Martin Spedding's Blog

Adventures in a disconnected world

So Linux is not immune from hackers

I was looking at Slashdot and I saw this story:

GNU is Not Unix
Posted by CmdrTaco on Wednesday August 13, @12:29PM
from the two-scoops-of-paranoia dept.
landley writes "The Free Software Foundation's FTP site at ftp.gnu.org has been "compromised", and they don't seem to have full backups. They've yanked a bunch of recent packages (and their whole alpha.gnu.org ftp site), and when I asked about it they responded 'Our FTP server was compromised, yes. We are beginning to find good MD5sums for files which have not yet been restored, and they will be available again Real Soon Now. If you can provide MD5sums for any of the files listed in MISSING-FILES, it would be very much appreciated.' " Update the FSF has a statement on the FTP site explaining the matter.

Clearly security is something that everyone needs to take seriously. Also no backups...oops.

Posted: Aug 14 2003, 12:01 AM by MartinSp | with 1 comment(s)

Comments

Randy Ridge said:

It didn't say they had no backups, it says they were concerned with the integrity of the source code contained in the backups... Since they were compromised, theorhetically that malicious user could have injected malicious code into an otherwise benign project's source code, this would indeed be bad.
# August 13, 2003 8:18 PM
Leave a Comment

(required) 

(required) 

(optional)

(required)