On the security of our processes and infrastructure
Posted Sep 9, 2011 14:50 UTC (Fri) by malor
Parent article: On the security of our processes and infrastructure
This isn't about script kiddies anymore; it hasn't been for a while now. The compromise of kernel.org needs to be seen as part of a wider pattern of attacks on high-profile sites - Google, DigiNotar, RSA Security, etc.
I wonder if this will do anything to convince the kernel devs that the security community is not just theater? Their determined insistence on hiding security fixes is probably going to end up causing people's deaths.
It would be particularly notable if the kernel.org compromise was from a security fix that wasn't rolled out because it wasn't correctly labeled.
to post comments)