Here's an article that everyone should read.The main kernel.org site was hacked.

http://www.cio.com/article/688922/Hackers_Break_Into_Linux_Source_Code_Site

Moved to the café as it is not a support request.

Annoying...


404

Wow, a website was hacked! Everyone should read about it!

Seriously, websites are hacked every day, there is nothing new or interesting here.

They didn't even get into the kernel because the files were signed.

This wouldn't have happened if it were running Windows :rolleyes:

Wow, a website was hacked! Everyone should read about it!

Seriously, websites are hacked every day, there is nothing new or interesting here.

You know I download and compile kernel updates from that site quite often so I along with quite a few others find it very interesting.

They didn't even get into the kernel because the files were signed.

However, Arch Linux doesn't sign their packages. (Which is why I can't use it.)

I just wanted to point this out, because we have so many Arch users in the forum.

Arch Linux doesn't sign their packages.
That's surprising. Whyever not?

This wouldn't have happened if it were running Windows :rolleyes:

<snickers>

This wouldn't have happened if it were running Windows :rolleyes:

You mean OpenBSD?

That's surprising. Whyever not?

http://lwn.net/Articles/434990/

http://lwn.net/Articles/434990/
What an extraordinary fight! But that answers the question, thank you.

Easy to see why the kernel was safe
http://www.googlefight.com/index.php?lang=en_GB&word1=Linux&word2=Hackers
Plus, I think the server runs on Windows NT 3.1 so we are safe :)

http://imgs.xkcd.com/comics/cia.png

Wait a second... They use SHA1 for their git repository right? ...
Doesn't SHA1 have a flaw

http://www.networkworld.com/news/2005/0216reseafind.html

hmm

Wait a second... They use SHA1 for their git repository right? ...
Doesn't SHA1 have a flaw

http://www.networkworld.com/news/2005/0216reseafind.html

hmm

6 years later and it is still being used... I suspect the "flaw" was greatly exaggerated...


404

6 years later and it is still being used... I suspect the "flaw" was greatly exaggerated...


404

People still use MD5 and DES. And WEP.

People still use MD5 and DES. And WEP.

True, and my neighbor cracked my wifi password and is using it because I used WEP... how many times has the kernel been compromised (a very public and lucrative target) because it uses SHA1?


404

True, and my neighbor cracked my wifi password and is using it because I used WEP...

404

Why do you use WEP? It's not like WPA/WPA2 is that difficult to set up.

Why do you use WEP? It's not like WPA/WPA2 is that difficult to set up.

*sigh* I don't... You are missing the point I was trying to make that yes, WEP is bad, and stories of it being hacked/cracked is a dime a dozen online... You have placed SHA1 in the same category as it and I am pointing out the kernel has not been compromised by using SHA1 and indeed it fame's itself on the fact that by using SHA1 it is secure and not compromised...


404

*sigh* I don't... You are missing the point I was trying to make that yes, WEP is bad, and stories of it being hacked/cracked is a dime a dozen online... You have placed SHA1 in the same category as it and I am pointing out the kernel has not been compromised by using SHA1 and indeed it fame's itself on the fact that by using SHA1 it is secure and not compromised...


404

It is not really usefully compromised. Like DES. It is still used though, even though better solutions are available.

This wouldn't have happened if it were running Windows :rolleyes:
If the server was windows related you wouldn't of heard about it :rolleyes: