Sri Lankan Army site 'assasinated' by rebels
'Horrible' and 'gruesome'
The Sri Lankan army has said its website was hacked by rebels who posted "horrible and gruesome images."
The attack on the www.army.lk site sent army technicians scrambling to remove the content. By Friday afternoon California time, the site appeared to be running normally.
The defense ministry blamed the attack on Tamil rebels known as LTTE, or Liberation Tigers of Tamil Eelam.
"Sri Lanka Army’s official news wing, (www.army.lk) has been illegally hacked and technically 'assassinated' by suspected Tiger terrorists or their proxies, during the wee hours on Friday (1st May), inserting some horrible and gruesome images," the Army wrote here. "This new form of information 'terrorism' is a criminal offence that can be subjected to prosecution, according to international legal provisions."
Internet attacks that accompany geopolitical conflicts have been around since at least 2007, when groups believed to be sympathetic to Russia attacked government crippled web traffic in Estonia for two weeks after the government in the latter country removed a bronze statue depicting a World War II Russian soldier from a park in the city of Tallinn.
Cyber warfare over the past decade has become a major preoccupation of militaries everywhere. Earlier this week, a panel of advisors called the US government's policy for waging war online ill-formed. ®
that's the simplest solution you can come up with?
the vulnerabilities come from poorly written programs/scripts, if those are on your server then it is insecure if they aren't then it is secure (obviously i'm assuming nobody is stupid enough to use "password" as their root password), the only way you can reduce this problem is using the minimal software for the job and making sure to deal with user input correctly in the few scripts you do run
your convoluted method does nothing extra to help protect the server - if your solution to a server being compromised is to reset it back to the same vulnerable state it was in when it was compromised the first time then i really hope i never have to work on any systems you have "secured"
but regarding the article: it's a public army website, it's not like any secure systems were compromised, probably the only people looking at the site would be reporters looking for a bit of information (and potential recruits - but trying not to sound racist in any way, i suspect recruitment online is probably much less common in sri lanka than it is in most western nations)
Did I say anywhere that web-site defacement was a good thing?
My point was that calling it terrorism further dilutes the word "terrorist".
There are no terrorists. Terrorism is a weapon of mass distraction.
let me correct that for you:
"Differences of political opinion do not automagically mean you have the right to deface a web site"
Say what you will about the messages of the site in question, and of those defacing it, but it is still a crime. If you want to speak out aganst a group, you don't deface their site, you put up your own. This allows both sides to express their opinion, rather then one just squelshing the views of the other.
I may hate what you have to say, but I will defend to the death your right to say it.