[OT] Hackers break into Linux kernel home

[Amedee Van Gasse]

On Fri, September 2, 2011 10:40, Gilles Gravier wrote:
> They stole source code so that they could search inside it for
> vulnerabilities.
>
> Oh wait... No. Linux is open source. No point in STEALING the code, it's
> there available for freeeeeeeeeeeeeee! :)
>
> Serilously, nobody publicly knows yet. I suspect they need to do a full
> audit of the systems affected.
>
> Several scenarii are possible though:

The plural of the Italian word scenario is scenari, making “scenarii”
etymologically inconsistent.

> 1) They are dumb and stole source code (see jest above)

No comment :)

> 2) They are smarter and compromised the code (hopefully a comparison
> with a backup, followed by a restore will fix)

Git prevents that. Thousands of people have an exact copy of the Linux
kernel, and if even one bit was changed after a commit, then this would be
noticed in a jiffy.

> 3) They are even smarter, and didn't touch the code, but planted trojans
> in the machines so that they can come back at a later date and mess up
> with the code when nobody is thinking about this incident anymore

As I understand it, the people from kernel.org are busy rebuilding all
machines from scratch (not only the compromised ones) and patching the
hole that caused the security issue.

> On 02/09/2011 10:21, reeyarn wrote:
>> What does it mean? Is Ubuntu also affected?

No. Your current Ubuntu installation is not affected, and the problem was
discovered before a new version of Ubuntu was released.

> How to prevent being attacked?

That's an entirely different question. Not running any public facing
services that you don't really need, would be the best place to start.