1. TechSpot is dedicated to computer enthusiasts and power users. Ask a question and give support. Join the community here.
    TechSpot is dedicated to computer enthusiasts and power users.
    Ask a question and give support.
    Join the community here, it only takes a minute.
    Dismiss Notice

Linux distro hacked on GitHub

By jobeard
Jun 29, 2018
Post New Reply
  1. According to NakedSecurity.sophos.com:

    Gentoo, a popular distribution of Linux, has had its GitHub repository hacked. Hacked, as in “totally pwned”, taken over, and modified; so far, no one seems to be sure quite how or why.
    Now this is exemplary in code management:
    • The Gentoo team didn’t beat around the bush, and quickly published an unequivocal statement about the breach.
    • The Gentoo GitHub repository is only a secondary copy of the main Gentoo source code.
    • The main Gentoo repository is intact.
    • All changes in the main Gentoo repository are digitally signed and can therefore be verified.
    • As far as we know, the main Gentoo signing key is safe, so the digital signatures are reliable.
    since Github is only a mirror for it, you are fine as long as you are using rsync or webrsync from gentoo.org.
     

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...