[prev in list] [next in list] [prev in thread] [next in thread] 

List:       opensuse-security
Subject:    [opensuse-security] recent security breaches of open-source sites
From:       Thomas Biege <thomas () suse ! de>
Date:       2011-01-28 13:06:40
Message-ID: 201101281406.40385.thomas () suse ! de
[Download RAW message or body]

Dear community members and contributors,

in the last few month we saw security breaches at gnu.org[1], at
sourceforge.net[2] and at fedora[3].

Even if it is believed that the integrity of the hosted projects
was not affected I want to take the opportunity to remind you to
always verify the cryptographic checksums of downloaded archive
files, review patches and keep a healthy relationship/communication
to the upstream authors.

It is good practise to change your password from time to time and make
it hard to guess[4][5]. Take extra care using public wifi hotspots,
crowded places[6], like trains, and other peoples computer etc.

Cheers,
Thomas

[1] http://blog.sucuri.net/2010/11/savannah-gnu-org-hacked-and-currently-offline.html
[2] http://sourceforge.net/apps/wordpress/sourceforge/2011/01/27/service-downtime/
[3] http://lists.fedoraproject.org/pipermail/announce/2011-January/002911.html
[4] http://en.wikipedia.org/wiki/Password_strength
[5] http://sourceforge.net/projects/pwgen/
[6] http://en.wikipedia.org/wiki/Shoulder_surfing_%28computer_security%29

-- 
 Thomas Biege <thomas@suse.de>, SUSE LINUX, Security Support & Auditing
 SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)
--
  Wer aufhoert besser werden zu wollen, hoert auf gut zu sein.
                            -- Marie von Ebner-Eschenbach
-- 
To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security+help@opensuse.org

[prev in list] [next in list] [prev in thread] [next in thread]