Oklahoma city threatens to call FBI over 'renegade' Linux maker
Our mistake is YOUR problem
The heartland turned vicious this week when an Oklahoma town threatened to call in the FBI because its web site was hacked by Linux maker Cent OS. Problem is CentOS didn't hack Tuttle's web site at all. The city's hosting provider had simply botched a web server.
This tale kicked off yesterday when Tuttle's city manager Jerry Taylor fired off an angry message to the CentOS staff. Taylor had popped onto the city's web site and found the standard Apache server configuration boilerplate that appears with a new web server installation. Taylor seemed to confuse this with a potential hack attack on the bustling town's IT infrastructure.
"Who gave you permission to invade my website and block me and anyone else from accessing it???," Taylor wrote to CentOS. "Please remove your software immediately before I report it to government officials!! I am the City Manager of Tuttle, Oklahoma."
Few people would initiate a tech support query like this, but these are dangerous times, and Taylor suspected the worst. (Er, but only the world's most boring hacker would break into a site and then throw up a boilerplate about how to fix the hack.)
CentOS developer Johnny Hughes jumped on the case and tried to explain the situation to Taylor.
"I feel sorry for your city," he replied in an e-mail. "CentOS is an operating system. It is probably installed on the computer that runs your website. . . . Please contact someone who does IT for you and show them the page so that they can configure your apache webserver correctly."
That response didn't go over so well.
"Get this web site off my home page!!!!! It is blocking access to my website!!!!~!," Taylor responded, clearly excited about the situation and sensing that Bin Laden was near.
Again, CentOS jumped in to try and explain some of the technical details behind the problem. It pointed Taylor to this page, saying it was the standard page for a web server and noted that it provides instructions on how to fix the problem. The CentOS staffer suggested that Taylor contact his service provider or have an administrator look into the issue.
That response didn't go over so well.
"Unless this software is removed I will file a complaint with the FBI," Taylor replied.
Later he added,
"I have four computers located at City Hall. All of these computers display the same CentOS page when attempting to bring up Tuttle-ok.gov. Now if your software is not causing this problem, how does it happen??? No one outside this building has complained about this problem. This is a block of public access to a city's website. Remove your software within the next 12 hours or an official complaint to the FBI is being filed!"
"I am computer literate! I have 22 years in computer systems engineering and operation. Now, can you tell me how to remove 'your software' that you acknowledge you provided free of charge? I consider this 'hacking.'"
After a few more exciting exchanges, CentOS managed to track down the problem for Taylor. It turns out that hosting provider Vidia Communications is running CentOS on some of its servers and had not configured the Tuttle web site properly. CentOS informed Taylor of the situation, and, a day later, Taylor had calmed down.
"The problem has been resolved by VIDIA who used to host the City website," he wrote. "They still provide cable service but do not host the website. The explanation was that they had a crash and during the rebuild they reinstalled the software that affected our website."
"I am sorry that we had to go through the process and accusations to get the problem resolved. It could have been resolved a lot quicker if the initial correspondence with you provided the helpful information that was transmitted in the last messages. My initial contact with VIDIA disallowed any knowledge of creating the problem."
Er, so despite the fact that CentOS went out of its way to figure out the problem for Tuttle, Taylor still places the blame on CentOS for not fixing the problem - that it didn't create - sooner. In addition, Taylor didn't really start off the whole process on the best foot despite Tuttle being a town "Where People Grow - Friendly!" Grow friendly, threaten to bring in the FBI at the drop of a hat - what's the difference?
Taylor has yet to respond to our request for comment.
It seems that Tuttle has quite the hacking epidemic on its hands. The Tuttle Times newspaper's web site, for example, has had its Forum section cracked. Click at your own risk to see it or have a peek at our screen grab.
To see the full transcript of the web server war, travel over here. It's classic reading. ®
Sponsored: Today’s most dangerous security threats