Am 31.08.2013 06:42, schrieb agraham: > On 08/31/2013 01:36 AM, Gordon Messmer wrote: >> On 08/30/2013 12:35 PM, agraham wrote: >>> >>> As you will all remember, a few years ago we kernel.org was hacked, I >>> cannot remember if that was ever resolved >> >> http://www.pcworld.com/article/239400/hack_or_no_hack_the_linux_kernel_is_well_protected.html >> > > That was actually my concern: > > "Investigations are no doubt continuing on numerous fronts, and Kernel.org is working to make sure that each of its > 448 users change their passwords and SSH keys." > > The attack could have been specifically designed to cause a loss of trust as it did and the key regeneration that > then occurred resulting in private keys being exposed via one of 448 users weak points, for future use (and would > then be much harder to detect because nothing was changed at that time) and last week as i not locked my workstation while going on toilet somebody could have installed a keylogger in my user-profile or even somebody managed it to put in a USB stick with a unknown exploit *prove it* or stop FUD like "Linux Kernel Hacked by NSA/GCHQ" at least stop it on the *Fedora* users list
Attachment:
signature.asc
Description: OpenPGP digital signature
-- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
