The Daily Cal completely misses the story about Berkeley's recent hacker vulnerability. The story is not that the NetAdmins are overhauling the system and closing some ports-- who cares about that technical stuff? The story is that 50 to 100 computers (Nice broad range) have already been compromised by trojan systems! That's a big freaking story! What kind of systems were invaded? Registration? Payroll? Finance? Bearlink? There's any number of systems with vital student information on them, and '50 to 100' were invaded-- that the NetAdmins know about at this point. My financial and personal information is on a system on campus. And we're talking about virtual control of the entire PC.

"It's not clear exactly how many compromised machines there are," Lant said. "Right now I know of 50 to 100 machines across campus" that have been invaded by the rogue code.

The flaw in the Windows NT, 2000 and XP operating systems, first disclosed by Microsoft Corp. two weeks ago, allows hackers to gain access to vulnerable PCs through a process know as a remote procedure call (RPC). Once connected to a vulnerable machine, a hacker can "essentially take it over and do anything they want to," Lant said, including access any information stored on the computer or corrupt its files. Networks to which a compromised machine is connected also are at risk.

I got this from the official Berkeley press release, not dragged out by astute reporting. And the Tri-Valley Herald, a terrible newspaper, adds to that. (UPDATE: The story's from the Oakland Trib. My bad! Serves me right for assuming the Herald wrote an original story.) (They put the 50-100 machines in the second line.)

Campus Information Systems Security Officer Craig Lant said 50 to 100 computers on the Berkeley campus already have been successfully attacked by hackers exploiting a recently discovered flaw in the Microsoft Windows operating system.

"There may be more. We won't know until we shut down," he said.

Lant estimated that more than half of the 40,000 computers on the Berkeley campus use some form of Windows.

"We're getting close to 1,000 scans a day from outside -- many of them looking for Windows machines to attack," Lant said.

He noted it doesn't appear any data has been destroyed on the hacked computers, but it is early in what amounts to a very serious war between security experts and outlaw hackers.

It's very possible that the compromised computers are harmless library PC's. That might be worth looking into.Email This Post!