correct. Something which wasn't mentioned in this message is that our account was the one that unpacked the DirtyCOW exploit, so it is likely that the old lilypond.org server has been compromised too.
We have stopped syncing to linuxaudio.org , and we should really stop pointing to their mirror, because it's not kept up to date. (I have been meaning to look at it, but haven't found the time so far.) Given that lilypond.org itself was probably exploited, maybe we should also rebuild all binaries that we have there. On Sat, Feb 17, 2018 at 8:46 PM, David Kastrup <d...@gnu.org> wrote: > > Probably relevant for our download problems: > > > > ---------- Forwarded message ---------- > From: Jeremy Jongepier <jeremy-zbsuaddsfogukzhgtai...@public.gmane.org> > To: Linux Audio Users > <linux-audio-user-cunTk1MwBs/cejeg2xfrv2d2fqjk+...@public.gmane.org>, LAD > <linux-audio-dev-cunTk1MwBs/cejeg2xfrv2d2fqjk+...@public.gmane.org> > Cc: > Bcc: > Date: Sat, 17 Feb 2018 19:15:17 +0100 > Subject: [LAD] linuxaudio.org is back online! > Dear all, > > We just enabled all mail services for linuxaudio.org again. All mailing > lists are working again and mail can be sent and received for the > linuxaudio.org domain. > > A short recap of what happened is that linuxaudio.org got compromised on > January 29th, probably with a compromised private SSH key or password > from an account with shell access. The attacker checked the kernel, saw > that it was vulnerable to Dirty COW¹, pulled in an exploit and got root. > This was quickly discovered by the IT department of Virginia Tech > University that disconnected the server from the internet and started a > forensic investigation procedure. As part of their IT security policy > the server had to be reinstalled and everything had to be set up from > scratch again. In the meanwhile I built an alternative setup and after > some discussion we agreed on moving linuxaudio.org away from the > Virginia Tech server. > > So linuxaudio.org got a new home after 15 years at Virginia Tech². We're > very, very thankful that we could host linuxaudio.org on their servers > and we can't stress enough how grateful we are for all the work that has > been done on the side of Virginia Tech after the hack. > > linuxaudio.org now lives at Fuga³, a fully open source OpenStack⁴ cloud > based in The Netherlands. Fuga is part of Cyso⁵, the company I work for. > The linuxaudio.org ecosystem now consists of three separate servers, a > web server, a mail server and a storage server. We rebuilt everything > with portability and scalability in mind with a strong focus on > security. You can never prevent passwords or SSH keys getting into the > hands of hackers but we'll try to keep the servers as up to date as we > can to narrow down the attack surface as much as possible. > > A big thank you to all those who helped out! It was quite a ride but it > seems as if most part of the linuxaudio.org ecosystem is accessible > again. If you find any web pages, downloads or other bits and parts that > don't work properly then please let us know so we can take a look at it. > Many thanks in advance and also many thanks for bearing with us! > > Best, > > Jeremy Jongepier > root-ddzkxpnfpdzhj6biahg...@public.gmane.org > > ¹ https://dirtycow.ninja/ > ² https://icat.vt.edu/ > ³ https://fuga.cloud/ > ⁴ https://www.openstack.org/ > ⁴ https://cyso.com/en/ > > > _______________________________________________ > Linux-audio-dev mailing list > linux-audio-...@lists.linuxaudio.org > https://lists.linuxaudio.org/listinfo/linux-audio-dev > > > -- > David Kastrup > > _______________________________________________ > lilypond-devel mailing list > email@example.com > https://lists.gnu.org/mailman/listinfo/lilypond-devel > -- Han-Wen Nienhuys - hanw...@gmail.com - http://www.xs4all.nl/~hanwen _______________________________________________ lilypond-devel mailing list firstname.lastname@example.org https://lists.gnu.org/mailman/listinfo/lilypond-devel