University of California hacked

They were running BSD. All the more reason I don't.

wonder what operating system or software was responsable for the leak?

1) These systems should only be accessible over dedicated private networks.
2) The University of California system must have a few (!) researchers in computer security that they could have used to ensure their network was secure.
3) Maybe they should switch to OpenVMS... It has survived the Las Vegas hack fests.

Let's be very clear, there is no science backing the last 25 years of OSI Layers 2 & 3 applications. However, our solution is a Trustworthy Platform that is 100% interoperable and transparent, also backed by 100% Science. Meets OSI Layer One + our patented paridgn, Cmmon Criteria, PCI-DSS, and DARPA 98 Standards today.Our clients nets stay up when attacked besides a 60-80% savings in tech support costs through our autonomics. We chose to stay under everyone's radar so save you time googling. The Canadian Govt Dept of Public Safety (DHS) has been a client for over 30 months, a a major Metro NY Data Centers (10 systems), US Navy & AF, etc We havenever had a nit or services call even with our earlier model systems. The White House been recently briefed of ourdevelopments.If .you want advance info, write me directly as we do not launch officially to early Q-3: Continuump@gmail.com
Some references follow.
BobP/CEO
Addendum “A”
1) Roger Schell, PhD: Following is his recent assessment. Roger is internationally recognized as a major contributor to the advancement of computer security concepts and the overall definition of network security. At Novell, he led their Class C2 network evaluation and managed development of product security. He was VP for Engineering at Gemini Computers where he developed their highly secure (Class A1) commercial product. He served as the founding Deputy Director of the National Computer Security Center, which he grew into a respected organization of more than 150 security professionals. For his work there he is widely regarded as the “father” of the Trusted Computer System Evaluation Criteria (the “Orange Book”), which has been the most widely used international security standard for computers and networks.
Dr. Schell originated several key modern security design and evaluation techniques and holds patents in cryptography and authentication. He participated in sponsored “tiger team” penetration tests of several commercial and security enhanced operating systems and networks for various government activities including the Defense Intelligence Agency, the U. S. Air Force, the Office of the Joint Chiefs of Staff, and the Central Intelligence Agency. He has more than 60 publications, and was Associate Professor of Computer Science at the Naval Postgraduate School. The NIST and NSA recognized him with the 1991 National Computer System Security Award, the nation's highest honor in the computer security field. Dr. Schell is a retired USAF Colonel. He received a Ph.D. in Computer Science from the MIT, an M.S.E.E. from Washington State, and a B.S.E.E. from Montana State.
"no software capability can provide more overall security than the platform it is hosted on. Factually, you are transparent to all IT networks & software today." Today, to our knowledge, your platform is the "only commercial transparent appliance" that today can deal with standard & proprietary software. If you can get a major institution like TJ Maxx (TJX) to take the next step with their Executives (NOT IT Staff) folks at first, they might at least understand how they can benefit today. Although you are partnered with IBM's Autonomics Division (on the hardware side), none of their software folks, or any of the others like the Ciscos, Microsofts, Boeing, General Dynamics, Nortel, Lucent, etc. understand the story. Of course these same folks got them into this problem in the first place…… The fox is in the hen house!!!
These "experts" are pushing encryption, totally ignoring that to the professional attacker, which they don't seem to recognize. This encryption would make little difference since they would steal the keys or decrypt the data to get a plain text copy. Crypto is indeed the "opiate of the naive". Remember all software is hackerble.
2) Professor Bill Caeili: The problem haunting all critical information-sharing efforts is the threat of deliberately planted malicious software designed to subvert the very protection mechanisms relied upon to protect valuable assets from compromise. No vendor today can procure or offer a platform that offers the technical basis to trust system protections respecting integrity or confidentiality of the data of different domains against subversion by a targeted attack using deliberately planted malicious software.
Encryption doesn’t solve the problem -- a fact that will continue to bedevil MLS efforts on any platform in the market today. Professor Bill Caelli has written:
"It is common ... for the banking and finance industry to explain their security parameters to customers in terms of 128 & 256-bit cipher, SSL implementation without any discussion at all of the system security at each end of the "line".... This trend totally ignores the fundamental fact that such encryption will only be as secure as the operating system structure in which it sits. The emphasis must then move back to the
"TCSEC/Common Criteria" environment and reasonable proof that software and hardware based encryption structures are fully protected. Contrary to accepted ideas, then, the use of cryptography actually enhances the need to reconsider security functionality and evaluation at the operating system and hardware levels ... " “Relearning “Trusted Systems” in an Age of NIIP: Lessons from the past for the Future”, 2003.

3) This seminal journal publication is the one single best document that defines the problems and suggests the solution:

“SNAKE-OIL SECURITY CLAIMS”
THE SYSTEMATIC MISREPRESENTATION
OF PRODUCT SECURITY IN THE
E-COMMERCE ARENA
John R. Michener, Ph.D.*
Steven D. Mohan, D.CS.**
James B. Astrachan, J.D., LL.M.***
David R. Hale, J.D.****
Cite as: John R. Michener, Steven D. Mohan,
James B. Astrachan and David R. Hale,
“Snake-Oil Security Claims” The Systematic Misrepresentation
of Product Security in the E-Commerce Arena
9 Mich. Telecomm. Tech. L. Rev. 211 (2003),
available at http://www.mttlr.org/volnine/Michener.pdf