Ubuntu forum hacked

[OVERKILL]

http://ubuntuforums.org/announce.html

Quote:

Ubuntu Forums is down for maintenance

There has been a security breach on the Ubuntu Forums. The Canonical IS team is working hard as we speak to restore normal operations. This page will be updated with progress reports.

What we know

Unfortunately the attackers have gotten every user's local username, password, and email address from the Ubuntu Forums database.
The passwords are not stored in plain text, they are stored as salted hashes. However, if you were using the same password as your Ubuntu Forums one on another service (such as email), you are strongly encouraged to change the password on the other service ASAP.
Ubuntu One, Launchpad and other Ubuntu/Canonical services are NOT affected by the breach.
Progress report

2013-07-20 2011UTC: Reports of defacement
2013-07-20 2015UTC: Site taken down, this splash page put in place while investigation continues.
2013-07-21: we believe the root cause of the breach has been identified. We are currently reinstalling the forums software from scratch. No data (posts, private messages etc.) will be lost as part of this process.
2013-07-22: work on reinstalling the forums continues.


Not the most confidence inspiring thing....

 

[daves87rs]

Scary....

 

[crazyoildude]

i use different passwords on everything

 

[Garak]

Originally Posted By: OVERKILL
Not the most confidence inspiring thing....

The passwords not being in plain text is probably far ahead of corporate databases, let alone message forums.

 

[OVERKILL]

Originally Posted By: Garak
Originally Posted By: OVERKILL
Not the most confidence inspiring thing....

The passwords not being in plain text is probably far ahead of corporate databases, let alone message forums.

True, but the fact that there was an infiltration and the ability to get all that data in the first place is a bit scary nonetheless.

 

[Nick R]

Yeah I got a couple emails from them this morning- I made an account a few years back with them- 4/5 years ago now. I don't remember what password I was using at the time though :\

 

[S_Walmer]

I just installed Kubuntu 12.04 LTS on a new to me 1yr old dell inspirion laptop I repaired about 2 weeks ago, never signed up for the ubuntu forum but I do use ubuntu one cloud storage. Although they say it hasn't, hopefully it has not been compromised as well. Not that I have any sensitive data on there, I just hate snoops.

 

[Garak]

Originally Posted By: OVERKILL
True, but the fact that there was an infiltration and the ability to get all that data in the first place is a bit scary nonetheless.

For sure. It is kind of a strange situation. I'm glad when people or groups decide the store the information securely rather than assume their databases are immune from intrusion. Nonetheless, I'm puzzled as to why someone would want to hack the Ubuntu forums user list. Obviously, if they were able to retrieve passwords, they could try them elsewhere. But, there is no storage of credit card information. It just seems like a low value target. Then again, some people just like to play around. Maybe they wanted to troll the forum from an established user name.

Maybe when I go back there, I'll see a bunch of messages from me thanking Bill Gates for all his accomplishments or something similar.

 

[Mystic]

I assume they were using Linux servers. It is a Ubuntu users forum, right? So apparently Linux servers are not invincible either.

 

[Garak]

I don't think anyone claimed they were invincible. Linux's "market share" with respect to servers is obviously much, much higher than it is in the consumer market. Yet, servers are still hacked. Having fewer vulnerabilities and a better overall security policy are guarantees of nothing.

The kernel is still extraordinarily safe and the OS's security policies ensure it's very well protected from most malware attacks.

 

[Mystic]

Obviously not all.

 

[Nick R]

Originally Posted By: Mystic
Obviously not all.


A talented hacker who knows the system will be able to bypass most if not all standard protection systems.

 

[SwampSurvivor]

Has nothing to do with the Linux kernel itself. Likely someone got in through one of the running services - apache, sql, etc.

 

[uc50ic4more]

Wow, guys - especially Mystic, again: Ubuntu was not hacked - THEIR FORUMS WERE HACKED. The forums run vBulletin software. THAT was the part that was hacked. It had not been updated by one of the volunteers that help administer the forums.

Originally Posted By: Mystic
I assume they were using Linux servers. It is a Ubuntu users forum, right? So apparently Linux servers are not invincible either.


Please explain, Mystic. I'll wait. You seem to know enough to make these assertions a lot. We call it FUD, and you're full of it!

How does the OS running the server that the forum software runs atop have anything to do with anything? You know THIS forum runs on Linux, too, right? It is also a minor version behind, as I recall. EDIT: Yup - Current is 7.5.7, BITOG is using 7.5.6 - Is there an unpatched security vulnerability here?

This has zero to do with the OS they were running the servers on. THE SERVER WAS NOT HACKED. If these forums were hacked would you consider motor oil to be less secure?

 

[Papa Bear]

 

[OVERKILL]

Originally Posted By: uc50ic4more
Wow, guys - especially Mystic, again: Ubuntu was not hacked - THEIR FORUMS WERE HACKED. The forums run vBulletin software. THAT was the part that was hacked. It had not been updated by one of the volunteers that help administer the forums.

Originally Posted By: Mystic
I assume they were using Linux servers. It is a Ubuntu users forum, right? So apparently Linux servers are not invincible either.


Please explain, Mystic. I'll wait. You seem to know enough to make these assertions a lot. We call it FUD, and you're full of it!

How does the OS running the server that the forum software runs atop have anything to do with anything? You know THIS forum runs on Linux, too, right? It is also a minor version behind, as I recall. EDIT: Yup - Current is 7.5.7, BITOG is using 7.5.6 - Is there an unpatched security vulnerability here?

This has zero to do with the OS they were running the servers on. THE SERVER WAS NOT HACKED. If these forums were hacked would you consider motor oil to be less secure?


Good post

And right on the money. Somebody was asleep at the wheel IMHO and didn't keep things up-to-date.

 

[Mystic]

Okay, so software running on the server was hacked. So why do people make a big deal about a Windows server or desktop computer being hacked when the software that was actually hacked was Java, or Flash, or Adobe Reader, or some freeware software program? You do know I suppose that most attacks on Windows 7 software, especially 64 bit Windows 7 software, is through Java, Flash, or Adobe Reader, right? It is estimated that 70% of all attacks on Windows 7 software are through exploits in Java, Flash, or Adobe Reader. And most of the attacks currently on Windows computers are on Windows XP computers. A 12 year old operating system that needs to be retired.

Not to mention the fact that probably most people who own Apple Computers are still not even using antivirus software. In fact, I have met Apple Computer users who did not know how to turn their software firewalls on. But there are still relatively few attacks on Apple Computers. The one big attack was the Flashback Trojan or whatever you want to call it.

It seems like if there is a major attack on Windows computers everybody is ready to condemn Microsoft and Windows (and Bill Gates, even though he is retired), even if the attack was made possible through a hole in JAVA, FLASH, or ADOBE READER!

Just one more thing: I was attacked twice when I visited websites where people were being encouraged to use Linux operating systems. Years ago I thought about switching to using Linux and I was a little bit discouraged from doing so by the arrogance of some Linux proponents, by the attacks that took place when I was merely visiting websites where Linux was promoted, and because it seemed like hardware I was using and needed to print photographs and scan negatives and slides were never, NEVER, made compatible with Linux operating systems. So it is a little personal with me because of the attacks that I experienced. Attacks that took place when I merely visited websites where people were promoting Linux and talking about Linux. Seemed to be a few issues with security back in those days too.

And then whenever I went to a Windows website like the Windows Supersite there was always a Linux troll telling everybody how superior Linux was and how everybody should switch. As terrible as Windows may be at least my printers and scanners seemed to work.

 

[yonyon]

Originally Posted By: uc50ic4more


This has zero to do with the OS they were running the servers on. THE SERVER WAS NOT HACKED. If these forums were hacked would you consider motor oil to be less secure?


Are you saying that if this forum were hacked motor oil wouldn't be less secure?

 

[Garak]

Originally Posted By: Miller88
Has nothing to do with the Linux kernel itself. Likely someone got in through one of the running services - apache, sql, etc.

Absolutely. A service is not exactly the kernel.

@uc50ic4more: If this place gets hacked, I guess I'm onto 3,000 mile OCIs only on PU, M1 EP, Amsoil Signature Series, or an ultra-expensive boutique.

@Mystic: The big deal when Java, Flash, or the like get attacked on a Windows machine is the level of permission that Windows grants to Java, Flash, or any other software installed. Given even the most prolific virus/malware Windows issues over the past ten years (ignoring the hype), if even one of them had been written by someone really bent on destroying data vital to the computer, there would have been millions of people reinstalling Windows. Fortunately (or unfortunately depending upon your viewpoint), most serious hacking/malware/virus attempts are based upon obtaining DDOS resources or scamming money. The hacker that delights in his victim accidentally formatting his hard drive isn't so common any longer.

Getting a program to delete stuff vital to the OS in Linux or installing something unwanted is a little more difficult. I don't have much useful data on the computer, so I'd be more peeved at an attack that installed something unwanted or made me reinstall the operating system than I would at someone looking at my data.

Of course, everyone is different, and I wouldn't want to be in the shoes of someone who was the victim of identity theft, either.

 

[Mystic]

I just wanted for you to understand where I am coming from. It is sort of personal for me because like I said years ago when I merely visited websites where people were talking about Linux operating systems and promoting Linux I was attacked twice. That makes it kind of personal. And makes me question the vaulted security of Linux or else the honesty of some of the people promoting Linux.

Kind of irritating also if you visit a Windows website and you have to put up with trolls endlessly trying to talk people into converting to Linux. And for that matter Mac trolls trying to get people to switch to Apple Computers. I felt like getting a login and asking the Linux trolls what they were doing there. If Windows operating systems are such trash why would they hang around a Windows website?

When we got new computer systems a while back at work I worked with a programmer who was installing the new equipment. That programmer was Linux to the core. Every chance he got he tried to put down Microsoft and Windows. But I almost laughed because he had to use Windows software to do his work. He couldn't do it with Linux software.

And a while back I cam across information about a German security firm discovering that Linux servers are attacked more than Windows servers or other types of servers.

I admit that Windows software doe snot have a wonderful record for security. But I will also say that Windows software has a much better record for software and hardware compatibility.

And the programmers at Microsoft and Apple are just as good as Linux programmers.