SourceForge Down After Attack [Updated]

Animats writes "SourceForge, a hosting site for many open source projects, is down today. Management claims they were attacked: 'We detected a direct targeted attack that resulted in an exploit of several SourceForge.net servers, and have proactively shut down a handful of developer centric services to safeguard data and protect the majority of our services.' Currently, CVS and SVN access to source code, even for reading, is unavailable, and there is no announced restoration time." (SourceForge and Slashdot are both part of Geeknet, Inc.) Update: 01/27 22:17 GMT by T : Mark Ramm of SourceForge contributes an update and some clarification: the site is up, and SVN is available, though CVS isn't. There's also a follow-up post on the site's blog.

Re:Qui bono?

[dave562]

That was my thought. Everyone talks about how OSS is so secure. If you had a bone to pick with that notion, why not go over one of the highest profile examples of OSS? I'm sure that they're running Apache, right? Probably MySQL too? Surely they aren't hosting their sight on IIS and powering it with Asp.Net, are they?

It would be great if situations like this brought the entire computer using community closer together. The reality is that no matter how epicly great your software might be, there are people out there looking to bring it down. It doesn't matter if you run Microsoft, Apple or OSS. There are bugs in your applications and there are incentives for finding and exploiting those bugs.