Update: ESR Confirms DoS Attack; Hacker to End AttackAug 25, 2003, 05:00 (99 Talkback[s])
(Other stories by Eric S. Raymond)
ESR Confirms DoS Attack; Hacker to End Attack
By Eric S. Raymond
I have just received confirmation that there was indeed a DoS attack on SCO's network, a rather sophisticated one organized by an experienced Internet engineer. The person responsible has agreed to terminate the attack in response to my earlier request, but it will not actually end until the timers on his 'bots run out.
I don't actually know who the attacker is, and don't want to; the person who phoned me was not him, but an associate -- what spies call a cut-out. It is clear that the attacker was no script kiddie; he was able to come up with a subtle, selective attack that only took out a subset of sites on the subnet that hosts SCO and looked like a site outage from the outside.
I had been hoping, and actually expecting, that the attacker would turn out to be some adolescent cracker with no real connection to the open-source community other than a willingness to stand down when one of its leaders asked. But no; I was told enough about his background and how he did it to be pretty sure he is one of us -- and I am ashamed for all of us.
This attack was wrong, and it was dangerous to our goals. I realize the provocation was extreme; since March SCO has threatened, grossly insulted, and attacked our community and everything we've worked for. I'm certainly not without sympathy for the person who did this.
Nevertheless...we must *never* make this mistake again, whether against SCO or any other predator. When we use criminal means to fight them, no matter what the provocation is, we bring ourselves down to the level of the thieves and liars now running SCO. That is unethical, and bad tactics to boot.
Public opinion matters, it even influences judges. We must do right, and we must be *seen* to do right, in order to win against SCO and the bigger, nastier foe pulling their strings. In an info-war like this, truth is the most potent weapon, but a reputation for virtue and honesty runs a close second. Don't be the one to throw ours away!
One more request. Please try to keep the conspiracy theorizing under control, at least in public forums. Yes, SCO is behaving much like a sock puppet of Microsoft now, but we have neither any evidence of conspiracy prior to the lawsuit there nor any need to suppose it to explain either company's behavior. Overheated speculation about how long they've been plotting this just makes us look paranoid. Stick to the facts; Microsoft, a convicted predatory monopolist, is funding a lawsuit against its only serious competition to the tune of more than six megabucks, and their money is the only real income SCO has. That's quite enough without the speculation.
Rebel Alliance provisional command...uh...thanks you for your cooperation. There will be further dispatches shortly. Keep watching the skies...
Let SCO Hang Itself
The confrontation between SCO and the open-source community has now escalated to open war. I suppose, in retrospect, that this was inevitable once SCO announced its intention to sue on a theory that would make all open-source licenses invalid. And we all know who's lurking like Emperor Palpatine behind Darl Vader, funding his lawsuit to the tune of at least $6,000,000 even if not otherwise pulling his strings.
SCO/Caldera's site is being hit by a massive denial-of-service attack today. The timing, the scuttlebutt on Slashdot and elsewhere, and the contents of my mailbox all suggest strongly that the DOS attack was triggered by Darl McBride's slanderous interview accusing the community of being IBM's sock puppets, and my response to it.
It appears that my response articulated what many of us have been feeling for months as SCO's public rantings grew ever wilder and more destructive. McBride's personal accusations against me bother me very little, but I am nevertheless honored and humbled by the heartfelt support many of you have emailed. A good number of you seem to want to elect me your war-leader in this crisis -- maybe it's time for me to dust off that Obi-Wan Kenobi costume the SVLUG people made for me to wear on the original Windows Refund Day :-). I will strive to be worthy of your trust.
With whatever authority I have, I ask that the DOS attack cease immediately. Please stand down now. We have better ways to win this fight.
There are at least three reasons running a denial-of-service against SCO is a bad idea:
First: We're the good guys. But that doesn't matter if we aren't seen to be the good guys. We cannot fight our war using vandalism and trespass and the suppression of speech, or SCO will paint us as crackers and maybe win. Let's keep the moral high ground here.
Second: We have other tools that are more powerful. We have an astonishingly strong set of facts on our side. SCO has been caught in multiple lies, wholesale IP violations, and defamatory statements. The way to destroy them is with legal weapons. We can do that.
Third: SCO is its own worst enemy. Every time its spokespeople open their mouths, they dig their company's grave a little deeper. Consider their statements at SCOforum and what followed. We're in an even stronger position than we were three days ago.
We want them raving in public. It helps us. Everything they say is more rope to hang them with in a courtroom, but they're too trapped in their own propaganda-based strategy to do the smart thing and shut up. Their problem is that the moment they stop FUDding long enough for people to get a clear-eyed look at the facts their credibility will evaporate and their stock price will crash hard. Even all the legions of Microsoft's press shills, captive analysts, and astroturfers won't be able to rescue them.
Stop the DOS attack. Let SCO speak out and hang itself.
Right now, the most helpful thing you can do is collect SCO's published statements and show how they have repeatedly contradicted themselves and lied about the facts. I've received some genuinely useful stuff by email describing factual and legal vulnerabilities that the research team here at Alliance HQ didn't spot on its own -- papers like Greg Lehey's analysis of the code SCO revealed at SCOforum showing that they must have stripped BSD copyrights out of their kernel tree. The reports indicating reason to believe that there is probably GPLed code in Unixware's Linux Personality Module were helpful too.
One of our big advantages over SCO is distributed brainpower. There are a lot of us, and we have excellent Internet-research skills. Want to strike a blow against SCO? Help convict them using their own public statements, their own 10Ks and 10Qs, all the press coverage, the material that's in their web and FTP sites. Collate. Assemble dossiers. The facts are with us, so gather and use the facts. All cheesy Star Wars references aside, this is info-war. Truth -- believable and provable truth -- is the weapon.
This is why sites like the IWeThey SCOvsIBM page and WeLoveTheSCOInformationMinister aren't just good clean fun; they're valuable references to help lawyers demonstrate SCO's record of bad faith, lies, and massive intellectual-property theft. Do more of that; in particular. the IWeThey wiki badly needs updating and better cross-references. These things will be used to defeat SCO -- and sooner than you probably think.
I'm organizing a conference call early this coming week among a few key leaders to decide on the next stage of our response. Have patience. There is a plan developing, which I can't talk about because the element of surprise is part of it. We will counterattack at a time and place of our choosing and we will win.
Rebel Alliance provisional command, over and out... :-)
 The research team: myself, Rob Landley, and Catherine Raymond, esq.