Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyse the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customised advertisements based on the pages you visited previously and to analyse the effectiveness of the ad campaigns.

No cookies to display.

Kernel.org Returns – Re-establishing Credentials

Share Your Thoughts: Facebooktwitterlinkedin

Data Security

 

Kernel.org Returns

 

Re-establishing Credentials

As we discussed in an earlier post, kernel.org suffered a security breach.

In a message on the Kernel.org site:

“…we have taken the time to re-architect the site in order to improve our systems for developers and users of kernel.org. To this end, we would like all developers who previously had access to kernel.org who wish to continue to use it to host their git and static content, to follow the instructions here.

  • Right now, www.kernel.org and git.kernel.org have been brought back online. All developer git trees have been removed from git.kernel.org and will be added back as the relevant developers regain access to the system.Thanks to all for your patience and understanding during our outage and please bear with us as we bring up the different kernel.org systems over the next few weeks. We will be writing up a report on the incident in the future.”

LKML.org‘s (unofficial Linux Kernel Mailing List archive), H. Peter Anvin outlines the Credential Re-establishing procedure and states:

“In order to establish a proper PGP web of trust we need keys that are cross-signed
by other developers.”

The notice additionally states: “If you work in an office with multiple other Linux developers, it would be a very good thing to organize a local key signing.  We will do a key signing at Kernel Summit (October 23 – 25, 2011 · Clarion Congress Hotel · Prague, Czech Republic) for the core kernel developers.”

For a complete understanding on the original incident, read Jonathan Corbet’s excellent piece on the Linux Foundation Website – The Cracking of kernel.org

 

 

Share Your Thoughts: Facebooktwitterlinkedin