Snott

Blog

  • Linux Foundation site hacked

    Linux Foundation site hacked

    Following the kernel.org hack earlier this month, now it seems that the Linux Foundation infrastructure (including Linux.com and linuxfoundation.org) also got hacked on September 8, 2011.

    I wasnt going to blog about it because I figured many, many sites would have this covered by now,  but I havent read a single post about this from a Linux Foundation or Linux.com user, and I find it very alarming that as of today (September 12, 2011) Linux Foundation’s website and services hasn’t been restored.

    On the Linux Foundation announcement about this they state that the attack is very likely to be connected to the Kernel.org attack (which is still down as I write this).

    What worries most people is the fact that if the kernel servers got hacked, the attackers can be able to inject some malicious code into the kernel and then have it redistributed across the entire world, potentially infecting millions of computers. Achieving this is an almost impossible task, because the Kernel itself has a checksum, that gets recalculated every time someone commits a change to the kernel source, so if the hacker(s) that went in the servers try to change something, all the kernel developers would notice a change in the checksum and wont push the update.

    Also remember that the kernel source is spread among millions of servers across the globe, so one single attack on one server isn’t going to be catastrophic.

    The Linux Foundation is auditing all systems and they say services will become available in the coming days, just so the announcement doesn’t get lost when the website comes back online, I will paste it here:

    Linux Foundation infrastructure including LinuxFoundation.org, Linux.com, and their subdomains are down for maintenance due to a security breach that was discovered on September 8, 2011. The Linux Foundation made this decision in the interest of extreme caution and security best practices. We believe this breach was connected to the intrusion on kernel.org.

    We are in the process of restoring services in a secure manner as quickly as possible. As with any intrusion and as a matter of caution, you should consider the passwords and SSH keys that you have used on these sites compromised. If you have reused these passwords on other sites, please change them immediately. We are currently auditing all systems and will update this statement when we have more information.

    We apologize for the inconvenience. We are taking this matter seriously and appreciate your patience. The Linux Foundation infrastructure houses a variety of services and programs including Linux.com, Open Printing, Linux Mark, Linux Foundation events and others, but does not include the Linux kernel or its code repositories.

    Please contact us at info@linuxfoundation.org with questions about this matter.

    The Linux Foundation

    *** UPDATE***

    We want to thank you for your questions and your support. We hope this FAQ can help address some of your inquiries.

    Q: When will Linux Foundation services, such as events, training and Linux.com be back online?

    Our team is working around the clock to restore these important services. We are working with authorities and exercising both extreme caution and diligence. Services will begin coming back online in the coming days and will keep you informed every step of the way.

    Q: Were passwords stored in plaintext?

    The Linux Foundation does not store passwords in plaintext. However an attacker with access to stored password would have direct access to conduct a brute force attack. An in-depth analysis of direct-access brute forcing, as it relates to password strength, can be read athttp://www.schneier.com/blog/archives/2007/01/choosing_secure.html. We encourage you to use extreme caution, as is the case in any security breach, and discontinue the use of that password if you re-use it across other sites.

    Q: Does my Linux.com email address work?

    Yes, Linux.com email addresses are working and safe to use.

    Q: What do you know about the source of the attack?

    We are aggressively investigating the source of the attack. Unfortunately, we can’t elaborate on this for the time being.

    Q: Is there anything I can do to help?

    We want to thank everyone who has expressed their support while we address this breach. We ask you to be patient as we do everything possible to restore services as quickly as possible.

    Kernel.org site just greets you with a “Down for maintenance” page.

    I would love to know who is to blame for this, a hacker group? some 15 year old geek trapped in a basement?

    Lastly, here some stuff I advice you to do if you are a Linux user:

    • If you pull kernel updates from kernel.org, change it immediately! choose another mirror and continue pulling updates on your system normally. If you are an Archlinux user I advice you use the reflector tool to pull the fastest and closest mirrors.
    • If you are a Linux Foundation member or registered user, change the password as soon as the site becomes available again, also if you are one of those people who tend to use one password for all your accounts everywhere, change all of them right NOW.
    • If the above point applies to you, please STOP doing it, the better way to protect yourself online is to use different passwords for ALL the services you use. You will say its impossible to know 15 or so different passwords, but you can do it, the trick is to just come up with a password scheme, so you have a method of defining your passwords instead of using a single password every time.

     

  • Learn to use Vim in 21 minutes

    Learn to use Vim in 21 minutes

    Vim is a text editor widely used by Advanced Linux users, but just because the user base are geeky users, that doesn’t mean you can’t learn and use this amazing text editor for your daily tasks.

    Learning to use Vim its easier than you think, and once you get used to its options, its hard for you to go back and edit files the conventional way (ie. nano, leafpad, notepad, etc).

    Vim is both simple and powerful (as in minimal effort, maximum effect).

    Just to give you some motivation, here are a few things you can do on Vim very easily while with other text editors would be difficult/not ideal or time consuming:

    • Can you move your cursor exactly 7 lines forward or backward with just 2 keystrokes?
    • Can you select just the first column of text on any given file?
    • Can you use search and replace within a specific block of text inside a file?
    • Can you see the start and end of the same file even if it’s a 1000 pages file?

    The above examples can all be achieved with vim with very little effort (all of those examples are provided along with keystroke combinations at the start of the e-book).

    There are a TON of resources if you want to learn Vim, here are the best 3 in my opinion:

    1) vimtutor (just type that in your terminal)

    Its a complete tutorial from 0 to expert vim user, included with every installation of vim so you don’t have to download or install anything.

    2) Linux Foundation’s Vim webinar

    This video will explain the basics of Vim and why it is so powerful, recommended for newbies and novice users, this is all you need to start using and mastering Vim.

    3) Byte of Vim e-book

    Great resource straight from the makers or Vim, you will find all the information you need to be a Vim guru by reading this book. It’s very well written, its easy to understand and it’s not that long (89 pages).

    Byte of Vim e-book

    Also note that there is a GUI version of Vim, called Gvim, which is just prettier than normal Vim, although they are the same under the hood.

    I hope that with this resources you can finally understand Vim and learn why so many people swear by it.

    UPDATE: I also found an android app called VI Reference that works as a quick manual so you can carry the commands and learn them or check them while on the go! you can find it here