Find the answer to your Linux question:
Page 2 of 2 FirstFirst 1 2
Results 11 to 17 of 17
Originally Posted by cousinlucky I have to admit that my first thought was that this was a microsoft attack on linux!! hehe.. I don't think microsoft has such a talented ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #11
    Linux Guru Lakshmipathi's Avatar
    Join Date
    Sep 2006
    Location
    3rd rock from sun - Often seen near moon
    Posts
    1,758

    Quote Originally Posted by cousinlucky View Post
    I have to admit that my first thought was that this was a microsoft attack on linux!!
    hehe.. I don't think microsoft has such a talented people who can break into linux.

    BTW,I guess, it might be the case of admin using weak password & cracker able to guess it with brute-force method !! -- just my thoughts .
    First they ignore you,Then they laugh at you,Then they fight with you,Then you win. - M.K.Gandhi
    -----
    FOSS India Award winning ext3fs Undelete tool www.giis.co.in. Online Linux Terminal http://www.webminal.org

  2. #12
    Penguin of trust elija's Avatar
    Join Date
    Jul 2004
    Location
    Either at home or at work or down the pub
    Posts
    3,500
    user: root
    password: root

    or maybe

    What do we want?
    Time machines!

    When do we want 'em?
    Doesn't really matter does it!?


    The Fifth Continent

  3. #13
    Linux Newbie SL6-A1000's Avatar
    Join Date
    May 2011
    Location
    Australia
    Posts
    120
    That article Lakshmipathi posted is interesting. But what seems so stupid is why bother attacking an open source linux kernel server?
    Sure they could backport a hacked kernel and hijack several million computers, but what are they going to do with all that information and more importantly how would they sipher through millions of people's computers without some form of team? Cause controlling Joe Blog's computer (through a hacked kernel) is all well and good but not if his computer has nothing of value on it. You may as well of spent your time doing something more constructive.
    To me it seems like who ever hacked kernel.org was a digruntled employee who probably already had access and made appear as a hacking as to not be caught and just wanted create an obstacle and havoc for whatever reason to prevent kernel.org from functioning. As you don't spend all that time breaking in, to not even touch all the source files or so it appears.

  4. #14
    Linux Guru Jonathan183's Avatar
    Join Date
    Oct 2007
    Posts
    3,042
    the official response seems to be the server was compromised but the kernel is OK because it's on git ... this has been worrying me for a while now ...
    how does anyone know that a compromised account (or accounts) have not been used to submit updates to the kernel and compromised the kernel ... short of doing a manual review of all submits since the last known good version (which may be from August or even longer ago) ? hundreds or millions of copies distributed around the world don't help if changes have been via a genuine contributor account ...

  5. #15
    Linux Guru Rubberman's Avatar
    Join Date
    Apr 2009
    Location
    I can be found either 40 miles west of Chicago, in Chicago, or in a galaxy far, far away.
    Posts
    11,512
    They had checksum hashes for all the kernel source code from before the exploit, and were able to verify whether or not the sources had been compromised by recomputing the hash values and checking that against the list.
    Sometimes, real fast is almost as good as real time.
    Just remember, Semper Gumbi - always be flexible!

  6. #16
    Linux Guru Jonathan183's Avatar
    Join Date
    Oct 2007
    Posts
    3,042
    Rubberman ... I understand if the source has been tampered with by unauthorised account then hash values will help. What if the account is valid ... it's just being used by someone who should not be using it ? user123 is a valid contributor and his account is used to do a git commit with comments that look Ok but source code includes bad code? as my previous post how is this checked short of a manual review of every commit since last good kernel source?

  7. #17
    Linux Guru Rubberman's Avatar
    Join Date
    Apr 2009
    Location
    I can be found either 40 miles west of Chicago, in Chicago, or in a galaxy far, far away.
    Posts
    11,512
    One of the reasons why the Linux Foundation and Kernel.org sites were down so long was just for this reason, to verify all of the current sources with what was backed up before the exploit occurred, plus strengthening the security of the sites.
    Sometimes, real fast is almost as good as real time.
    Just remember, Semper Gumbi - always be flexible!

Page 2 of 2 FirstFirst 1 2

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •