Post Sat Aug 05, 2006 11:10 pm

Hacker Says Netscape Ignored Warning Via Hacker Ethic

Hackers claim to live by codes. No matter what people think of "D," who hacked the new Digg-style Netscape, he insists it was done for good, not evil. Besides, says D, they had it coming. He gave them ample warning about their security problem.

News of the hack was first reported by security company F-Secure on July 26th, a few days after Netscape head Jason Calacanis offered A-list Digg.com submitters $1,000 per month to write for Netscape instead.

Visitors checking out Netscape's new format were greeted with pop-ups, created from a cross-site scripting (XSS) vulnerability, containing profanity, redirects to Digg.com, and the comedic proclamation that someone named Tom Way was the sexiest man alive, giving the exploit a prank feel.

Hacker ethics, as alluded to earlier, include a set of commandments for "moral" use of the trade. Hackers are not to destroy or damage files. They should notify system administrators about security holes located. They should not steal. They should document and distribute information about exploits. According to D, set to begin as a first-year computer science student, these guidelines were followed in attempt to protect Netscape users from malicious hackers.


For full story:
http://www.securitypronews.com/insiderr ... w.html?d=1

Don
CISSP, MCSE, CSTA, Security+ SME