[Additional info at: http://www.newsbytes.com/news/01/171478.html - WK] ---------- Forwarded message ---------- Date: Wed, 24 Oct 2001 08:28:42 -0600 (MDT) From: security curmudgeon <jerichoat_private> To: defaced-commentaryat_private Subject: [defaced-commentary] SecuritynewsPortal response to defacement [In the wake of the SecurityNewsPortal defacement, they have decided to shut down. The following is currently posted on their website. - jericho] -- The SecurityNewsPortal was defaced on October 23rd by parties unknown. The SecurityNewsPortal will be allowed to die this evening as a result of this defacement. Permit me to explain this decision. The defacer was of the mistaken belief that the SecurityNewsPortal was a commercial endeavor that somehow made money. Regrettably, like many things stated by the defacer nothing could be further from the truth. Let us just clear up the defacer's mistaken notion about money in and money out.... Money In : * SNP had no paid advertisers. The one ad allowed on the site was for a company based in Malta. For which there was no charge ! * SNP had no financial backing from security companies or security product vendors * SNP never received gifts of Angel money from mysterious backers. * SNP never sold its members mailing list - in fact we never even sent our members e-mail * SNP never sold or allowed advertising on the free newsticker it allowed 2700+ other sites to use * SNP never received a single dollar in advertising or any other form of revenue from anyone * SNP never received any government sponsorship or support - unlike other security web sites * SNP never received any financial support from any major Universities or Colleges - unlike other security web sites * SNP never even received a lousy coffee cup or baseball cap from some of the companies that we supported and talked positively about * SNP never even received a corporate logo pen or knapsack from some of the companies that we talked negatively about - heheh Pitbull ehehehe Money Out : * The fee for the domain name registration was donated by Marq * The fees for the web hosting of the SecurityNewsPortal were paid directly from the personal pocket of Marq. * The fees paid for the bandwidth to supply 2700+ other security and hacking sites with a FREE constantly updated newsticker was paid for by Marq * The cost of labor provided to collect the news 18 hours per day, edit it, comment it and add it to the site was done by Marq for free...nada... not a penny of compensation....zilch... Contrary to what the defacer thought, the SecurityNewsPortal was exactly what it always said it was, a non-profit educational site that was prepared to present the latest in hacking and security news. Hey... we proved that a one person web site operating on a beer budget could compete with the big commercial web sites We took great pleasure in the growth of the SecurityNewsPortal over the past six months. We succeeded on a shoestring budget and with only one person to accomplish what the commercial web sites could only be envious of. And we took pride in beating other security and hacking sites to the latest news and presented in an honest and unfiltered way. Obviously someone did not like that fact. But it was also obvious that a lot of people did like the way we were presenting the breaking news.... Being defaced does not embarass us... they weren't our web servers to control or secure Since the SecurityNewsPortal was financed solely out of the pocket of Marq we had to host our web site on a commercial web hosting service. The server that was defaced was theirs - not ours. It was not something that was within our grasp to control or secure. So we feel no shame that ' our ' web server was defaced. Like hundreds of thousands of ordinary Joes we simply pay our annual hosting fees and we rented space and bandwidth. We could not afford to do otherwise. So there is no victory in having defaced us. You defaced our web hosting company... congratulations. Some of the best hackers in the scene deliberately chose to leave us alone.. I guess they liked us I might point out that we were very honored that many of the worlds best hackers had deliberately chosen to leave our web site alone all these months. Many of them became regular visitors to our web site and often provided us with tips about where to look for breaking news stories. We believe that they appreciated the service that the SecurityNewsPortal was providing to everyone in the security and hacking scene. To those elite hackers we extend our thanks. Would it have been wrong to actually have had an advertiser or sponsor to cover our cost of operating ? Nah... Yes, we would have loved to have been a commercial web site. It would have been lovely to have actually gotten paid to do something that we actually enjoy. But unfortunately the defacer does not have a firm grasp on the current economic state of the security industry. The security product and services vendors are not flush with large surpluses of cash. Many of them have been laying off incredibly talented staff in order for their companies to survive until the current economic situation recovers. These security product and service vendors are not out there supporting the security web sites with large chunks of advertising dollars. They simply do not have the surplus cash to support SecurityNewsPortals or even the commercial Security web sites. A simple look at the lack of advertisers on the other security web sites will make that quite clear... there is no profit in running a security web site at this particular time. The decision... our time has come Having said all this I hope that our regular viewership will understand why I have chosen to let the SecurityNewsPortal die at the hands of this one defacer. He has broken the old code of honor that still exist among some of the more senior members of the hacking world and in doing so he has betrayed his fellow hackers and security professionals by interfering with their ability to get to the news that we were posting for their benefit. We are realistic enough to understand that there is no point rebuilding this web site in order for the defacer to simply come back and damage it again. There can not be 100% security for a web site that is hosted on a commercial hosting service. Since we are not able to fully secure this web site there is no reason to re-open the site for a return defacement.by this person. So there it is in a nutshell. And maybe our decision to just stop the SecurityNewsPortal will serve several points. Possibly our defacer will realise that only a non-profit, volunteer, non-commercial web site could simply shut down like we are about to. If we were a commercial web site we would be scrambling to get our site back online to ' keep making money '. Sorry dude but you were seriously mistaken about us. We are now officially shutdown. In parting... a few words to the Security Industry in support of the other security web sites that are on the Internet Possibly some good can come of this defacement that will benefit the other commercial and non-profit security web sites that are operating on the Internet. SecurityNewsPortal was a non-profit site and we were not actively seeking advertisers. Our operating cost were small and Marq could afford them. We ran this site because we enjoyed it. But there are a good number of other important security web sites on the net that are being run by small one and two person operations. These security web sites are being run by devoted fanatics like ourselves who put in long hours of work gathering or creating content that benefit everyone. And yet they fail to receive any financial support from the security industry. At what point will they lose their enthusiam and simply question why they volunteer such long hours with nothing in return for their efforts from their own industry ?. We have seen over the past nine months a number of top flight security web sites fold, give up or change hands. Attrition.org's Mirror, Packetstorm, SecurityPortal, Technotronic, Hack.zaire.co, and many others. Even as I write this final note there are a number of other excellent security sites that are preparing to shut down their sites. Just today we were even starting to get rumors that SecurityFocus was about to change ownership and we were trying to get official or inside confirmation on those rumors before we broke the story. All these great sites could have used more advertising or financial support from the security industry... but it was not there. So it would be nice if our departure helped some of those other security sites, whether they be commercial operations or volunteer staffed non-profit sites. In closing It was our pleasure over the past six months to have played a role in helping to keep everyone informed about what was happening in the security and hacking scene. We hope that our explanation for why we have chosen to let the SecurityNewsPortal officially die is understandable. We simply do not have the financial backing or support to pay for our own web servers that we could control and secure from attack. To the 2700+ security and hacking web sites that used our constantly updated free newsticker we extend our apologies. We are not going to be able to continue providing that service. We are sorry about this inconvenience and we trust you will understand. To all the chaps in the military who enjoyed coming to our web site ( yes I noticed those .mil in our logs ) I extend to you my heartiest best wishes. Keep up the good work and the good fight. And I would like to extend my personal best wishes to the professional journalist who supported our work here at SecurityNewsPortal.com over the past six months. Your friendship, professionalism, tips on breaking news stories and never calling in the copyright cops after us was most appreciated ! Oh... and as for me... well I will certainly have more free time, be able to sleep in the mornings and go to bed earlier at night, Hey, I might even be able to spend a few extra dollars on myself for a change instead of paying it to this web hosting service. Most importantly, best wishes to all our friends in the security and hacking community. I truly appreciated your support, help, advice and friendship over these last six months. I have attached a copy of the defacement that replaced our web pages below. Although it claims to have been done by Kimble, I would ask that you take that with a grain of salt... Marq snpmarqat_private Old hackers never die... they simply fade into the shadows.. - The information and commentary is Copyright 2001, by the individual author. Permission is granted to quote, reprint or redistribute provided the text is not altered, and the author and attrition.org is credited. The opinions expressed in this mail are not necessarily the opinion of all Attrition staff members. Commentary Archive: http://www.attrition.org/security/commentary/ The Attrition Mirror: http://www.attrition.org/mirror/attrition/ Country/TLD Statistics: http://www.attrition.org/mirror/attrition/country.html Attrition Defacement Statistics: http://www.attrition.org/mirror/attrition/stats.html Operating System Graphs: http://www.attrition.org/mirror/attrition/os-graphs.html Other Web Defacement Mailing Lists: http://www.attrition.org/security/lists.html Contacting Attrition Staff: staffat_private To subscribe to Defaced Commentary, send mail to majordomoat_private with "subscribe defaced-commentary" in the BODY of the mail (without quotes). To unsubscribe, include "unsubscribe defaced-commentary" in the BODY of the mail. - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Thu Oct 25 2001 - 03:30:37 PDT