Intrusion Cleanup Forces Delay For GNOME 2.6
An anonymous reader writes "Looks like the GNOME site (both web and FTP) is back up and running again (from a replacement system). The restoration work is still going on, and dynamic content does not work yet. Bugzilla should be up by tomorrow (it is already in testing mode). More details are available in this announcement. Kudos to the GNOME sysadmin team for such a rapid recovery." However, blurzero writes "GNOME 2.6 was scheduled to be released sometime today, however after evidence of possible intrusion on the web server, the release has been delayed by one week, until March 31st." Update: 03/24 14:08 GMT by T : An anonymous reader points to this story on the delay at ZD Net Australia.
If only MSFT (and more importantly, proprietary software companies that aren't so much in the spotlight) were as forthcoming about break-ins.
Quo usque tandem abutere, Nimbus, patientia nostra?
Either way, you only have to check the backup server data itself against (externally backed-up) MD5 checksums, and ask developers to re-commit any changes made during the suspect time.
Now try and do that to a mail server, and the fecal matter hits the air-handler. But, with data that is relatively static by comparison, it takes work, but isn't too much of a trial.
$0.98 in change, please :)
Quo usque tandem abutere, Nimbus, patientia nostra?
According to Waugh, the GNOME Web servers that are hosted by Red Hat were compromised by "a dumb cracker who probably didn't realise what they got into".
Seems like he was smart enough to hack their system.
Scott Plumlee
How do you know the MD5 wasn't made after the intruder got in? It wouldn't be very valuable then, would it?
The point is, after a breakin you must determine when the breakin occured, because everything after that is suspect. The problem is it can sometimes be very difficult -- or impossible -- to determine when the breakin happened. Then you're really, really screwed.
In the end they will lay their freedom at our feet and say to us, Make us your slaves, but feed us. - Fyodor Dostoyevsky