GNU Savannah Site Compromised

Trailrunner7 writes "A site belonging to the Savannah GNU free software archive was attacked recently, leading to a compromise of encrypted passwords and enabling the attackers to access restricted project material. The compromise was the result of a SQL injection attack against the savannah.gnu.org site within the last couple of days and the site is still offline now. A notice on the site says that the group has finished the process of restoring all of the data from a clean backup and bringing up access to some resources, but is still in the middle of adjusting its security settings."

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:But Linux is TEH SAFEZORZ!

[MichaelSmith]

I thought Linux was always 100% secure, completely unhackable, because they're the admins are experts and the software has built in security! You mean ... it's not true?

Maybe this one runs HURD.

Suggestion

[Anonymous Coward]

They should use Windows 7. They could avoid this kind of attack.

Re:Sequel

[butalearner]

a SQL injection

Well, we know how the author pronounces SQL now; I have always preferred "an SQL injection"---that is, "S.Q.L."

What, you don't mentally pronounce all acronyms? Well, now, aren't you just a SOB.