Language Selection

English French German Italian Portuguese Spanish

Follow-Up: Attack on Exherbo.org machine

Filed under
Gentoo

Some of you might have read my previous blog post about the attack on Exherbo’s quote database that I wrote about yesterday. As promised I am going to write a follow up post about how this was handled and what the result of the cooperation with Gentoo’s infrastructure team was.

I also promised to give you an update based on the information that we received after the blog post and the bug was created:

* Alex Howells (Astinus) has been removed from all Gentoo infrastructure and as you can read on bug #229895, Gentoo’s infrastructure team has informed all the developers via the gentoo-core mailing list about what happened.
The developers received the following message (taken from the bug):

* As reported on bug #229895, on 27 Jun 2008 at 19:04 UTC, there was unwarranted traffic sent to http://quotes.exherbo.org/ and some of the traffic involved originated from various Gentoo Linux infrastructure machines. The Gentoo infrastructure team conducted an audit based on logs from the machines as well as those provided by Exherbo’s infrastructure team. Based on results of our audit and the user’s admission via email, we have concluded that the said actions were taken by one of our developers named astinus.
* We have taken appropriate action and have removed the developer in question from Gentoo Linux infrastructure.

More Here

Also:

Up until recently, I had thought most Gentoo users and developers to be adults, who made sensible choices in their actions (but not always their words). This may be generalized to acting professionally. I am saddened to report on the ongoing degradation of the community in this regard, and how infra will deal with their side of it.

If you abuse a Gentoo infrastructure system, we have no compunctions about kicking your ass and handing you to the suitable authorities (userrel, devrel, $GOV_AUTHORITY).

Rest "Going medival on your ass"




More in Tux Machines

Games: Open Source Puzzle Games and SDL 2.0.6 Release

  • Improve Your Mental Mettle with These Open Source Puzzle Games
    The puzzle genre often tests problem-solving skills enhancing both analytical and critical thinking skills. Word completion, pattern recognition, logical reasoning, persistence, and sequence solving are some of the skills often required to prosper here. Some games offer unlimited time or attempts to solve a puzzle, others present time-limited exercises which increase the difficulty of the puzzle. Most puzzle games are basic in graphics but are very addictive.
  • SDL 2.0.6 Released With Vulkan Helpers, DRM/KMS Driver
    SDL 2.0.6 was released on Friday as the latest feature update for this widely-used library that allows for more cross-platform portability of applications and games centered around input, audio, and video helpers.

BeagleBone Announces the Open Source PocketBeagle USB-Key-Fob SBC

  • BeagleBone Announces the Open Source PocketBeagle USB-Key-Fob SBC
    You've probably heard of BeagleBones and the Beagleboard Foundation by now (check out that link if you're not familiar with them). They make open source SBCs and have an online community much like the Raspberry Pi Foundation. While Beaglebones don't have as large of a community or market share as Raspberry Pi, their boards are still quite popular because they tend to be more application-focused than Raspberry Pis. For example, there's the general-purpose Beaglebone Black, the sensor-oriented Beaglebone Green, and the Beaglebone Blue for robotics applications.
  • What is PocketBeagle?

today's howtos

Graphics: NVIDIA, Nouveau, X.Org Server

  • NVIDIA Making Progress On Server-Side GLVND: Different Drivers For Different X Screens
    While NVIDIA isn't doing much to help out Nouveau, at least the company is contributing to the open-source Linux graphics ecosystem in other ways. In addition to presenting at XDC2017 this week on the Unix device memory allocator API and DeepColor / HDR support, they also presented on server-side GLVND. Server-side GLVND is separate from the client-side GLVND (OpenGL Vendor Neutral Dispatch Library) that evolved over the past few years and with modern Linux systems is supported both by Mesa and the NVIDIA binary driver. Server-side GLVND can help PRIME laptops and other use-cases like XWayland where potentially dealing with multiple GPU drivers touching X.
  • Nouveau Developers Remain Blocked By NVIDIA From Advancing Open-Source Driver
    Longtime Nouveau contributors Martin Peres and Karol Herbst presented at this week's XDC2017 X.Org conference at the Googleplex in Mountain View. It was a quick talk as they didn't have a whole lot to report on due to their open-source NVIDIA "Nouveau" driver efforts largely being restricted by NVIDIA Corp.
  • X.Org Server 1.20 Expected Around January With New Features
    X.Org Server 1.19 is already almsot one year old and while X.Org is currently well off its six month release cadence, version 1.20 is being figured out for an early 2018 release. Adam Jackson of Red Hat who has been serving as the xorg-server release manager held a quick session on Friday at XDC2017 to figure out what's needed for X.Org Server 1.20. His goal is to see X.Org Server 1.20 released in time for making the Fedora 28 version. For that to happen nicely, he's hoping to see xorg-server 1.20 released in January. The Fedora 28 beta freeze is the middle of March so there is still time for the 1.20 release to slip while making the F28 Linux distribution update.