Update: ESR Confirms DoS Attack; Hacker to End Attack
Aug 25, 2003, 05:00 (99 Talkback[s])
(Other stories by Eric S. Raymond)
Desktop-as-a-Service Designed for Any Cloud ? Nutanix Frame
ESR Confirms DoS Attack; Hacker to End Attack
By Eric S. Raymond
Open Source Initiative
I have just received confirmation that there was indeed a DoS
attack on SCO's network, a rather sophisticated one organized by an
experienced Internet engineer. The person responsible has agreed to
terminate the attack in response to my earlier request, but it
will not actually end until the timers on his 'bots run out.
I don't actually know who the attacker is, and don't want to;
the person who phoned me was not him, but an associate -- what
spies call a cut-out. It is clear that the attacker was no script
kiddie; he was able to come up with a subtle, selective attack that
only took out a subset of sites on the subnet that hosts SCO and
looked like a site outage from the outside.
I had been hoping, and actually expecting, that the attacker
would turn out to be some adolescent cracker with no real
connection to the open-source community other than a willingness to
stand down when one of its leaders asked. But no; I was told enough
about his background and how he did it to be pretty sure he is one
of us -- and I am ashamed for all of us.
This attack was wrong, and it was dangerous to our goals. I
realize the provocation was extreme; since March SCO has
threatened, grossly insulted, and attacked our community and
everything we've worked for. I'm certainly not without sympathy for
the person who did this.
Nevertheless...we must *never* make this mistake again, whether
against SCO or any other predator. When we use criminal means to
fight them, no matter what the provocation is, we bring ourselves
down to the level of the thieves and liars now running SCO. That is
unethical, and bad tactics to boot.
Public opinion matters, it even influences judges. We must do
right, and we must be *seen* to do right, in order to win against
SCO and the bigger, nastier foe pulling their strings. In an
info-war like this, truth is the most potent weapon, but a
reputation for virtue and honesty runs a close second. Don't be the
one to throw ours away!
One more request. Please try to keep the conspiracy theorizing
under control, at least in public forums. Yes, SCO is behaving much
like a sock puppet of Microsoft now, but we have neither any
evidence of conspiracy prior to the lawsuit there nor any need to
suppose it to explain either company's behavior. Overheated
speculation about how long they've been plotting this just makes us
look paranoid. Stick to the facts; Microsoft, a convicted predatory
monopolist, is funding a lawsuit against its only serious
competition to the tune of more than six megabucks, and their money
is the only real income SCO has. That's quite enough without the
Rebel Alliance provisional command...uh...thanks you for your
cooperation. There will be further dispatches shortly. Keep
watching the skies...
Let SCO Hang Itself
The confrontation between SCO and the open-source community has
now escalated to open war. I suppose, in retrospect, that this was
inevitable once SCO announced its intention to sue on a theory that
would make all open-source licenses invalid. And we all know who's
lurking like Emperor Palpatine behind Darl Vader, funding his
lawsuit to the tune of at least $6,000,000 even if not otherwise
pulling his strings.
SCO/Caldera's site is being hit by a massive denial-of-service
attack today. The timing, the scuttlebutt on Slashdot and
elsewhere, and the contents of my mailbox all suggest strongly that
the DOS attack was triggered by Darl McBride's slanderous
interview accusing the community of being IBM's sock puppets,
and my response to it.
It appears that my response articulated what many of us have
been feeling for months as SCO's public rantings grew ever wilder
and more destructive. McBride's personal accusations against me
bother me very little, but I am nevertheless honored and humbled by
the heartfelt support many of you have emailed. A good number of
you seem to want to elect me your war-leader in this crisis --
maybe it's time for me to dust off that Obi-Wan Kenobi costume the
SVLUG people made for me to wear on the original Windows Refund Day
:-). I will strive to be worthy of your trust.
With whatever authority I have, I ask that the DOS attack cease
immediately. Please stand down now. We have better ways to
win this fight.
There are at least three reasons running a denial-of-service
against SCO is a bad idea:
First: We're the good guys. But that doesn't matter if we aren't
seen to be the good guys. We cannot fight our war using
vandalism and trespass and the suppression of speech, or SCO will
paint us as crackers and maybe win. Let's keep the moral high
Second: We have other tools that are more powerful. We have an
astonishingly strong set of facts on our side. SCO has been caught
in multiple lies, wholesale IP violations, and defamatory
statements. The way to destroy them is with legal weapons. We can
Third: SCO is its own worst enemy. Every time its spokespeople
open their mouths, they dig their company's grave a little deeper.
Consider their statements at SCOforum and what followed. We're in
an even stronger position than we were three days ago.
We want them raving in public. It helps us. Everything
they say is more rope to hang them with in a courtroom, but they're
too trapped in their own propaganda-based strategy to do the smart
thing and shut up. Their problem is that the moment they stop
FUDding long enough for people to get a clear-eyed look at the
facts their credibility will evaporate and their stock price
will crash hard. Even all the legions of Microsoft's press shills,
captive analysts, and astroturfers won't be able to rescue
Stop the DOS attack. Let SCO speak out and hang itself.
Right now, the most helpful thing you can do is collect SCO's
published statements and show how they have repeatedly contradicted
themselves and lied about the facts. I've received some genuinely
useful stuff by email describing factual and legal vulnerabilities
that the research team here at Alliance HQ didn't spot on its
own -- papers like Greg Lehey's analysis of the code SCO
revealed at SCOforum showing that they must have stripped BSD
copyrights out of their kernel tree. The reports indicating reason
to believe that there is probably GPLed code in Unixware's Linux
Personality Module were helpful too.
One of our big advantages over SCO is distributed brainpower.
There are a lot of us, and we have excellent Internet-research
skills. Want to strike a blow against SCO? Help convict them using
their own public statements, their own 10Ks and 10Qs, all the press
coverage, the material that's in their web and FTP sites. Collate.
Assemble dossiers. The facts are with us, so gather and use the
facts. All cheesy Star Wars references aside, this is info-war.
Truth -- believable and provable truth -- is the weapon.
This is why sites like the IWeThey SCOvsIBM page and
WeLoveTheSCOInformationMinister aren't just good clean fun;
they're valuable references to help lawyers demonstrate SCO's
record of bad faith, lies, and massive intellectual-property theft.
Do more of that; in particular. the IWeThey wiki badly needs
updating and better cross-references. These things will be used to
defeat SCO -- and sooner than you probably think.
I'm organizing a conference call early this coming week among a
few key leaders to decide on the next stage of our response. Have
patience. There is a plan developing, which I can't talk about
because the element of surprise is part of it. We will
counterattack at a time and place of our choosing and we will
Rebel Alliance provisional command, over and out... :-)
 The research team: myself, Rob Landley, and Catherine
Eric S. Raymond