Language Selection

English French German Italian Portuguese Spanish

Security Issues at Gentoo Narrowed Down to Crappy Password

Filed under
Gentoo
Security
  • Linux experts are crap at passwords!

    Fortunately, Gentoo’s GitHub respository wasn’t the primary source for Gentoo code, and few, if any, Gentoo users were relying on it for software updates.

  • Gentoo publishes detailed report after its GitHub was compromised

    You may have seen the news towards the end of June that Gentoo, a fairly advanced Linux distribution, had its GitHub repository compromised after an attacker managed to gain access to one of the connected accounts. Now, Gentoo has published a comprehensive report about the incident and it turns out that the gaff was due to not following rudimentary security tips.

  • Weak Admin Password Caused Compromise of Gentoo GitHub repository

    Gentoo have finished their investigation of the hack that affected their project last week on GitHub. The point of vulnerability has turned out to be a weak Administrator password. upon compromise the hackers added the Linux killer command “rm -rf /” so when users cloned the project to their computers all their data will be erased.

Gentoo Linux Github

  • Gentoo Linux Github Organization repo hack was down to a series of security mistakes

    It seems that the hackers were able to gain access to the GitHub organization account by using the password of one of the organization administrators. By the team's own admission, poor security meant that the password was easy to guess. As the Register points out, "only luck limited the damage", but the Gentoo Linux team is keen to let it be known that it has learned a lot from the incident.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Microsoft and IBM Spin/PR

  • Windows 10 Will Finally Offer Easy Access to Linux Files [Ed: No, this is more WSL entrapment. They try to prevent people from using proper GNU/Linux with the actual kernel, either standalone or dual-boot. This is also about surveillance on one's files, keys, keystrokes, everything.]
  • Zowe Makes Mainframe Evergreen [Ed: Swapnil Bhartiya greenwashing and openwashing 2-in-1]
    Zowe also offers a vendor-agnostic experience allowing users to mix and match tooling and technologies. It provides interoperability, through the latest web technologies, products, and solutions from multiple vendors, and it allows developers to use the familiar, industry-standard, open source tools to access mainframe resources and services.
  • The ibmvnic driver with SR-IOV is now supported by SLES 12 and SLES 15 on IBM POWER9 processor-based systems
    The ibmvnic driver enables PowerVM Single Root I/O Virtualizations (SR-IOV) for improved network capabilities including reduced systems processor utilization, decreased network latency, and enforcement of network Quality of Service.

Games: Hollow Knight: Silksong, Warhammer 40,000: Mechanicus and Dusk

New Releases and Video: Archman and ArcoLinux

Mir 1.1.1 Release Candidate

  • Mir 1.1.1 - release candidate
    I’ve just kicked off the process for a bugfix release of Mir. An initial release-candidate is currently building in ppa:mir-tream/rc.
  • Mir 1.1.1 RC1 Has Fixes For PostmarketOS, Demo Shells Using Wayland
    Mir 1.1 was released back in December as the first post-1.0 feature update while now preparing for release is the Mir 1.1.1 maintenance milestone. Canonical's Alan Griffiths has tagged the Mir 1.1.1 release candidate today as the newest bug-fix release. Highlights include: - Fixing issues with PostmarketOS support, particularly around its usage of the musl C library rather than Glibc. PostmarketOS is the mobile Linux distribution derived from Alpine Linux that's been having a steady following in recent times and running on the Nexus 5/7, Nokia N9, and other devices.