I'm still worried, though. There's some mystery involved, how did "they" get root ?
http://isc.sans.edu/diary.html?storyid=11497 kernel.org is indicating "Down for maintenance." Ouch. http://www.linuxfoundation.org/ has some information, but they're still "investigating." Looking at Linus' plus.google.com account doesn't give much information, either. Wondering when and if we can expect results on the compromise. Hmm. Daniel On Wed, Sep 14, 2011 at 2:15 PM, Kevin Chadwick <[email protected]>wrote: > On Tue, 13 Sep 2011 22:38:27 -0700 > lancebaynes87 wrote: > > > > > I love OBSD, and I don't want it to fail like kernel.org: > > > What happened, a ssh account password was stolen followed by local > privile;-Dge escalation. > > They have said that as far as code goes, no harm was done. The worrying > part was how the admins handled the server afterwards (just reboot and > see what happens isn't exactly a strategy and could make things > much worse). I guess that's because they don't really care too much > about the server aside from functionality as the code is protected by > the developers many systems and eyes. > > I'm also not sure if the hacked servers were running the website.
