Security News > 2004 > September > Internet security in RP remains dismal, says Filipino hacker

Internet security in RP remains dismal, says Filipino hacker
2004-09-21 09:31

http://news.inq7.net/infotech/index.php?index=1&story_id=12273 By Erwin Lemuel Oliva INQ7.net Sept 20, 2004 "The state of Philippine Internet security sucks," said a Filipino whitehat hacker known as PI_Flashbulb during an e-mail interview with INQ7.net. This hacker who maintains a weblog under the same pseudonym claims to have discovered numerous government and private sector websites that were insecure. "I am doing this just for fun. I could deface sites easily but it never ever occurred to me to do it. Black hats immediately deface sites that they found to be vulnerable. I have decided to go further than that. Instead of defacing sites, I inform the site owners about the vulnerability, an action no black hat would dare to do," the hacker replied when asked about his intentions and motivations. He said that he was not alone in his effort to increase Internet security awareness in the country. He said he is currently gathering other hacker friends to "map the Philippine websites for vulnerability." "There are about five people who are helping me map the Philippine websites for vulnerability. Our number will increase in the coming days as there are more e-mails whose senders are volunteering to help me make the Philippine cyberspace more secure," the hacker said. The Filipino hacker claimed he got the ire of local website administrators after informing them of their website's vulnerabilities. "The country has the best Internet administrators. But what hinders them from doing their jobs are their superiors who do not know anything about security; political appointees who cannot do anything but wait for their fat checks. Good thing there are local Internet service providers that are willing to teach Internet security for free," the Filipino hacker added. According to PI_Flashbulb, most of the Philippine websites he found hackable were not using a good patch management system. But other websites were vulnerable because of plain carelessness of the web designers. "Imagine writing the login and password in the source of the HTML file," he said. _________________________________________ Donate online for the Ron Santo Walk to Cure Diabetes - http://www.c4i.org/ethan.html


News URL

http://news.inq7.net/infotech/index.php?index=1&story_id=12273