[ale] Security breach on kernel.org

Jim Kinney jim.kinney at gmail.com
Thu Sep 1 12:41:24 EDT 2011


Yep.
Exactly my concern. The more a compromised system does, the more work
involved in the clean up.
I don't understand the need to replace ssh pubkeys unless replace means
reinstall. If a private key was compromised, that's a different issue. If a
signing key is compromised that's a bigger issue.
On Sep 1, 2011 9:23 AM, "Michael H. Warfield" <mhw at wittsend.com> wrote:
> On Thu, 2011-09-01 at 08:42 -0400, Jim Kinney wrote:
>> Major bad news. They host loads of code.
>
> Read the articles. Several machines were compromised but not all.
> Compromised machines have been taken off line for diagnostics and
> reinstallation. A number of developers (close to 500) are having to
> change their ssh keys, which sucks.
>
> Bad but highly unlikely to have any impact on the source code thanks to
> the nature of git and the highly distributed development model along
> with cryptographically secure hashes and history on every single file.
> They'd need a time machine to go back and poke changes into past sources
> and change sets and they're need a transporter to get to all the
> thousands of machines hosting git repos at developer sites for the
> development their development. They're validating the the change sets
> and hashes but it's unlikely to contain anything and it's unlikely the
> sources have been contaminated. Unexpected changes should show up
> rapidly to the subsystem maintainers as unexpected conflicts or
> validation checks or unapproved changes sets.
>
>
http://www.linux.com/news/featured-blogs/171-jonathan-corbet/491001-the-cracking-of-kernelorg
>
> He points out that the sources are distributed from kernel.org but are
> developed on and hosted all over the world.
>
> Regards,
> Mike
>
>> On Sep 1, 2011 8:14 AM, "Watson, Keith" <krwatson at cc.gatech.edu> wrote:
>> > Security breach on kernel.org
>> > https://www.kernel.org/
>> >
>> > Earlier this month, a number of servers in the kernel.orginfrastructure
>> were compromised. We discovered this August 28th. While we currently
believe
>> that the source code repositories were unaffected, we are in the process
of
>> verifying this and taking steps to enhance security across the
>> kernel.orginfrastructure.
>> >
>> >
>> > There is more information on their home page.
>> >
>> > keith
>> >
>> > --
>> >
>> > Keith R. Watson Georgia Institute of Technology
>> > IT Support professional Lead College of Computing
>> > keith.watson at cc.gatech.edu 801 Atlantic Drive NW
>> > (404) 385-7401 Atlanta, GA 30332-0280
>> >
>> >
>> >
>> > _______________________________________________
>> > Ale mailing list
>> > Ale at ale.org
>> > http://mail.ale.org/mailman/listinfo/ale
>> > See JOBS, ANNOUNCE and SCHOOLS lists at
>> > http://mail.ale.org/mailman/listinfo
>>
>> _______________________________________________
>> Ale mailing list
>> Ale at ale.org
>> http://mail.ale.org/mailman/listinfo/ale
>> See JOBS, ANNOUNCE and SCHOOLS lists at
>> http://mail.ale.org/mailman/listinfo
>
> --
> Michael H. Warfield (AI4NB) | (770) 985-6132 | mhw at WittsEnd.com
> /\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/
> NIC whois: MHW9 | An optimist believes we live in the best of all
> PGP Key: 0x674627FF | possible worlds. A pessimist is sure of it!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.ale.org/pipermail/ale/attachments/20110901/250dd86e/attachment.html 


More information about the Ale mailing list