Dear community members and contributors, in the last few month we saw security breaches at gnu.org[1], at sourceforge.net[2] and at fedora[3].
Even if it is believed that the integrity of the hosted projects was not affected I want to take the opportunity to remind you to always verify the cryptographic checksums of downloaded archive files, review patches and keep a healthy relationship/communication to the upstream authors. It is good practise to change your password from time to time and make it hard to guess[4][5]. Take extra care using public wifi hotspots, crowded places[6], like trains, and other peoples computer etc. Cheers, Thomas [1] http://blog.sucuri.net/2010/11/savannah-gnu-org-hacked-and-currently-offline.html [2] http://sourceforge.net/apps/wordpress/sourceforge/2011/01/27/service-downtime/ [3] http://lists.fedoraproject.org/pipermail/announce/2011-January/002911.html [4] http://en.wikipedia.org/wiki/Password_strength [5] http://sourceforge.net/projects/pwgen/ [6] http://en.wikipedia.org/wiki/Shoulder_surfing_%28computer_security%29 -- Thomas Biege <[email protected]>, SUSE LINUX, Security Support & Auditing SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg) -- Wer aufhoert besser werden zu wollen, hoert auf gut zu sein. -- Marie von Ebner-Eschenbach -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
