16, 2013 @08:31PM (#45445627)

    If you're still using Coldfusion, you deserve to get hacked.

  • by Shaman (1148) <shaman.kos@net> on Saturday November 16, 2013 @10:31PM (#45446135) Homepage

    Cold Fusion is one of the buggiest, most insecure of all the web code development platforms, in a world riddled with buggy, insecure web platforms.

As the trials of life continue to take their toll, remember that there is always a future in Computer Maintenance. -- National Lampoon, "Deteriorata"

Working...