Defacers Really a Problem?

[unit321]

Everybody seems to treat website defacers like they are the scum of the earth.I dont agree with what they do, but are they really that bad? I got defaced 3 times, but it isnt really a problem. You jhust undeface it, which isnt that much effort unless they defaced a string of your websites or every page. But a defaced homepage isnt that much of a problem. shouldnt we be more worried about people deleteing all our files than changing our homepage? Defacers also create MORE traffic. for instance if you are put on ZONE-H people will visit your site. They will get you HIGHER rankings in google, because the google randking system is partly based on how many sites link to your site, and if your site is archived a bunch.... thats a higher link status. Im not saying defacers are good people, but shouldnt we be less worried about them?
its just a philosophical question i think pople should ask themselves.

[Soda_Popinsky]

If you are defaced, then it means there is a hole in your server that gives the public access to information they shouldn't have. What if they have access to email? Payroll? A list of emails? It's information security. If you own a personal website on your own server, then by all means, leave some holes in it so you can get defaced. But if you run a site that others depend on, then your server should be locked, because its your responsibility. I don't see two sides to it, it's someone breaking into your server, and screwing with your work. Having my defaced website posted on zone-h isn't a reputation I would like.

3 times huh? I'd be furious. Good luck when your payment database password is in the hands of a middle school loser. Have fun undefacing that one.

[hobbdebub]

I don't see any good in having a site defaced. It makes you look bad as an administrator (if you were doing your job it wouldn't have been defaced and istead of wasting time "undefacing" the site you could be patching the vulnerable software to keep you from getting defaced.) Also the extra traffic... what if your site does a lot of credit card transactions? If it's defaced then how are your customers gonna feel about trusting your company with private info in what is suppossed to be a secure environment? I am still just a kid and I understand that much.

[embro1001]

So like...it kinda like credit card theft. If I steal a card, and go on a spending spree, the customer isn't responsible for the charges (depending on the card). So what's the big deal? I mean, I get my new stuff, they don't pay, and the company gets to make a commercial that promotes their zero-liability policy...

Not exactly the same thing, but similar concept...

Mr. Soda is right, there are other things that come up besides ratings. Believe it or not, while the "hit rating" may go up, the "dependability rating" will go down. If Microsoft gets plastered, that puts up a negative image. That means less people may trust a certain product. That means lost money.

Not to mention revenue lost during the duration of the swapped index page. An e-commerce site will lose BOOKOO bucks, even if they are down for a few hours (which wouldn't be the case - they'd fix it pretty darn fast - but what if?). I think defacers tend to be the scum of the earth. They somehow get access to a box, and THEN figure out some righteous cause for doing it, or they do a shout out to their other uberleet buddies.

Not coo my friend...not coo.

[KorpDeath]

Your question is only slightly less shallow than most of the answers you've recieved. Save for Soda_P's.

There's no debate young one. Defacing Walmart.com is akin to tagging every Walmart storefront in the world... There's no two ways about it. Illegal, immoral, and unethical.

And as far as it not mattering to you, obviously it doesn't matter... it's happened more than twice, which in my book is saying more about how YOU handle security than about THEM getting in and defacing your puny lil' vanity site.

"Those with nothing to lose don't care about what they have." - ME

peace

[embro1001]

Originally posted here by KorpDeath
Your question is only slightly less shallow than most of the answers you've recieved. Save for Soda_P's.

Ouch man. We're trying to help, too. No need to be dissin...

[muert0]

So like...it kinda like credit card theft. If I steal a card, and go on a spending spree, the customer isn't responsible for the charges (depending on the card). So what's the big deal? I mean, I get my new stuff, they don't pay, and the company gets to make a commercial that promotes their zero-liability policy...

I don't understand how you think no one gets harmed in credit card fraud and I really don't understand how you can compare the two. Do people get reimbursed if their webpage gets defaced?

[embro1001]

Originally posted here by muert0
I don't understand how you think no one gets harmed in credit card fraud and I really don't understand how you can compare the two. Do people get reimbursed if their webpage gets defaced?

Did you not catch my "Not exactly the same thing, but similar concept..." disclaimer? I meant that, from the card holders point of view, if they have zero-liability, they don't have to worry about the charges (zip to subject -> "just un-deface it"), but that doesn't mean they should leave their cards around ("low security"). It's a strech, but use those creative thinking skills...

What I was trying to point out was, if it doesn't REALLY hurt anyone, does that make it okay, even if it's wrong? (Unless you don't see it was wrong, which would explain why you would think this post was in the favor of the defacer...and I pitty you. Fool.)

Trust me. It works. Barely.

[adiz]

You don't think defacing is a problem? It is like breaking into a persons house and then leaving a note saying haha I broke in and could have taken everything and you don't know what I have scoped out (or taken).

I just hope that the little punks that break into your site don't take anything!

However, I must state that I am not classifying all defacers as lame scriptkiddies (ie. WoH) but if noticed most of theses defacers leave the scene once they find out about the stupidity and illegal side of defacing.



- Adiz

[embro1001]

However, I must state that I am not classifying all defacers as lame scriptkiddies (ie. WoH) but if noticed most of theses defacers leave the scene once they find out about the stupidity and illegal side of defacing.

Tru dat. I was resisting the urge to call em all lamewise scripters, since it actually takes a certain amount of...skill?...research?...to get into some of these places. The everyday AOL-1337-h4x0|2-bomber-dude is unlikely to pull it off.

But that doesn't mean it doesn't happen....