Linux News
The world is talking about GNU/Linux and Free/Open Source Software

and what about that kernel.org breach?

Story: OpenSSL site defacement involving hypervisor hack rattles nerves (updated)

Total Replies: 2

Author	Content
tuxchick Jan 04, 2014 1:54 PM EDT	So OpenSSL uses a shared hosting service, and kernel.org still hasn't released their promised report of the breach that took the whole works down for over a month. Not very reassuring.
hughesjr Jan 04, 2014 5:46 PM EDT	Well, a defaced website caused by weak passwords has nothing to do with the underlying git code. People hack into websites all the time.
tuxchick Jan 04, 2014 6:09 PM EDT	https://www.openssl.org/news/secadv_hack.txt Quoting: The OpenSSL server is a virtual server which shares a hypervisor with other customers of the same ISP. Our investigation found that the attack was made through insecure passwords at the hosting provider, leading to control of the hypervisor management console, which then was used to manipulate our virtual server. The source repositories were audited and they were not affected. Sure, and what other holes is the host leaving open?

Posting in this forum is limited to members of the group: [ForumMods, SITEADMINS, MEMBERS.]

Becoming a member of LXer is easy and free. Join Us!