Tags
JISHOU, HUNAN — Present and former IT guys like me are probably thanking the Gods of Silicon that it wasn’t one of us who got caught with our pants down at Gawker.com. Outsiders have been roaming around inside Gawker Media’s computer systems for the past month, downloading all kinds of stuff that supposed to be top secret.
Users’ passwords are just a start. Gawker’s computer systems have been laid out like a murder victim on an autopsy table: access to their databases, FTP access to other computer systems, the entire source code of their website, a custom-designed content management system (CMS). It’s all out there in Internet-land now.
Daniel Kennedy, who writes for Forbes.com, has a complete post-mortem of the victim. There’s a lot of lessons contained in it.
Why did it happen? It seems Gawker’s officers made light of the hacking/cracking skills of coders who spend time at 4chan and similar coder hangouts. As the recent Wikileaks reprisal attacks on Amazon, Visa, Mastercard, PayPal and other big names have shown, no system is invulnerable. Calling these kind of experts “script kiddies,” as Gawker’s leaders did, is sure to piss some of them off.
How did it happen? Details are still missing, but it seems the tech guys at Gawker were running the shop a little too casually, and the powers-that-be were a little too over-confident about the impregnability of their systems. Despite early warning signs, they carried on as if nothing serious had happened. Some users’ passwords got revealed? No big deal, said one Gawker boss. It’s just the “peasants.” (See image below.)
Screenshot of Gawker's internal chat system
It was like going full steam ahead in icy waters, confident in your ship’s “un-sinkability.” We all know how that exercise in navigation turned out.
Unlike the HMS Titanic, however, Gawker is still online, sailing the Internet seas. But its staff has a ton of work to do now, to make sure the ship can still stay afloat. I’m just glad I’m not in their shoes right now.
Wheat-dogg's World 
Whoops!?!
Lol. Richard L can clean out his desk now.
I'd be interested to know what you think of Anonymous, Mr. Wheaton?
I love reading your posts, John. Keep it up. Very entertaining.
Thanks for the link, John — I hadn't realized the hack included the entire source code. Wow.I am keeping a bookmark to that article, to use as ammo for clients who insist on using dictionary words as passwords.
According to the BBC, the most common passwords from the Gawker dump were 123456, password, 12345678, lifehack, qwerty, 123abc, and 111111. Lame.
Brent — I have mixed feelings about anonymous. I've managed websites and systems, so hackers are frankly a pain in the ass. These guys are mostly being vindictive, but Gawker media was being plain lazy. Their security was lax. Sooner or later someone would take them down. Anonymous probably did them a favor.
Good riddance to Gawker Media's reputation. They run the most vile sites among the top-visited places. There is no vulgarity they will not stoop to. To me, the snarky, gossipy orientation of Gawker and its PG-rated colleagues in the Gawker Media stable are more offensive by far than their R-rated sites and even than frank pornography. We should never forgive Gawker Media for having unleashed Wonkette on us (they eventually sold it), run in its early days by the truly disgusting Ana Marie Cox.
David, I enjoyed Wonkette while Ana Marie Cox was writing it. How is she disgusting? Vulgar, I'll give you.
I don't know what to say, Kirk. She just was. I grant that vulgarity does not always equal disgusting, but in this case it seemed so in spades.