去ubuntu社区逛下来着,结果发现说ubuntu被attackers袭击,帐号,e-mail,被加密的口令都被拿走了.

访问 http://ubuntuforums.org 的任何页面,都会被直接跳转到http://ubuntuforums.org/announce.html,只有一个公告,表示正在维护中,大致内容如下:

Ubuntu Forums is down for maintenance

There has been a security breach on the Ubuntu Forums. The Canonical IS team is working hard as we speak to restore normal operations. This page will be updated with progress reports.

What we know

  • Unfortunately the attackers have gotten every user's local username, password, and email address from the Ubuntu Forums database.
  • The passwords are not stored in plain text, they are stored as salted hashes. However, if you were using the same password as your Ubuntu Forums one on another service (such as email), you are strongly encouraged to change the password on the other service ASAP.
  • Ubuntu One, Launchpad and other Ubuntu/Canonical services are NOT affected by the breach.
Progress report
  • 2013-07-20 2011UTC: Reports of defacement
  • 2013-07-20 2015UTC: Site taken down, this splash page put in place while investigation continues.
  • 2013-07-21: we believe the root cause of the breach has been identified. We are currently reinstalling the forums software from scratch. No data (posts, private messages etc.) will be lost as part of this process.
  • 2013-07-22: work on reinstalling the forums continues.
......

虽然ub社区表示很抱歉,但我们可以从介绍中看到,密码是salted hash过的,我们其实不用怎么担心的.

常在河边走,哪有不湿鞋.被袭击是一件很正常的事情,而被袭击成功也是很正常的 -- 世上哪有金城汤池能抵御所有的攻击?问题是,至少要注意两点,首先,预防措施要做好,各种补丁之类的尽量更新到最新.虽然我们无法完全抵御攻击,但做好准备后,就算被拿下也可以和用户交代了.其次,要做好被攻击成功的打算.口令什么的变成salted hashes是必须的--每当到这个时候,我都想起CSDN这个袭击者的良心.

BTW,这几天出问题最大的是Apache的Struts2.好家伙,为了证明这个漏洞"确实存在",apache特意写出个攻击的sample code,手把手做了个官方版的攻击教程..Ubuntu难道也用了Struts2架构?看地址栏貌似不是啊...

Categories: Code

Yu

Ideals are like the stars: we never reach them, but like the mariners of the sea, we chart our course by them.

6 Comments

imlonghao · August 10, 2013 at 10:22

Google Chrome 27.0.1453.116 Google Chrome 27.0.1453.116 Windows 7 Windows 7

话说attackers这个词我第一次见。。=.=;

    yu · August 10, 2013 at 20:01

    Google Chrome 28.0.1500.71 Google Chrome 28.0.1500.71 GNU/Linux x64 GNU/Linux x64

    因为不怎么想用hacker这个词.
    在我心中,Kevin Mitnick,rtm什么的才是..

枫叶红秋雨 · August 2, 2013 at 17:20

Google Chrome 28.0.1500.71 Google Chrome 28.0.1500.71 Mac OS X  10.8.4 Mac OS X 10.8.4

现在到处都是不安全

reizhi · July 29, 2013 at 21:27

Google Chrome 29.0.1547.32 Google Chrome 29.0.1547.32 Windows 8 x64 Edition Windows 8 x64 Edition

真是一点道德都没有,你抓个肉鸡也就算了,弄别人数据库作甚

    yu · July 29, 2013 at 22:31

    Google Chrome 28.0.1500.71 Google Chrome 28.0.1500.71 GNU/Linux x64 GNU/Linux x64

    恐怕只是习惯性拿点数据看看吧..蛋疼..

HKSG · July 27, 2013 at 18:18

Google Chrome 28.0.1500.71 Google Chrome 28.0.1500.71 Mac OS X  10.7.5 Mac OS X 10.7.5

希望網站能盡快修復吧

Leave a Reply to reizhi Cancel reply

Your email address will not be published. Required fields are marked *