Linux Kernel Hacked by NSA/GCHQ
agraham
agraham at g-b.net
Sat Aug 31 04:42:42 UTC 2013
On 08/31/2013 01:36 AM, Gordon Messmer wrote:
> On 08/30/2013 12:35 PM, agraham wrote:
>>
>> As you will all remember, a few years ago we kernel.org was hacked, I
>> cannot remember if that was ever resolved
>
> http://www.pcworld.com/article/239400/hack_or_no_hack_the_linux_kernel_is_well_protected.html
>
That was actually my concern:
"Investigations are no doubt continuing on numerous fronts, and
Kernel.org is working to make sure that each of its 448 users change
their passwords and SSH keys."
The attack could have been specifically designed to cause a loss of
trust as it did and the key regeneration that then occurred resulting in
private keys being exposed via one of 448 users weak points, for future
use (and would then be much harder to detect because nothing was changed
at that time).
Thanks.
Albert
Need to get back to watching TV,
That's CCTV :) in the UK.
More information about the users
mailing list