Results 1 to 10 of 49

Thread: Anti-Sec Crusade Against Full-Disclosure. "Imageshacked"

Threaded View

Previous Post Previous Post   Next Post Next Post
  1. July 10th, 2009 09:35 PM #1
    klange
    klange is offline
    おはようございます klange's Avatar
    Join Date
    Dec 2006
    Posts
    3,028

    Anti-Sec Crusade Against Full-Disclosure. "Imageshacked"

    So, I'm sure that by now you've seen this thing:



    ... instead of some image you were looking for.

    What is Full Disclosure?

    Full disclosure is when whitehat hackers (the good guys) release information on critical exploits to demand that they be fixed and patched immediately. When exploits aren't publicly released, many software developers ignore them and allow them to stay in code - creating security risks that can be exploited when blackhats (the bad guys) find them.

    What's Anti-Sec doing?

    They've hacked ImageShack so that instead of serving the images you've uploaded, they are randomly returning the image pictured above to try and "fight" full-disclosure. They are wasting your bandwidth and breaking our forum rules to do this, and also wasting our time.

    Why are they wrong?

    Full-disclosure is the opposite of security-through-obscurity. It is at the heart of why open-source projects like Linux are so secure: the freely available source-code has precisely the same effect as releasing exploit information for a proprietary application. Even Apache's security updates are driven by publicly posted exploits. By fighting this long-established security practice, ImageShack is not only wasting our time and money, but they are also defending the most ridiculous methodology in existence.

    What can you do to stop them?

    I have no idea where this campaign came from, I just saw the image, read it, got extremely pissed off, grabbed a more reputable source, sat down and typed this post. There's no way to block the specific image as it is randomly returned from ImageShack, so you'd just have to block all of their images. What I can say is that we have hundreds of other places to upload our images. I've been using my own server for years, and while it's painfully slow, it offers much better service than ImageShack.

    The only solution right now is stop using ImageShack to host your images.


    UPDATE:     ImageShack was hacked by Anti-Sec to put these up. Either way, avoid ImageShack to ensure that your images aren't replaced by this annoying message.

    ANTI-SEC IS A BLACKHAT HACKING GROUP - They are looking to shut down sites like Bugtraq to capitalize on zero-day exploits.
    Last edited by klange; July 10th, 2009 at 11:20 PM.
    Reply With Quote
« Previous Thread | Next Thread »

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules