Imageshack Hacked: Anti-Sec
nzshadow
5,518 Posts
For a short while, every image hosted on imageshack was replaced with this:
Interesting, isn???t it?I must say I???m impressed. You???ll find comments calling them script kiddies and the likes, but something as major as imageshack is no joke. Sure it???s a simple imagehost, but they sure aren???t poor and like any other web-based business, they sure as hell worry about security.A lot of people are mentioning how the find this self-contradicting and ironic.I mean, hackers hacking websites about hacking in order to stop the shared knowledge about???hacking?Pretty much. Allow me to explain.To begin with, we need to explain Full Disclosure once more. As clear, concise, and straight to the point as they were, I think I can do better in the field of expanation. Full Disclosure is the practice of publicly announcing and explaning a threat or exploit in a supposed attempt inform the security community about the problem. Basically, a security company or ???crew??? may find an exploit in anything from a web application to Microsoft Windows. This company or crew then publicly announces that it has found the threat and goes into great lengths to tell the world about their find and how it could be maliciously used. This of course gets security companies in a hurry to fix these threats and exploits. The intention is to find and fix the problems before the ???bad guys??? do.The problem with this is, not all of these exploits get fixed. Some take time to figure out a fix while others take time to become publicized. Often, users don???t update their security software often enough to become protected and there are way too many for companies to keep up with. The reason for this lies in the idea that with these newly-published exploits, anyone, especially script kiddies (anyone who uses these without knowledge in the field is considered a script kiddy), can take these newly released exploits and put them to use, nearly always for malicious reasons. There are many more young guns interested in learning how to ???hack??? than there are people interested in learning how to better-secure their information. In short, by releasing these exploits, it creates more trouble than its helps.You would think that security companies would see and avoid this. Without these exploits being produced, there would be a much lower amount of spam, adware, spyware, rootkits, and viruses of all sorts. There would be less overseas-based companies spamming our inbox and less script kiddies vandalizing their local church homepage. You would think security companies would push for this. But with less malware comes less demand for security. By creating an environment that is full of threats, the security industy creates an environment full of need for its products.And so these guys come along. This ???Anti-Sec??? movement goes about and hacks imageshack, one of the largest imagehosting services of it???s type. Nearly every forum with images posted by users has at least a few images hosted by imageshack, most of them have many, many more. Their point wasn???t to hack imageshack because it supported the security industry. The point was to hack imageshack because it would get their word out to many people in a very span of time. With imageshack hosting millions and millions of images, this has go to be one of the biggest advertising campaigns in the world. I wouldn???t be surprised if they have just set a record. This is about getting their word out.Soon news sites and then networks and then local news will be reporting about this incident. Some have already begun.They are getting the publicity they want and the naive public that we are made of will soon learn what ???full-disclosure??? means.Millions will see, many will understand, some will agree, and maybe a few will speak up. This is their goal.And yes, I reaize by posting this, I???m only helping them get their word out. Why would I do such a thing?I saw. I understood. I agree. I???m speaking up.From: http://www.helpdavid.com/imageshack-hacked/-------------------------
Interesting, isn???t it?I must say I???m impressed. You???ll find comments calling them script kiddies and the likes, but something as major as imageshack is no joke. Sure it???s a simple imagehost, but they sure aren???t poor and like any other web-based business, they sure as hell worry about security.A lot of people are mentioning how the find this self-contradicting and ironic.I mean, hackers hacking websites about hacking in order to stop the shared knowledge about???hacking?Pretty much. Allow me to explain.To begin with, we need to explain Full Disclosure once more. As clear, concise, and straight to the point as they were, I think I can do better in the field of expanation. Full Disclosure is the practice of publicly announcing and explaning a threat or exploit in a supposed attempt inform the security community about the problem. Basically, a security company or ???crew??? may find an exploit in anything from a web application to Microsoft Windows. This company or crew then publicly announces that it has found the threat and goes into great lengths to tell the world about their find and how it could be maliciously used. This of course gets security companies in a hurry to fix these threats and exploits. The intention is to find and fix the problems before the ???bad guys??? do.The problem with this is, not all of these exploits get fixed. Some take time to figure out a fix while others take time to become publicized. Often, users don???t update their security software often enough to become protected and there are way too many for companies to keep up with. The reason for this lies in the idea that with these newly-published exploits, anyone, especially script kiddies (anyone who uses these without knowledge in the field is considered a script kiddy), can take these newly released exploits and put them to use, nearly always for malicious reasons. There are many more young guns interested in learning how to ???hack??? than there are people interested in learning how to better-secure their information. In short, by releasing these exploits, it creates more trouble than its helps.You would think that security companies would see and avoid this. Without these exploits being produced, there would be a much lower amount of spam, adware, spyware, rootkits, and viruses of all sorts. There would be less overseas-based companies spamming our inbox and less script kiddies vandalizing their local church homepage. You would think security companies would push for this. But with less malware comes less demand for security. By creating an environment that is full of threats, the security industy creates an environment full of need for its products.And so these guys come along. This ???Anti-Sec??? movement goes about and hacks imageshack, one of the largest imagehosting services of it???s type. Nearly every forum with images posted by users has at least a few images hosted by imageshack, most of them have many, many more. Their point wasn???t to hack imageshack because it supported the security industry. The point was to hack imageshack because it would get their word out to many people in a very span of time. With imageshack hosting millions and millions of images, this has go to be one of the biggest advertising campaigns in the world. I wouldn???t be surprised if they have just set a record. This is about getting their word out.Soon news sites and then networks and then local news will be reporting about this incident. Some have already begun.They are getting the publicity they want and the naive public that we are made of will soon learn what ???full-disclosure??? means.Millions will see, many will understand, some will agree, and maybe a few will speak up. This is their goal.And yes, I reaize by posting this, I???m only helping them get their word out. Why would I do such a thing?I saw. I understood. I agree. I???m speaking up.From: http://www.helpdavid.com/imageshack-hacked/-------------------------