Slashdot Mirror

← Back to Stories (view on slashdot.org)

GNU Savannah Site Compromised

Posted by CmdrTaco on from the it's-gnu/secure dept.

Trailrunner7 writes "A site belonging to the Savannah GNU free software archive was attacked recently, leading to a compromise of encrypted passwords and enabling the attackers to access restricted project material. The compromise was the result of a SQL injection attack against the savannah.gnu.org site within the last couple of days and the site is still offline now. A notice on the site says that the group has finished the process of restoring all of the data from a clean backup and bringing up access to some resources, but is still in the middle of adjusting its security settings."

4 of 99 comments (clear)

  1. Obilgatory by hairyfeet · · Score: 4, Funny

    You'd think a site like GNU would have better coders that wouldn't fall for a Bobby Drop Tables gag. I thought the GNU was full of wise old neckbeards?

    --
    ACs don't waste your time replying, your posts are never seen by me.
  2. Re:But Linux is TEH SAFEZORZ! by MichaelSmith · · Score: 2, Funny

    I thought Linux was always 100% secure, completely unhackable, because they're the admins are experts and the software has built in security! You mean ... it's not true?

    Maybe this one runs HURD.

    --
    http://michaelsmith.id.au
  3. Suggestion by Anonymous Coward · · Score: 2, Funny

    They should use Windows 7. They could avoid this kind of attack.

  4. Re:Sequel by butalearner · · Score: 3, Funny

    a SQL injection

    Well, we know how the author pronounces SQL now; I have always preferred "an SQL injection"---that is, "S.Q.L."

    What, you don't mentally pronounce all acronyms? Well, now, aren't you just a SOB.