Linux Foundation Confirms Malware Attack::Brought to you by TechWeb
By Mathew J. Schwartz
Read the Original Article at InformationWeek
The Linux Foundation last week emailed all of its users, warning them that an attacker had compromised LinuxFoundation.org and Linux.com, as well as their subdomains. The attacker may also have stolen usernames, email addresses, and passwords. The attack was discovered on Thursday, and the foundation is still conducting a full audit of the affected sites. "We are in the process of restoring services in a secure manner as quickly as possible," it said in a notice posted on the front page of the Linux Foundation
........In addition, no changes could be made to the distributed code without alarms sounding. "The code for the kernel (and for many other projects) is managed with the 'git' source code management system. And git does not allow the code to be modified by third parties without people knowing about it," said Jonathan Corbet, executive editor of LWN.net, in a blog post
Notably, a 160-bit cryptographic hash is generated for every set of Linux code changes. "The key to the hash function is that, if the contents of the file change, the hash will change too," said Corbet. "Creating any new file matching the hash of an existing file is not really possible; if you want that new file to look like the old one with the exception of a bit of hostile code, the challenge is even bigger."
Still, he said, as a member of the Linux kernel development community, "I can say that this episode is disturbing and embarrassing."