Categories

Kernel Archives Hacked, SCO Dies Again, More HP Changes & More

Friday FOSS Week in Review

It’s been a busy week in the FOSS world. Evidently everyone’s been in a hurry to make some news happen before leaving town for the Labor Day weekend. Well, lots of FOSS news is good for me, makes my job easy, so here goes…

HP Makes PR Changes After WebOS/PC Fiasco

I’ve been working on a story all week on the mess at HP caused by the all-at-once and probably premature announcement they’re dropping WebOS, smartphones and consumer PCs. One trouble, I keep having to go back and rewrite stuff, because the story is still very, very fluid and new aspects keep popping up almost daily.

On Monday, Bloomberg Businessweek announced that HP’s chief communications officer, Bill Wohl, will be moving to a “special assignment.” Chief Marketing Officer Marty Homlish will be picking up the slack with the corporate communications team and Lynn Anderson will take care of PR’s day-to-day operations, at least for the time being. According to the Bloomberg, both Wohl and Homlish have a history with CEO Leo Apotheker that predates his tenure at HP:

“Wohl, 49, was hired in January to handle communications under Chief Executive Officer Leo Apotheker. The two men had previously worked together at SAP AG, where Apotheker was CEO. Homlish, who also worked under Apotheker at SAP as chief marketing officer, joined Hewlett-Packard in April in the same role. This week’s changes were communicated to staffers in an e- mail late yesterday…”

Anderson, who has a techie background, has been with HP since 1983 and is Vice President of Influencer Marketing.

None of this will make any difference, for it doesn’t address the real problem which is Leo Apotheker, who seems to be the wrong CEO with the wrong company. Stay tuned.

Jon “maddog” Hall to Be a Keynote Speaker at This Year’s Ohio LinuxFest

This year’s Ohio LinuxFest is scheduled to kick-off one week from today, on Friday, September 9th at the Greater Columbus Convention Center in downtown Columbus. Day one of the three day event will include a “medical track” that will focus on Linux and open source software use in the health care industry, as well as an all-day event put on by Ubuntu called “Ubucon.” The day will end with Jon “maddog” Hall taking a look at Linux’ twenty year history.

The event looks informative and like it’ll be a lot of fun (I wish I could be there) and also a great opportunity for those seeking a career in Linux. On Sunday certification exams from the Linux Professional Institute will be available.

LXer’s got a pretty complete schedule posted for those who are interested.

Red Hat to Occupy Office Tower in Downtown Raleigh

We already knew that Red Hat planned to vacate their current home, Centennial Campus adjacent to North Carolina State University, to find new digs in the Raleigh area. On Friday, the Raleigh News & Observer reported that the search is over and the world’s largest open source company has found a new home. They’ll be moving into an office tower in downtown Raleigh being vacated by Progress Energy after merging with Charlotte based Duke Power:

“Red Hat considered constructing a building on several sites in downtown and around the county. That possibility would have supported hundreds of construction jobs, but it became much less likely after Progress and Duke announced plans to merge.

“Progress suddenly found itself needing to be rid of a long-term lease on a 366,000-square-foot building owned by J.P. Morgan Trust Co.

“Red Hat, meanwhile, was in the market for between 300,000 and 400,000 square feet of space.

“‘I’d say this is probably the worst kept secret in the real estate community,’ said Jack Dunn, a managing partner with Chartwell Property Group in Raleigh. ‘If you look at the real estate landscape, it’s probably the thing that makes the most sense for both Red Hat and Progress.’

“Red Hat, he said, saves a lot by subleasing an existing building instead of constructing one. And Progress finds a single tenant to take over a lease that runs through 2035.

“‘It was a one-in-a-million fit,’ Dunn said.

“When Progress will depart and Red Hat will move in has not yet been determined.”

FOSSers here in North Carolina, where FOSS Force is located, have every right to be proud to have Red Hat located in our state. Their move should prove to be a boon for downtown Raleigh.

SCO Still Doesn’t Own Unix

Although everybody-and-his-brother thought we were now through with SCO, they were in the news again this week. On Tuesday, InternetNews reported that it’s apparently over, done, finished and official. SCO still doesn’t own Unix copyrights:

“SCO was defeated again this week, this time it was an appeal (likely the final appeal) in the Novell vs. SCO case over who owns the Unix copyrights. This was the appeal of the verdict issued over year ago that confirmed Novell’s ownership.

“The wheels of justice in the U.S. sure do seem to move in slow motion at times.

“While this case has been on the appeals docket for such a long time, we haven’t heard much from what’s left of SCO. The company has now been splintered with UniXs Group running what used to be the product division and SCO itself just a shell for legal actions.

“Without ownership of the Unix copyrights, SCO really is dead (but they don’t seem to accept that fact and never have). Without those copyrights they can’t proceed against IBM or anyone else.”

I think we need to find the Munchkin coroner to declare SCO “not only merely dead, really most sincerely dead.” Maybe that’ll do it.

Hacker Gains Root Access on Linux Kernel Archives Server

Uh-oh, this doesn’t sound good. On Wednesday, the folks at kernel.org, the official store place of the Linux kernel, reported they’d been hacked:

“Earlier this month, a number of servers in the kernel.org infrastructure were compromised. We discovered this August 28th. While we currently believe that the source code repositories were unaffected, we are in the process of verifying this and taking steps to enhance security across the kernel.org infrastructure.”

Access was evidently gained using a “compromised user credential.” However, that wouldn’t explain how the intruder(s) gained root access. What damage was done? “Files belonging to ssh (openssh, openssh-server and openssh-clients) were modified and running live. A trojan startup file was added to the system start up scripts. User interactions were logged, as well as some exploit code.” The folks at Linux Kernel Archives go on to explain all the technical reasons why we don’t need to worry that the Linux kernel has been compromised. The next day, Linux developer Jonathan Corbet further reassured us on Linux.com that the situation is under control and that all versions of the Linux kernel are safe.

Questions remain however. Today Sam Varghese reported on iTWire that it took the admins at kernel.org seventeen days to discover they’d been hacked. Mr. Varghese thinks that’s a big deal, and perhaps it is. I know a lot of us could get hacked and never find out. I suspect, however, that the Linux archives folks will be keeping a pretty close watch on their servers for the time being. They might even set-up a honeypot or two…

**********

Well, that does it for this week. Have a nice weekend. I’ll see you on Monday (hopefully I’ll be through with the HP article by then). In the meantime, may the FOSS be with you…

The following two tabs change content below.
Christine Hall has been a journalist since 1971. In 2001, she began writing a weekly consumer computer column and started covering Linux and FOSS in 2002 after making the switch to GNU/Linux.

Latest posts by Christine Hall (see all)

4 comments to Kernel Archives Hacked, SCO Dies Again, More HP Changes & More

  • [...] Kernel Archives Hacked, SCO Dies Again, More HP Changes & More [...]

  • I had something similar happen to me on 2 servers that were running older versions of Fedora (Fedora 8) and somehow the SSHD daemon had been replaced. I discovered it right away because I had some nonstandard config settings and the hacked daemon didn’t handle them properly.

    In my case I seriously doube that they got hold of a legit user name or password and never did figure out how they got in.

  • Georgiy Treyvus

    Also the correct term to use for dicks like these is cracker. Of all news sites surely you guys should know that.

  • I know the use of hacker/cracker has been a debate by folks in the hacker community for quite a while, brought about by the fact that the vast majority of hackers are not bad guys. However, according to Dictionary.com, ONE of the definitions of the term “hacker” is: “a microcomputer user who attempts to gain unauthorized access to proprietary computer systems.”

    The same definition of the term is included in the definitions for “hacker” in other dictionaries as well. I’m sorry you don’t like my choice of terms. However, the word was used properly.