Am 31.08.2013 06:42, schrieb agraham:
On 08/31/2013 01:36 AM, Gordon Messmer wrote:
> On 08/30/2013 12:35 PM, agraham wrote:
>>
>> As you will all remember, a few years ago we
kernel.org was hacked, I
>> cannot remember if that was ever resolved
>
>
http://www.pcworld.com/article/239400/hack_or_no_hack_the_linux_kernel_is...
>
That was actually my concern:
"Investigations are no doubt continuing on numerous fronts, and
Kernel.org is
working to make sure that each of its
448 users change their passwords and SSH keys."
The attack could have been specifically designed to cause a loss of trust as it did and
the key regeneration that
then occurred resulting in private keys being exposed via one of 448 users weak points,
for future use (and would
then be much harder to detect because nothing was changed at that time)
and last week as i not locked my workstation while going on toilet
somebody could have installed a keylogger in my user-profile or
even somebody managed it to put in a USB stick with a unknown
exploit
*prove it* or stop FUD like "Linux Kernel Hacked by NSA/GCHQ"
at least stop it on the *Fedora* users list