Fedora To Implement Security Changes

**phoronix** · 10-12-2011, 02:10 PM

Phoronix: Fedora To Implement Security Changes

In wake of Kernel.org, The Linux Foundation, and WineHQ being compromised, the Fedora Project has mandated new security changes...

http://www.phoronix.com/vr.php?view=MTAwMDA

**deanjo** · 10-12-2011, 02:12 PM

Well at least all these breaches are resulting in some positive change in attitudes towards security. It has been a good wake up call.

**89c51** · 10-12-2011, 02:33 PM

Originally Posted by deanjo

Well at least all these breaches are resulting in some positive change in attitudes towards security. It has been a good wake up call.

Good thing that they started taking care of things like that but its something that doesn't affect the end user much (or at all). Its a dev and infrastructure thing.

**liam** · 10-12-2011, 04:03 PM

Originally Posted by deanjo

Well at least all these breaches are resulting in some positive change in attitudes towards security. It has been a good wake up call.

You read my mind.
I was especially pissed at the kernel.org breaches but having thought about it I would guess it wasn't malicious (I've yet to hear of any tampering) and this kernel.org's fault. EVERY admin should be checking themselves after the sony breach and to see that they haven't makes me a bit angry.
Anyway, lets at least make things difficult for the hackers but securing things properly and not waiting for a breach.

**deanjo** · 10-12-2011, 06:09 PM

Originally Posted by 89c51

Its a dev and infrastructure thing.

Have they actually figured out yet how they gained access? Last I heard is that they still were at a loss as to how those credentials were gained.

**tweak42** · 10-12-2011, 06:55 PM

Is this is a sign that linux has achieved mainstream (aka target), or just rise in security attacks on sites in general?

**balouba** · 10-12-2011, 08:13 PM

And in 5 years from now they'"ll ask 40 chars long passwords.
Sorry, it's just dumb. That's not secure. That's copy pasting or enforcing super dumb password

If you're into that, then use digital keys for EVERYTHING. That's much more secure than using a space and a bang in your password.
Here's my compliant password.
! qwertyqwertyqwertyqwertyqwertyqwertyqwerty2011
when you're going to ask me to reset it in 30 days, it'll be ! qwertyqwertyqwertyqwertyqwertyqwertyqwerty2012
thank you very much.

**deanjo** · 10-12-2011, 08:24 PM

Originally Posted by balouba

And in 5 years from now they'"ll ask 40 chars long passwords.
Sorry, it's just dumb. That's not secure. That's copy pasting or enforcing super dumb password

Unfortunately it is about as good as it gets until things like quantum encrypted connections with biometric recognition becomes an everyday reality.

**bridgman** · 10-12-2011, 08:29 PM

"Place your head in the electronic chamber and think about your password"

**deanjo** · 10-12-2011, 08:30 PM

Originally Posted by bridgman

"Place your head in the electronic chamber and think about your password"

What could go wrong ?

Hmmm, remember the "Cone of silence" in Get Smart?

http://www.youtube.com/watch?v=g1eUIK9CihA

Thread: Fedora To Implement Security Changes

Thread Tools

Search Thread

Display

Fedora To Implement Security Changes

Posting Permissions