topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Monday December 9, 2024, 11:06 pm
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Author Topic: Linux kernel.org hacked  (Read 18458 times)

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,153
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Linux kernel.org hacked
« on: September 01, 2011, 02:33 PM »
"Oops."

shot-2011-09-01@21.28.34.png
Kernel.org Server Rooted and 448 users credentials compromised

Now, as mentioned in the article there's no reason to worry about the Git source repository, due to the nature of Git itself... but the kernel tarballs could be affected, and we won't know the details until after an audit is done. (Yes, there's signatures for those tarballs, but who checks the signatures? And is there any guarantee that the tarball signing key hasn't been compromised?).

What does this mean? If you've downloaded tarballs from kernel.org the previous month or so, be sure to audit your systems and follow the news very carefully. Hopefully all sane distributions get their kernel sources from Git and not kernel tarballs, so people upgrading kernels from their distro vendor should be safe - but stay tuned.

Interesting news, anyway. Seems to be a combination of trojanizing an Intel kernel committer (social engineering or haxxor of his system?), and then a bit of local->root privilege escalation.
- carpe noctem

zridling

  • Friend of the Site
  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 3,299
    • View Profile
    • Donate to Member
Re: Linux kernel.org hacked
« Reply #1 on: September 02, 2011, 05:37 AM »
Interesting and embarrassing, eh? I wouldn't worry:

How to inject a malicious commit to a Git repository (or not)
http://git-blame.blo...s-commit-to-git.html

Hack or No Hack, the Linux Kernel Is Well-Protected
http://www.pcworld.c...s_wellprotected.html

Tuxman

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 2,507
    • View Profile
    • Donate to Member
Re: Linux kernel.org hacked
« Reply #2 on: September 02, 2011, 05:45 AM »
That said, the attacker's rootkit was able to gain root priviledges via an (obviously) yet unknown priviledge escalation exploit, so the Linux kernel most likely has a critical bug which is actively exploited, so it does not matter if the Git repository was modified or not.

I'm so happy that I use the secure Windows instead of the exploitable Linux stuff.  :P

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,859
    • View Profile
    • Donate to Member
Re: Linux kernel.org hacked
« Reply #3 on: September 02, 2011, 06:39 AM »
^Do I detect a little flame-baiting from our T-man?  ;D :Thmbsup:

Renegade

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 13,291
  • Tell me something you don't know...
    • View Profile
    • Renegade Minds
    • Donate to Member
Re: Linux kernel.org hacked
« Reply #4 on: September 02, 2011, 07:56 AM »
I'm so happy that I use the secure Windows instead of the exploitable Linux stuff.  :P

Hahahah~! YEAH~! You go~! :) Spill that blood baby~! :P Give 'er~!

(Hey -- I like Windows servers!)

I don't think we're in any danger of a flame war here. (One of the nice things about DC -- our "flame wars" are more like "waving lighters in the air".) :P ;D
Slow Down Music - Where I commit thought crimes...

Freedom is the right to be wrong, not the right to do wrong. - John Diefenbaker

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,859
    • View Profile
    • Donate to Member
Re: Linux kernel.org hacked
« Reply #5 on: September 02, 2011, 07:59 AM »
@Ren - spot on! One of the reasons I like coming here.  8)

P.S. I like Windows servers too! :)




f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,153
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Re: Linux kernel.org hacked
« Reply #6 on: September 02, 2011, 09:25 AM »
Interesting and embarrassing, eh? I wouldn't worry:

How to inject a malicious commit to a Git repository (or not)
http://git-blame.blo...s-commit-to-git.html
Please re-read my post. Like, the first paragraph that mentions Git and tarballs.
- carpe noctem

Tuxman

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 2,507
    • View Profile
    • Donate to Member
Re: Linux kernel.org hacked
« Reply #7 on: September 02, 2011, 10:40 AM »
Awwww, I was so positive that I could initiate a serious flame-war here in this Windows users board!!11

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,859
    • View Profile
    • Donate to Member
Re: Linux kernel.org hacked
« Reply #8 on: September 02, 2011, 11:02 AM »
^Sorry to disappoint. But zridling and 40hz are serious and unapologetic Linux users.  :P


Tuxman

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 2,507
    • View Profile
    • Donate to Member
Re: Linux kernel.org hacked
« Reply #9 on: September 02, 2011, 11:10 AM »
Disrupters!

Renegade

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 13,291
  • Tell me something you don't know...
    • View Profile
    • Renegade Minds
    • Donate to Member
Re: Linux kernel.org hacked
« Reply #10 on: September 02, 2011, 11:26 AM »
^Sorry to disappoint. But zridling and 40hz are serious and unapologetic Linux users.  :P

BURN THE WITCHES~!

Slow Down Music - Where I commit thought crimes...

Freedom is the right to be wrong, not the right to do wrong. - John Diefenbaker

Stoic Joker

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 6,649
    • View Profile
    • Donate to Member
Re: Linux kernel.org hacked
« Reply #11 on: September 02, 2011, 11:40 AM »
Now Ren, I thought we agreed to (only burning the Mac types) cut down on torching people ... The *nix crowd is ok.

wraith808

  • Supporting Member
  • Joined in 2006
  • **
  • default avatar
  • Posts: 11,190
    • View Profile
    • Donate to Member
Re: Linux kernel.org hacked
« Reply #12 on: September 02, 2011, 12:20 PM »
But isn't the mac crowd sort of mixed in with the *nix crowd now?

Tuxman

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 2,507
    • View Profile
    • Donate to Member
Re: Linux kernel.org hacked
« Reply #13 on: September 02, 2011, 12:35 PM »
The Mac crowdies are bastards.

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,859
    • View Profile
    • Donate to Member
Re: Linux kernel.org hacked
« Reply #14 on: September 02, 2011, 01:20 PM »
But isn't the mac crowd sort of mixed in with the *nix crowd now?

Nope. They want nothing to do with us nixers.

How the discussion usually goes
linuxvsmac.jpg


As far as they're concerned we're just wannabe Mac users that don't have enough education (or contacts) to get a job that pays well enough for us to afford Apple hardware. Which makes us just a bunch of techno-hippies, slackers, and eurotrash losers - in short,  nothing like the upwardly mobile and incredibly hip "beautiful people" that make up the Macintosh culture.

So please don't lump us in with the Mac crowd.

Because the Mac crowd certainly doesn't.
 ;D

« Last Edit: September 02, 2011, 01:33 PM by 40hz »

Stoic Joker

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 6,649
    • View Profile
    • Donate to Member
Re: Linux kernel.org hacked
« Reply #15 on: September 02, 2011, 05:51 PM »
But isn't the mac crowd sort of mixed in with the *nix crowd now?

No, the Mac crowd bends to the will of lord jobs ... And therefore fiercely believes his every decreed word in that OSX is indeed a thing unto itself. Because it use some piece/part/portion in some arcane mini-Minge kernel project, and is therefore not just a slapped on GUI desktop masking a copy of FreeBSD.

And then there's the rest of us that think ^^they're^^ full of shit.  :D

Lashiec

  • Member
  • Joined in 2006
  • **
  • Posts: 2,374
    • View Profile
    • Donate to Member
Re: Linux kernel.org hacked
« Reply #16 on: September 04, 2011, 10:03 AM »
Nope. They want nothing to do with us nixers.

Yet it's amazing the amount of open source supporters who run a Mac, though sometimes out of spite :P

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,859
    • View Profile
    • Donate to Member
Re: Linux kernel.org hacked
« Reply #17 on: September 04, 2011, 11:00 AM »
Nope. They want nothing to do with us nixers.

Yet it's amazing the amount of open source supporters who run a Mac, though sometimes out of spite :P

I thought it was more out of pity they did that...

Poor little Mach kernal being held captive by Apple like that. What did it ever do to them? ;D


Tuxman

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 2,507
    • View Profile
    • Donate to Member
Re: Linux kernel.org hacked
« Reply #18 on: September 04, 2011, 11:10 AM »
Darwin is open source, it is just Aqua that is not. Anyway, I really wonder what should be so "great" about a BSD/Mach hybrid bastard of a kernel, given that OSX is, according to Secunia, more insecure than Windows 7.

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,859
    • View Profile
    • Donate to Member
Re: Linux kernel.org hacked
« Reply #19 on: September 04, 2011, 11:42 AM »
^Mach was pretty rad for it's time when microkenals were all the rage.

I think the main reason Jobs liked it was because that's what they used for his ill-fated NeXT machine (Jobs never admits he backed the wrong horse) - and the license allowed them to use the code without needing to give anything back.

So I'd hesitate to call Mach3 a bastardized kernal.  It's just a different approach than the one more commonly used by most of today's production operating systems.

But who knows? GNU Hurd is based on the Mach kernal - and there's some chance Hurd may finally be out in the near future after 20 years of waiting. A "Hurd variant" of Debian is slated for release with version 7.0 (aka: Wheezey). Beta downloads are already available for it. (Note: this is seriously beta so don't bother unless you're really curious about it.)

 8)

Tuxman

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 2,507
    • View Profile
    • Donate to Member
Re: Linux kernel.org hacked
« Reply #20 on: September 04, 2011, 11:46 AM »
Good software is never "final"!

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,859
    • View Profile
    • Donate to Member
Re: Linux kernel.org hacked
« Reply #21 on: September 04, 2011, 12:33 PM »
Good software is never "final"!

I wasn't saying "final" - just "finally out."  8)

Tuxman

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 2,507
    • View Profile
    • Donate to Member
Re: Linux kernel.org hacked
« Reply #22 on: September 04, 2011, 01:30 PM »
Even an alpha 0.01 is "out".  :)

zridling

  • Friend of the Site
  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 3,299
    • View Profile
    • Donate to Member
Re: Linux kernel.org hacked
« Reply #23 on: September 04, 2011, 03:08 PM »
^Sorry to disappoint. But zridling and 40hz are serious and unapologetic Linux users.

Indeed. And just like any other software, among distros, I have a number of niggling gripes. But the modularity and scalability of the kernel is good to us all.