Ubuntuforums.org Hacked - Slashdot

Please create an account to participate in the Slashdot moderation system

×

Ubuntuforums.org Hacked 146

Posted by Soulskill on Sunday July 21, 2013 @01:12AM from the another-one-falls dept.

satuon writes "The popular Ubuntu Forums site is now displaying a message saying there was a security breach. What is currently known: Unfortunately the attackers have gotten every user's local username, password, and email address from the Ubuntu Forums database. The passwords are not stored in plain text. However, if you were using the same password as your Ubuntu Forums one on another service (such as email), you are strongly encouraged to change the password on the other service ASAP. Ubuntu One, Launchpad and other Ubuntu/Canonical services are NOT affected by the breach."

This discussion has been archived. No new comments can be posted.

Ubuntuforums.org Hacked

Search 146 Comments Log In/Create an Account

Comments Filter:

Re:That's what you get for running Ubuntu (Score:5, Informative)

by akh ( 240886 ) writes: <slashdot@alephnu l l . net> on Sunday July 21, 2013 @01:30AM (#44340349)

Um, what? For the base server install you get no network services installed whatsoever (not even SSHd). As for size, a base install of the current server version of Ubuntu is ~64MB of disk space IIRC. That's hardly what I'd call bloated.

Parent Share
twitter facebook
Re:Should have used Windows. (Score:3, Informative)

by Anonymous Coward writes: on Sunday July 21, 2013 @03:20AM (#44340645)

Here you go, tlhIngan. If it's so easy, provide the password or a collision in the next 3 days.
tlhIngan:$6$PsLtDfSP$SISVIa7tbcxdIN6StnZMF.l6Vw1/mZFIrKmNUAidG7k090l5bLUqBZF/ItMU2A0RzhHQyMnH40t67tIVl.6VB0:15907:0:99999:7:::
I'll even cheat and tell you it's a combination of upper, lower, punctuation and numbers...

Parent Share
twitter facebook
Re:Password policy (Score:3, Informative)

by Anonymous Coward writes: on Sunday July 21, 2013 @03:34AM (#44340667)

I remember reading the following advice - if you're unsure about the security of any company with whom you've got a password-secured account with, just check to see if they have some kind of password recovery link on their login page. Normally these links should email you with a temporary password so you can make a new one, but if they happen actually email you with your actual password... RUN!!!
Because that's a totally accurate way of judging their security. Sarcasm aside, it's possible to use hashes badly (like unsalted MD5) and it's possible to encrypt passwords so that they're secure in the database and yet still retrievable (because the vast majority of attacks involve revealing database information, not executing code or downloading files).
Guess what the best advice is? Use a different password for every site.

Parent Share
twitter facebook
Re:But Linux is more secure with many eyes! (Score:3, Informative)

by Anonymous Coward writes: on Sunday July 21, 2013 @07:32AM (#44341237)

Wrong [wikipedia.org]

Parent Share
twitter facebook

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

Related Links Top of the: day, week, month.

390 comments32-Hour Workweek for America Proposed by Senator Bernie Sanders
358 commentsWhat Should Happen to Empty Downtown Office Spaces?
340 commentsHacktivism Erupts In Response To Hamas-Israel War
324 comments'Feedback' Is Now Too Harsh. The New Word is 'Feedforward'
248 commentsWorkers are Resisting Calls to Return to Offices

The moon is made of green cheese. -- John Heywood