Skip to comments.
GNU Servers Hacked, Linux Software May Be Compromised
Internet Week ^
| Aug. 14, 2003
| Techweb News
Posted on 08/14/2003 4:50:43 PM PDT by Spruce
GNU Servers Hacked, Linux Software May Be Compromised
By
Techweb News
In mid-March, someone hacked the primary file servers hosted by the GNU Project, the group which supports the development of many of the components in the Linux operating system, the group acknowledged Wednesday. It warned that the attacker may have inserted malicious code into the free software available for download, including Linux, and posted a set of hashes that users can check against to determine if what they retrieved is clean.
The CERT Coordination Center noted in an advisory posted Wednesday that "because this system serves as a centralized archive of popular software, the insertion of malicious code into the distributed software is a serious threat." At the same time, it reported that there isn't any evidence that the source code posted on the FTP servers was, in fact, compromised.
The Free Software Foundation (FSF), which oversees the GNU Project, has posted a series of checksums, validation numbers generated by the source code known not to have been compromised, which users can use to verify what they've downloaded.
The attack took place in March, but was only discovered in late July. It used an exploit that was revealed on March 17, for which a patch wasn't immediately available. It was during a week's span of vulnerability that the servers were compromised, the FSF said in a statement.
A trojan horse was placed on the system at that time, possibly for password collection and to use the machine for additional attacks, according to the FSF.
TOPICS: Business/Economy; Crime/Corruption; Culture/Society; Extended News; Miscellaneous; Technical
KEYWORDS: gnu; hack; linux; tech
Navigation: use the links below to view more comments.
first 1-20, 21-24 next last
1
posted on
08/14/2003 4:50:44 PM PDT
by
Spruce
To: Spruce
SCO did it!!
2
posted on
08/14/2003 4:52:38 PM PDT
by
dandelion
To: Spruce
I'm sorry but that's impossible. Only microsoft software can be hacked.
Sarcasm Off
To: Spruce
This can't be true, Linus Torvalds (the most arrogant S.O.B. I have ever heard speak) has told us time and time again that Linux is "Rock Solid".
Aint nuthin perfect, and aint nuthin that can't be hacked !!
4
posted on
08/14/2003 5:06:29 PM PDT
by
unixfox
(Close the borders, problems solved!)
To: Spruce
This was a Microsoft black op to spead more FUD around the open source movement.
To: Spruce
I told y'all that Windows sucks. Billy Bob cares nothing about us poor users. He just wants our money. He doesn't care about security. Linux RULEZ! Uh, wait a minute...
6
posted on
08/14/2003 5:48:52 PM PDT
by
mikegi
To: unixfox
This can't be true, Linus Torvalds (the most arrogant S.O.B. I have ever heard speak) has told us time and time again that Linux is "Rock Solid". What operating system are the FSF servers running?
It could be BSD, or even Windoze!
Just because the Linux source code is stored there doesn't mean thte servers are running it.
Aint nuthin perfect, and aint nuthin that can't be hacked !!
That is for sure true.
So9
7
posted on
08/14/2003 5:55:02 PM PDT
by
Servant of the Nine
(Real Texicans; we're grizzled, we're grumpy and we're armed)
To: Servant of the Nine
"It could be BSD, or even Windoze!"
Ever heard the expression "grasping at straws" ?
8
posted on
08/14/2003 6:03:30 PM PDT
by
old-ager
Winblows still blows huge chonkey schlong.
How many total root compromises since w2k RTM? 40? 50?
Oh, you used winblowsupdate and SP4 trashed your system?
Tough luck. Read your EULA.
9
posted on
08/14/2003 6:05:08 PM PDT
by
tubavil
To: unixfox
Never heard him speak, he's that arrogant?
To: Spruce
cvs diff is your friend.
11
posted on
08/14/2003 6:11:59 PM PDT
by
dr_who_2
To: dr_who_2
cvs diff is your friend. You want to look through every file that has diffs and try to figure out whether they change includes malicious code? Good luck!!!
12
posted on
08/14/2003 6:26:46 PM PDT
by
KayEyeDoubleDee
(const tag& thisTagWontChange)
To: KayEyeDoubleDee
Gotta start somewhere. Or I guess they could go back to the version before the break in and add in all the good patches again.
13
posted on
08/14/2003 7:03:48 PM PDT
by
dr_who_2
To: dr_who_2
This begs that question of whether the GNU CVS repository could have been compromised in such a way that the diffs could be hidden. I guess that since CVS actually keeps changes to, rather than complete copies of each version, this might be hard to do.
14
posted on
08/14/2003 7:27:12 PM PDT
by
KayEyeDoubleDee
(const tag& thisTagWontChange)
To: dr_who_2
Or I guess they could go back to the version before the break in and add in all the good patches again.But no one knows if the patches are good, right?
15
posted on
08/14/2003 7:27:58 PM PDT
by
KayEyeDoubleDee
(const tag& thisTagWontChange)
To: KayEyeDoubleDee; dr_who_2
Sorry. I see what you mean about re-adding the patches.
16
posted on
08/14/2003 7:29:25 PM PDT
by
KayEyeDoubleDee
(const tag& thisTagWontChange)
To: Spruce
It's Skynet!
To: Spruce
The attack took place in March, but was only discovered in late July. What a colossal failure of security. This was the primary distribution point on the web for Linux utilities, and they will have a very hard time proving that trojans weren't imbedded into the source code repositories at some point over the last six months, even if they no longer exist.
To: KayEyeDoubleDee
Anyone who can read the code can look for suspicious commits. Preferably the people who maintain that program. No one person maintains all the programs, so this isn't as big a task as you think it is. Nothing wrong with taking a break from adding more features for a security audit. Certainly the other sites that have similar versions of the same source code should have identical source code.
19
posted on
08/14/2003 7:43:48 PM PDT
by
dr_who_2
To: Golden Eagle
What a colossal failure of security.
No denying that.
20
posted on
08/14/2003 7:47:33 PM PDT
by
dr_who_2
Navigation: use the links below to view more comments.
first 1-20, 21-24 next last
Disclaimer:
Opinions posted on Free Republic are those of the individual
posters and do not necessarily represent the opinion of Free Republic or its
management. All materials posted herein are protected by copyright law and the
exemption for fair use of copyrighted works.
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson