**FIRST EMAIL**/Important Reminders
 

Greetings Teams:

FIRST has discovered a number of recent attempts by users to gain unauthorized access to information on the FIRST web site. This can serve as an opportunity for important reminders.

• FIRST exists to change our culture. We try to achieve this by operating according to a different, higher set of principles.
• Actions like hacking, phishing, and unauthorized password use are clear violations of FIRST principles.
• There’s an immediate policy consequence; any individual or team engaging in these activities will forfeit the privilege to compete at any FIRST event for the season.

And there's a long term, most important consequence; engaging in these activities prevents you, your team, and FIRST from becoming what we're all capable of.

Go Teams!

Re: **FIRST EMAIL**/Important Reminders
 

Hacking the FIRST website? thats low... really low...

Re: **FIRST EMAIL**/Important Reminders
 

This is a recent activity? I'm wondering what it is that people are so interested in now that they would actually try to hack the FIRST Website. It seems like with Kickoff seemingly ages ago, and week 5 regionals just around the corner, there aren't really any FIRST secrets that we're waiting on. I hope no one is trying to sabotage FIRST.

Re: **FIRST EMAIL**/Important Reminders
 

Maybe the new control system?

Re: **FIRST EMAIL**/Important Reminders
 

anyone smart enough to begin to attempt to hack FIRST would be smart enough to know that it's highly unlikely there are any "hidden" pages that have this data. I mean, if someone were trying to hack dean's email, then i could understand that... but i doubt he keeps his personal email on a server in the public eye like FIRST's.

there's no reason for this except kids trying to have fun... and or kids trying to deface the site. both cases i dont understand.

Re: **FIRST EMAIL**/Important Reminders
 

To add to what Chris said, there really is no point in hacking the site. Maybe it was for fun or maybe it was to find out something. Either way...not cool. If someone was trying to find out what divisions have what teams...its pointless until regionals are over anyway.



*Points blame finger in programmers' direction* (hehe j/k:p )

Re: **FIRST EMAIL**/Important Reminders
 

So what actually happened? Any details?

Re: **FIRST EMAIL**/Important Reminders
 

Well considering that the perpetrators now have to live with the fact that they cost their team the chance to compete, id expect that FIRST isnt going to punish them any more by releasing their actions to the public.

Re: **FIRST EMAIL**/Important Reminders
 

Maybe someone was looking for a sharholder's/financial report on FIRST?

Just playing devil's advocate, but if a genie came and said "And what information about FIRST would you like to know?" I'd like to know which way the cash flows.

When you work the numbers out... the income FIRST has is staggering... remember, when you go to a regional, not only do you (as a team) pay to go there, the site pays FIRST to have the regional there as well... :ahh:

-q

Re: **FIRST EMAIL**/Important Reminders
 

I agree that there is a lot of money going into each regional ~4000 per team but what makes you think the venue pays FIRST (sorry if it is changing the subject) If anything the venue may be donated.

I don't know or have any actual information just speculation.
I also don't know specifics about what actually happened but we are supposed to be bigger than this. Which worries me that it possibly wasn't one of us.

Re: **FIRST EMAIL**/Important Reminders
 

I asked the University of Illinois.

I'm amazed that somebody would try to hack FIRST too... but I won't say the ability isn't there. :ahh:

-q

Re: **FIRST EMAIL**/Important Reminders
 

Are you honestly that surprised?? We're engineers/programmers/electricians/intelligent people. While I don't condone the activity, I am not surprised someone tried it in the least.

Re: **FIRST EMAIL**/Important Reminders
 

Careful guys.

There is, at this time, absolutely no proof that these "users" were FRC users. In fact, one of the most common hacking / phishing methods is to install a trojan / rootkit / backdoor on someone's machine, and thus gain access to their email and saved passwords. Then, by going through that same person's machine, not only do you have their passwords, but you appear to be "them".

Anyone who has run an FTP or email server knows that you literally get thousands of port probes and password-generator hits per hour. In the past I've had people trying to hack in from Air Force computers in Nevada. Of course I have no doubt it wasn't them - some office schmoe simply allowed his computer to be compromised.

Let's not jump the gone and start looking at First teams. This could have been anyone, and First certainly isn't going to say one way or the other.

Re: **FIRST EMAIL**/Important Reminders
 

FIRST's annual reports are not hidden. Starting in 2007 they also published audited financials. Look here.

Re: **FIRST EMAIL**/Important Reminders
 

I guess im going to be a genie today.:rolleyes:

You mean someone would try to "hack" a site for some publically available information. Also i would double check your facts on "the site pays FIRST to have the regional there". For i would think this may mean they help finance the regional's costs, because as many know, an FRC regional event is not a cheap event to host.

(Sorry if this went OT)

Re: **FIRST EMAIL**/Important Reminders
 

The site does not pay FIRST to have the event there, it's quite the opposite, FIRST pays to rent a venue and to put on the competition.

Also, the money you pay to goto a regional, championship, and to register for the season doesn't go directly to your program, but goes into the organization as a whole.

Re: **FIRST EMAIL**/Important Reminders
 

You'd think with all of the attention that Chief Delphi has received from the GDC over the past year, they'd have the courtesy of filling us in ::end snark::

Honestly, I don't see any information on the FIRST website worth stealing by a FIRST team. It might have just been a random malicious hit, or even a bitter ex-FIRSTer that got kicked out of FIRST and was lashing out.

Re: **FIRST EMAIL**/Important Reminders
 

I think you might be confusing sponsorship with payment. FIRST definitely pays in order to use the venue for a competition.

There is usually a major sponsor (or several) of the event that gives FIRST a lot of money. Such money would typically be "restricted" to help pay for that specific event. Sometimes a sponsor is closely affiliated with the venue, such as with Purdue University and the Armory. Sometimes not, as with Microsoft and the Tacoma Convention Center. But the site never pays FIRST.

Re: **FIRST EMAIL**/Important Reminders
 

I think there is a slight misconception here, that I heard periodically. FIRST is a public charity recognized by the IRS under section 501(c)(3) of the US Tax codes. This means among other things that FIRST cannot have shareholders who benefit from activities of the organization. This is also the reason many individuals and some corporations provide support to FIRST, it is tax deductible. (don't beleive me, look it up... Seach for "US Foundation for the Inspiration & Recognition Science & Technology" on the IRS list of charities)

It would be amusing if someone was after detailed financial information that is already available.

As for more detailed information or anything proprietary, FIRST behaves like most corporations; meaning that it's internal data is not stored anywhere near the same computers that house the web site.

Re: **FIRST EMAIL**/Important Reminders
 

I really hope they're not silly enough to think accessing old files still hosted on the server is "hacking". (I've seen sillier, though.) I've hit the site through archive.org recently to get docs for old games for archival purposes and to look into some rules history. Many of the PDFs, graphics, etc. were still around, so perhaps they left some of the old FoxPro framework laying about or something and someone's been poking at it.

Re: **FIRST EMAIL**/Important Reminders
 

I doubt that it was some one looking at old files. I would tend to guess that some team member some where was trying to "hack" the site, possibly adding graffiti or changing text.

The assumption that "hackers" would be looking for something likely has no truth to it. There is a good chance it was some kid running trying to get edit a fairly public page.

Re: **FIRST EMAIL**/Important Reminders
 

Well, I stand corrected. But... I'm glad I was corrected. Now I still have ground to argue on when I go to the University of Illinois this comming fall for them to get involved in the FIRST program.

Now I'm stumped for what they might have been looking for/to do...

-q

Re: **FIRST EMAIL**/Important Reminders
 

Our team's website was hacked by phishers last year. Turns out they were just stealing bandwidth to send out phishing spam attacks that looked like a legitimate banking enterprise. The bank traced it back to our site and we actually were forced to shut it down and redesign the whole website from scratch.They were not interested in our site information at all.

Crooks are getting sneakier and more cunning. Don't think it can't happen to you.

Re: **FIRST EMAIL**/Important Reminders
 

The GDC has nothing to do with what happened.

Re: **FIRST EMAIL**/Important Reminders
 

It had nothing to do with old files housed on the server.