berlios.de compromised since 2005
Tomas Mraz
tmraz at redhat.com
Wed Jan 13 20:22:00 UTC 2010
On Wed, 2010-01-13 at 12:33 -0600, Jon Ciesla wrote:
> Seth Vidal wrote:
> > Hi folks,
> > This lwn article reports that berlios.de has been compromised for a long,
> > long time.
> > if you're on this list then you need to talk to upstream and find out if
> > they have done an audit yet. You might consider doing an audit yourself,
> > if you have the background to know what sort of things to look for.
> >
> >
> Thanks, Seth. And if we don't, what's a good resource for security
> auditing n00bs?
Unfortunately if the attacker was really clever there is almost zero
probability the backdoor can be spotted during a casual review of the
code. So it would be found only by pure chance.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
More information about the devel
mailing list