Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

Re: Just _Front End_ to Linux Code is Cracked

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

____/ Homer on Friday 02 Sep 2011 22:10 : \____

> Verily I say unto thee that Roy Schestowitz spake thusly:
>>
>> Kernel.org hacked, but Linux kernel safe thanks to git
>>
>> http://www.linuxfordevices.com/c/a/News/Kernelorg-hacked/?kc=rss
>>
>> Nothing to see here then... since OS X and Windows do not share their code,
>> this need not apply to them. The vulnerabilities are hidden from users.
> 
> In this case the "vulnerability" was a user:
> 
> [quote]
> Attackers compromised several servers at kernel.org using an
> off-the-shelf Trojan that appears to have entered via a compromised user
> credential
> [/quote]
> 
> I'm not sure "hacked" is exactly the correct term for gaining access
> using stolen credentials.
> 
> What I'd like to know is what sort of E-mail client on what platform
> allowed this trojan to execute and spread from an E-mail attachment?

This almost falls under the "social engineering" umbrella. WordPress once
had a similar issue. At least this got caught quickly (more eyeballs on the
code).

- -- 
		~~ Best of wishes

Dr. Roy S. Schestowitz (Ph.D. Medical Biophysics), Imaging Researcher
http://Schestowitz.com  | GNU/Linux administration | PGP-Key: 0x74572E8E
Editor @ http://techrights.org & Broadcaster @ http://bytesmedia.co.uk/
GPL-licensed 3-D Othello @ http://othellomaster.com
Non-profit search engine proposal @ http://iuron.com
Contact E-mail address (direct): s at schestowitz dot com
Contact Internet phone (SIP): schestowitz@xxxxxxxxx (24/7)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAk5hVuUACgkQU4xAY3RXLo4ZQgCfQegFCYV9h/7+6kNBbL2XoY7T
xjUAnjBpXsJakyqYQ1+c3X91uMaoOvx6
=llWg
-----END PGP SIGNATURE-----

[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index