Some of my Dreamhost accounts have been violated by a group of Malaysian script kiddies. I wonder what they used. My early investigation revealed pieces of code that appeared in a Wordpress media upload folder. This is the place where Wordpress puts imported photos and other media.
They had complete run of my 8 or so websites at 'shared' root. one of the files had PHP and Javascript code that OBVIOUSLY was used to commit these crimes. Other stuff on there wasn't used in my attack: Denial of Service code, etc. It looked like a complete burglar's kit of tools. UGH. I had to take a shower after touching this stuff. There's creepy stuff out there that could destroy the very foundations of the WEB: SSL Encryption ( in some cases ) has been cracked<http://www.theregister.co.uk/2010/06/08/padding_oracle_attack_tool/> . Paypal has been breached<http://www.theregister.co.uk/2011/09/19/beast_exploits_paypal_ssl/> by researchers. Without confidence, the entire web could become inert and useless, like CB radio. One good thing - the kiddies will temporarily be confused by odd-looking Livecode scripting. Probably think it's a PHP derivative. On 21 September 2011 04:09, Claudi Cornaz <claud...@fiberworld.nl> wrote: > Hi all, > > I came across this article and altough I don't know much about this I > thought it might interest some of you. > Hackers break SSL encryption used by millions of sites > > I don't know which version of SSL livecode server deploys, but apparently > this might be something quite serious > and perhaps even a unique opportunaty for livecode server by > being/becomming save. > > Claudi > _______________________________________________ > use-livecode mailing list > use-livecode@lists.runrev.com > Please visit this url to subscribe, unsubscribe and manage your > subscription preferences: > http://lists.runrev.com/mailman/listinfo/use-livecode > -- Stephen Barncard San Francisco Ca. USA more about sqb <http://www.google.com/profiles/sbarncar> _______________________________________________ use-livecode mailing list use-livecode@lists.runrev.com Please visit this url to subscribe, unsubscribe and manage your subscription preferences: http://lists.runrev.com/mailman/listinfo/use-livecode
