Update on the Fedora Infrastructure Break-In in August 2008
The Fedora Project has published an announcement about the infrastructure break-in back in August 2008. In this announcement Paul Frields goes into some of the details of that breach. Well, please read the announcement for those details. To tell you the truth, this announcement does not leave me fully satisfied, as I would like some more details about how the Fedora Infrastructure team realized that security had been breached. OK, cron reported a strange error about a cronjob. A little more info on that cronjob and how the error had been connected to an intruder would be really great and appreciated. Another thing I would like some more info about is how the intruder got the administrator’s account password. OK, getting the passwordless SSH key can be explained in various ways, but how has the intruder acquired the admin’s account password? Did he manage to break the encrypted form of the password? Was it too weak? Last but not least, there is absolutely no information about the Fedora Project, possibly with the help of Red Hat, proceeding to any legal actions in order to find out who the intruder was. That would be very interesting information too. Apart from all these, it is quite obvious that the Fedora Project managed to recover from such a difficult situation in about a week. Also, from a user’s perspective, I have to say that the project’s recovery process was completely transparent to me as a Fedora user at that time.
