| |||||||||||||
Current lack of informationCurrent lack of informationPosted Sep 12, 2011 6:41 UTC (Mon) by kruemelmo (subscriber, #8279)Parent article: Security breach on Linux.com, LinuxFoundation.org
For me it is irritating that not only linux.com and linuxfoundataion.org are down but also kernel.org is (still?) under maintenance 13 days after the breach.
I hadn't read the kernel.org intrusion analysis and cannot find it now. Suppose it has been on kernel.org meanwhile? Can someone post another link?
The only "official" source of information I know which is still online is lwn.
(Log in to post comments)
Current lack of information Posted Sep 12, 2011 13:07 UTC (Mon) by corbet (editor, #1) [Link] There has been no analysis of the intrusion posted yet. There are a number of serious people (beyond the kernel.org folks) looking at what happened, but, if they have figured it out yet, I've not heard about it.
Current lack of information Posted Sep 12, 2011 15:37 UTC (Mon) by dps (subscriber, #5725) [Link]
While it *is* annoying if you are going to involve the authorities things take longer. There have to be careful steps to preserve evidence to make a criminal case possible. I suspect some of this may involve competent people observing and being able to testify about the authenticity of exhibit A.
In many instances people think this is too much effort and focus on getting back into production, forgoing some information about how the security was breached. how far the crackers got and what, if anything, they did.
Banks are alleged to be willing to lose few million in return for no publicity. Revealing that somebody can move a few million to somewhere they can't trace might reduce your confidence in the safety of any funds you deposited with them.
|
|||||||||||||