Who rooted kernel.org servers two years ago, how did it happen, and why?

Discussion in 'all things UNIX' started by ronjor, Sep 24, 2013.

Thread Status:
Not open for further replies.
  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,719
    Location:
    Texas
  2. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,024
    The delay is troubling.

    On the other hand, it does seem clear that nothing was altered.

    Right?
     
  3. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    This does leave a lot of questions. Maybe they should be asked to put a version of one of these on their sites. If they won't, that will say all that needs to be.
     
  4. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    It's ~ Snipped as per TOS ~ and annoying that they never released information, but it doesn't matter.

    If files were modified we'd know. Kernel.org is not the only place where the source is hosted, it's mirrored in a million places, all of it is signed cryptographically so a single change would stick out and be almost (definitely) impossible to hide in a way that acts as a backdoor and a collision. Even if it weren't signed you could just diff it with mirrors, but it is so it's a moot point.

    There are lots of Linux security issues to consider. This is not really one of them.
     
    Last edited by a moderator: Sep 25, 2013
Loading...
Thread Status:
Not open for further replies.