Slashdot Mirror
SpreadFirefox Security Breached (again)
Kurt writes "The hugely popular SpreadFirefox project, a Firefox community marketing site, has recently fallen victim to a security breach in their TWiki software. This breach has forced the site to shutdown until October 19th. During this time, they will be performing a rebuild of the SpreadFirefox system, to hopefully curb more security breaches."
No reassurances this time that no personal data was stolen? Last time they made damn sure to point out that everyone's data was safe but it seems this time they've not told us about that. Could the hackers have a nice big list of email addresses to spam now?
Um, it's news. Unless you think these sorts of things should be swept under the rug to feed your "PR fight?"
...this breach was due to poor server administration in that they didn't keep their software patched up to the latest version.
Yep, agreed.
Same as the majority * of Microsoft hacks. People not changing their SQL Server sa password from the default, or not applying the patch that blocks that particulary vulnerability that was released by Microsoft six months ago, or...
* Note: I fully expect someone to come up and say "but what about...". That's why I chose that phrasing. I'm not arguing Microsoft is perfect, and you can certainly argue whether open-source means you get the advantage of transparency **, or whatever your retort may be. But my contention is that the majority of hacks of Microsoft products come down to poor server administration.
** Which advantage is also extended to the hackers, of course.
In addition to your story and the one in TFA, the Rockbox project recently had a security breach in TWiki too, and the whole thing got deleted. The news item is still there on their website, if you want to read it. I know the plural of "anecdote" is not "data", but this little collection of tales of woe still doesn't do much to bolster my confidence in TWiki.