Top Page
Delete this message
Reply to this message
Author: Arnt Karlsen
To: dng
Subject: Re: [DNG] *** DEVUAN.ORG HAS BEEN PWNED *** , message -- UPDATE
On Mon, 1 Apr 2019 00:21:58 +0200, KatolaZ wrote in message

> On Sun, Mar 31, 2019 at 09:12:39PM +0200, KatolaZ wrote:
> [cut]
> >
> > Just an update on the current situation: it looks like the machines
> > on which pkgmaster (the main package repository server) and
> > amprolla are run are safe. They are on a separate piece of
> > infrastructure and there have not been compromised.
> >
> > So packages from pkgmaster.devuan.org, packages.devuan,org, and
> > deb.devuan.org should be safe anyway (and the repos are signed, so
> > any inconsistency would be immediatedly flagged by apt).
> >
> > We are working to restore the other machines.
> >
> Just to let you know that Devuan's caretakers got anonymous emails
> from a group who identified themselves as "Green Hat Hackers". They
> insisted on the last line of the pwned website. If you have any clue,
> let us know.
> Updates will follow.

..http://devuanzuwu3xoqwp.onion/ is (still?) up now, you guys
still have control over it & access to it?

..if you never lost control over it, we might get away with
checksumming our mirrors, rather than rebuilding overything.
Do we know when this "joke" started? Or planned?

..med vennlig hilsen = with Kind Regards from Arnt Karlsen
...with a number of polar bear hunters in his ancestry...
Scenarios always come in sets of three:
best case, worst case, and just in case.