Page 1 of 2 12 LastLast
Results 1 to 10 of 35

Thread: The Wine Project Was Compromised

Hybrid View

  1. #1
    Join Date
    Jan 2007
    Posts
    13,397

    Default The Wine Project Was Compromised

    Phoronix: The Wine Project Was Compromised

    Jeremy White of CodeWeavers has announced that the WineHQ database system, used by Wine for its BugZilla and for its application rating system, was compromised by hacker(s)...

    http://www.phoronix.com/vr.php?view=OTk5NQ

  2. #2
    Join Date
    Sep 2007
    Location
    Connecticut,USA
    Posts
    941

    Default

    This makes you think software projects are under attack and what is there to gain by doing such thing?

  3. #3
    Join Date
    Mar 2009
    Posts
    14

    Default

    Quote Originally Posted by DeepDayze View Post
    This makes you think software projects are under attack and what is there to gain by doing such thing?
    Treasure trove of login info, since people on average probably use higher quality email accounts when bug reporting.

  4. #4
    Join Date
    Mar 2011
    Posts
    16

    Default

    I certainly do so (my "real name mail"), but what in the world could drive someone to use the same password on a non related website or a bugtracker that he uses for his mail account.

  5. #5
    Join Date
    Nov 2010
    Posts
    249

    Default

    Microsoft, was that you?

  6. #6
    Join Date
    Dec 2007
    Posts
    677

    Default

    I hope Phoronix is secure

  7. #7

    Default

    Quote Originally Posted by phoronix View Post
    Phoronix: The Wine Project Was Compromised

    Jeremy White of CodeWeavers has announced that the WineHQ database system, used by Wine for its BugZilla and for its application rating system, was compromised by hacker(s)...

    http://www.phoronix.com/vr.php?view=OTk5NQ
    Please tell me that their passwords used hashing, rather than encryption, and that they used very long salt.

    By the way, I regret to say that I predicted this sort of intrusion in a project I am coding two months ago. I made sure that PHPMyAdmin was restricted to the loopback device so that all access would require SSH port forwarding. Had the WINE developers done the same, this would never have happened.
    Last edited by Shining Arcanine; 10-12-2011 at 10:01 AM.

  8. #8
    Join Date
    May 2007
    Location
    Third Rock from the Sun
    Posts
    6,532

    Default

    Quote Originally Posted by Shining Arcanine View Post
    Please tell me that their passwords used hashing, rather than encryption, and that they used very long salt.
    Are you implying that '123456' is not a good enough password? :P

  9. #9

    Default

    Quote Originally Posted by deanjo View Post
    Are you implying that '123456' is not a good enough password? :P
    I am implying that it is incredibly easy to brute force unsalted passwords.

  10. #10
    Join Date
    Jan 2009
    Posts
    1,517

    Default

    Microsoft is behind this



    ...puts on Faraday cage helmet

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •