Red Hat confirms security breach

posted Aug 23rd 2008 3:30pm by
filed under: security hacks


After a week of wondering, Red Hat has confirmed that someone broke in and compromised their security. Although It doesn’t appear the attacker was able to retrieve the passphrase used to sign Fedora packages, the team is switching to new keys. In a separate intrusion the attacker tampered with and signed OpenSSH packages for RHEL. While it’s good to get the full story, no one is happy how long it took Red Hat to release these details.

[via Zero Day]

[photo: afsilva]

Read



2 Responses to Red Hat confirms security breach

  • J. Peterson says:
    August 23, 2008 at 4:39 pm

    If you want to understand just how scary a break-in like this could be, check out Ken Thompson’s classic Turing award paper, “Reflections on Trusting Trust”

    http://cm.bell-labs.com/who/ken/trust.html

    It’ll send a chill down your spine…

    Reply Report comment
  • Ferguson says:
    February 2, 2010 at 2:16 pm

    In similar news, http://www.twitter.com got accounts phished on sunday. I guess no site is safe.

    Reply Report comment

    • Leave a Reply

    XHTML: You can use these tags: <a href="" title="" rel=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <pre> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

    Hack a Day serves up fresh hacks each day, every day from around the web as well as hacking related news.

    Send us your hacks










         



    Hacks

    Resources