Feeds

Oklahoma city threatens to call FBI over 'renegade' Linux maker

Our mistake is YOUR problem

The Power of One eBook: Top reasons to choose HP BladeSystem

The heartland turned vicious this week when an Oklahoma town threatened to call in the FBI because its web site was hacked by Linux maker Cent OS. Problem is CentOS didn't hack Tuttle's web site at all. The city's hosting provider had simply botched a web server.

This tale kicked off yesterday when Tuttle's city manager Jerry Taylor fired off an angry message to the CentOS staff. Taylor had popped onto the city's web site and found the standard Apache server configuration boilerplate that appears with a new web server installation. Taylor seemed to confuse this with a potential hack attack on the bustling town's IT infrastructure.

"Who gave you permission to invade my website and block me and anyone else from accessing it???," Taylor wrote to CentOS. "Please remove your software immediately before I report it to government officials!! I am the City Manager of Tuttle, Oklahoma."

Few people would initiate a tech support query like this, but these are dangerous times, and Taylor suspected the worst. (Er, but only the world's most boring hacker would break into a site and then throw up a boilerplate about how to fix the hack.)

CentOS developer Johnny Hughes jumped on the case and tried to explain the situation to Taylor.

"I feel sorry for your city," he replied in an e-mail. "CentOS is an operating system. It is probably installed on the computer that runs your website. . . . Please contact someone who does IT for you and show them the page so that they can configure your apache webserver correctly."

That response didn't go over so well.

"Get this web site off my home page!!!!! It is blocking access to my website!!!!~!," Taylor responded, clearly excited about the situation and sensing that Bin Laden was near.

Again, CentOS jumped in to try and explain some of the technical details behind the problem. It pointed Taylor to this page, saying it was the standard page for a web server and noted that it provides instructions on how to fix the problem. The CentOS staffer suggested that Taylor contact his service provider or have an administrator look into the issue.

That response didn't go over so well.

"Unless this software is removed I will file a complaint with the FBI," Taylor replied.

Later he added,

"I have four computers located at City Hall. All of these computers display the same CentOS page when attempting to bring up Tuttle-ok.gov. Now if your software is not causing this problem, how does it happen??? No one outside this building has complained about this problem. This is a block of public access to a city's website. Remove your software within the next 12 hours or an official complaint to the FBI is being filed!"

And later,

"I am computer literate! I have 22 years in computer systems engineering and operation. Now, can you tell me how to remove 'your software' that you acknowledge you provided free of charge? I consider this 'hacking.'"

After a few more exciting exchanges, CentOS managed to track down the problem for Taylor. It turns out that hosting provider Vidia Communications is running CentOS on some of its servers and had not configured the Tuttle web site properly. CentOS informed Taylor of the situation, and, a day later, Taylor had calmed down.

"The problem has been resolved by VIDIA who used to host the City website," he wrote. "They still provide cable service but do not host the website. The explanation was that they had a crash and during the rebuild they reinstalled the software that affected our website."

"I am sorry that we had to go through the process and accusations to get the problem resolved. It could have been resolved a lot quicker if the initial correspondence with you provided the helpful information that was transmitted in the last messages. My initial contact with VIDIA disallowed any knowledge of creating the problem."

Er, so despite the fact that CentOS went out of its way to figure out the problem for Tuttle, Taylor still places the blame on CentOS for not fixing the problem - that it didn't create - sooner. In addition, Taylor didn't really start off the whole process on the best foot despite Tuttle being a town "Where People Grow - Friendly!" Grow friendly, threaten to bring in the FBI at the drop of a hat - what's the difference?

As of this writing, one Tuttle web site still had not been fixed, although you can find the charming Tuttle man Taylor over here.

Taylor has yet to respond to our request for comment.

It seems that Tuttle has quite the hacking epidemic on its hands. The Tuttle Times newspaper's web site, for example, has had its Forum section cracked. Click at your own risk to see it or have a peek at our screen grab.

To see the full transcript of the web server war, travel over here. It's classic reading. ®

Reducing security risks from open source software

More from The Register

next story
Motorist 'thought car had caught fire' as Adele track came on stereo
'FIRE' caption on dashboard prompts dunderheaded hard shoulder halt
Delaware pair nabbed for getting saucy atop Mexican eatery
Burrito meets soft taco in alleged rooftop romp outrage
Japanese artist cuffed for disseminating 3D ladyparts files
Printable genitalia fall foul of 'obscene material' laws
Carlos: Slim your working week to just three days of toil
'Midas World' vision suggests you retire later, watch more tellie and buy more stuff
Brit Rockall adventurer poised to quit islet
Occupation records broken, champagne corks popped
Accused! Yahoo! exec! SUES! her! accuser!, says! sex! harassment! never! happened!
Allegations were for 'financial gain', countersuit claims
Yahoo! Japan! launches! service! for! the! dead!
If you're reading this email, I am no longer alive
Plucky Rockall podule man back on (proper) dry land
Bold, barmy Brit adventurer Nick Hancock escapes North Atlantic islet
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Reducing security risks from open source software
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.