Language Selection

English French German Italian Portuguese Spanish

Security Issues at Gentoo Narrowed Down to Crappy Password

Submitted by Roy Schestowitz on Friday 6th of July 2018 05:25:53 PM Filed under
Gentoo
Security
  • Linux experts are crap at passwords!

    Fortunately, Gentoo’s GitHub respository wasn’t the primary source for Gentoo code, and few, if any, Gentoo users were relying on it for software updates.

  • Gentoo publishes detailed report after its GitHub was compromised

    You may have seen the news towards the end of June that Gentoo, a fairly advanced Linux distribution, had its GitHub repository compromised after an attacker managed to gain access to one of the connected accounts. Now, Gentoo has published a comprehensive report about the incident and it turns out that the gaff was due to not following rudimentary security tips.

  • Weak Admin Password Caused Compromise of Gentoo GitHub repository

    Gentoo have finished their investigation of the hack that affected their project last week on GitHub. The point of vulnerability has turned out to be a weak Administrator password. upon compromise the hackers added the Linux killer command “rm -rf /” so when users cloned the project to their computers all their data will be erased.

»

Gentoo Linux Github

Submitted by Roy Schestowitz on Friday 6th of July 2018 07:18:02 PM.
  • Gentoo Linux Github Organization repo hack was down to a series of security mistakes

    It seems that the hackers were able to gain access to the GitHub organization account by using the password of one of the organization administrators. By the team's own admission, poor security meant that the password was easy to guess. As the Register points out, "only luck limited the damage", but the Gentoo Linux team is keen to let it be known that it has learned a lot from the incident.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Games: Warhammer 40,000, Turok 2: Seeds of Evil, Armed and Gelatinous

Python language founder steps down

  • ​Python language founder steps down
    After almost 30 years of overseeing the development of the world's most popular language, Python, its founder and "Benevolent Dictator For Life" (BDFL), Guido van Rossum, has decided he would like to remove myself entirely from the decision process. Van Rossum isn't leaving Python entirely. He said, "I'll still be there for a while as an ordinary core dev, and I'll still be available to mentor people -- possibly more available."
  • Guido van Rossum resigns as Python leader
    Python creator and Benevolent Leader for Life Guido van Rossum has decided, in the wake of the difficult PEP 572 discussion, to step down from his leadership of the project.

FSF/GNU: Alyssa Rosenzweig, Sonali Singhal, DataBasin + DataBasinKit 1.0

  • Introducing Alyssa Rosenzweig, intern with the FSF tech team
    Howdy there, fellow cyber denizens; 'tis I, Alyssa Rosenzweig, your friendly local biological life form! I'm a certified goofball, licensed to be silly under the GPLv3, but more importantly, I'm passionate about free software's role in society. I'm excited to join the Free Software Foundation as an intern this summer to expand my understanding of our movement. Well, that, and purchasing my first propeller beanie in strict compliance with the FSF office dress code! Anywho, I hail from a family of engineers and was introduced to programming at an early age. As a miniature humanoid, I discovered that practice let me hit buttons on a keyboard and have my textual protagonist dance on my terminal -- that was cool! Mimicking those around me, I hacked with an Apple laptop, running macOS, compiling in Xcode, and talking on Skype. I was vaguely aware of the free software ethos, so sometimes I liberated my code. Sometimes I did not. I was little more than a button masher with a flashing TTY; I wrote video games while inside a video game, my life firewalled from reality.
  • Sonali's Progress on the Free Software Directory, weeks 1-2
    The last few weeks have been very enlightening. I learned about MediaWiki extensions, like MobileFrontend, CSS, vim, and other mobile extensions. I installed MobileFrontend, and resolved a few issues I faced regarding HeaderTabs and in-line view. It feels great to have been able to get the basic structure for mobile view by now. As a part of my project to make the Free Software Directory mobile friendly, I can add extensions, modify the code, and format the pages the way I like. I have complete freedom to experiment on their development site as much as I want. It's wonderful to be able to work on something I really enjoy under the guidance of experienced mentors.
  • DataBasin + DataBasinKit 1.0 released
    DataBasin is a tool to access and work with SalesForce.com. It allows to perform queries remotely, export and import data, inspect single records and describe objects. DataBasinKit is its underlying framework which implements the APIs in Objective-C. Works on GNUstep (major Unix variants and MinGW on windows) and natively on macOS.

Android Leftovers

More on Tux Machines: AboutGalleryForumBlogsSearchNewsRSS Feed

Part of Bytes Media ● Sister sites below.

TechBytes Techrights button

Powered by Drupal, an open source content management system

Content available under CC-BY-SA CC

© by original authors

Powered by CentOS 6.5 (GNU/Linux), Varnish, and Drupal 6