« Arbitron Rates Top Webcasters for July | Main | Presentation on Salon.com's Content Management System »

Slashdot Hacked, Test Server Used to Gain Access

Slashdot is reporting that it was hacked last night by people who claimed to have good intentions. According to Rob Malda, the exploit depended upon the existance of a freshly installed copy of the base Slashcode distribution, existing on the same subnet outside their firewall.

There are a lot of things that could be said about the problems that this exposes in the existing and previous Slashcode architectures, the system administration practices of the people running Slashdot.org. Read on if you are interested in this from a Slash operations perspective.

One of the interesting places to look for information about this problem is undoubtedly going to be the Slashcode mailing list. Here is the Web Page that represents the current week's activity on the mailing list. A good thread of discussion about the exploit has begun there.

For what it's worth, it is fairly safe to say that CTDATA customers using our version of Slash are not likely to be affected by the vulnerability that was used to temporarily gain control of Slashdot. Of course, it never pays to tempt fate....

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)


CTDATA Venutures (CTDATA) develops Internet and Intranet applications for corporations and non profit organizations. Our services include:

  • Consulting services for Movable Type and TypePad-based publishing systems (visit our Weblog Improvement website for more information),
  • Financial services business process consulting,
  • Content management system and knowledge management system consulting,
  • Apache web server engineering and hosting,
  • MySQL, Sybase, and Microsoft SQL Server architecture and development,
  • SOAP, REST, and XML-RPC system architecture and programming, including Amazon Web Services and
  • Weblog publishing.
For more information, contact Dave Aiello by email at dave [at] daveaiello.com or call him at +1-267-352-4420.
Copyright © 1995-2010, CTDATA Ventures. All Rights Reserved.
Powered by
Movable Type 4.25