[clug] Hack attack on University of East Anglia's Climatic Research Unit
paulway at mabula.net
Sat Nov 21 18:35:07 MST 2009
On 21/11/09 21:01, Kim Holburn wrote:
> When you have the money in the major energy industries arrayed against
> you, trillions of dollars, you simply aren't going to keep people out.
> No matter what technology you use there are always people involved.
Even though I'm all for sticking it to the fossil fuel industry, I don't think
they're sophisticated enough or desperate enough (yet) to go attacking a
university's email system just to find emails that might do 'something' for or
against them. What would they be looking for anyway? They're still happily
paying for perfectly valid scientists to cook up perfectly reasonable-looking
experiments to prove whatever they want; they're about as far away from
hacking into university email accounts as a tiger is from using rabbit-traps.
If there was an attack on the economics department's mail server, it'd be
blamed on those evil corporations. If it was the law department's server,
it'd be rival universities. If it was the humanities department's server,
it'd be all those neo-Nazis. If it was the maths department's server, it
wouldn't even rate a mention.
And as Daniel says, universities also have conflicting security goals. They
have a faculty and staff who still think dot matrix printers are pretty neat;
they have a huge body of hackers (who we outsiders know as 'students') trying
to catch every virus, attack everything else and cheat on their exams; they
have researchers who want to give access to sensitive equipment to other
researchers from untrusted sites around the globe. This is not an environment
where one can come up with neat, simple security models.
More information about the linux