re: #629 SixDegrees

From the IT-Networks article:

But how would an outside hacker get in? Although UEA has security in place, it has seen a number of accidental security breaches of the UEA system in the recent past. On one occasion a server was configured wrongly, so that anyone outside doing a search would “fall through” to directories of files. (UEA closed that hole after being alerted about it.) A misconfigured server could have left just the hole that a capable hacker with a determination to find the data being denied via FoI requests could have exploited. But they are not government-class skills.

Government-class skills? Who writes the IT-Networks blog? I couldn’t find it attributed in the article or on their homepage, but someone commenting about IT networks should know that misconfigured servers seems to be about standard for government-class skills. Or is he trying to imply that China was not involved?

It’s not a very good investigative report. It’s mainly a bunch of speculation. The writer doesn’t seem to even know what OS the UEA servers are running. Unless the UEA admins are incompetents, the hacker would have needed to gain root access to access archived emails.