I don't know the details of the story, so I cannot comment. However,
your point which deride the story are meaningless.
It's MUCH more likely that the ISP hosting the site was monitoring the
logs - likely because it was a one off event with a HUGE cash flow. Much
of the monitoring may have been done manually / semi-manually. So no, BT
would have (possibly) nothing to do with looking at the logs.
BT are most likely implicated because they may have been the arrested
user's ISP - and provided, clearly without following due process, the
resolution to his home address from an IP and timestamp. SO yes - I'd
say a bit of bad publicity may very well be in order, if this is the
case. (I reiterate, I DO NOT know the details of this story so I cannot
verify that this is or is not the case.)
The police may or may not deserve the bad PR since they would appear
from the article to have reacted without checking facts, without
consulting a technical expert and to have used force surely vastly out
of proportion to what was warranted. I know if I was having my lunch at
home, I would quite happily open my door if the police knocked -
breaking down my door would be most unnecessary. But again, let me say
that I am basing my writing on exactly and exclusively the content of
the article posted below. I do not know any more details, not can I
personally vouch for the accuracy of the details contained therein.
In summary, unless you know significantly more details about the case
than I do, your comments do not ascertain that any elements of the story
are any more or less likely.
I too, shall be following the results of this story with interest,
being a user of lynx (and Firefox) on Solaris, Linux, OS X and various
other 'minority' operating systems...
Usual disclaimers apply, YMMV, IANAL, etc. :-)
Best regards,
-->Gar
Thomas Bridge wrote:
> On Tue, Feb 01, 2005 at 03:51:16PM +0000, Paul Reilly wrote:
>>>A Londonder made a tsnuami-relief donation using lynx -- a text-based
>>browser used by the blind, Unix-users and others -- on Sun's Solaris
>>operating system. The site-operator decided that this "unusual" event in
>>the system log indicated a hack-attempt, and the police broke down the
>>donor's door and arrested him. From a mailing list:
>>>> For donating to a Tsunami appeal using Lynx on Solaris 10. BT [British
>>Telecom] who run the donation management system misread an access log and
>>saw hmm thats a non standard browser not identifying it's type and it's
>>doing strange things. Trace that IP. Arrest that hacker.
>>> It could just be me but I find a number of things about this story
> to be a bit unlikely.
>> For a start, BT a) don't strike as that clueless nor b) that fast to deal
> with a hack attempt. Nor is it likely BT were loooking at the accesslog
> as opposed to a piece of software that processes logs - and it strikes me
> as very unlikely that such a piece of software would fail to recognise
> Lynx.
>> Thomas
>
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
