Lessons from the Linux Mint Hack

431

Unless you’re completely unplugged from the Linux news media, by now you’ve heard about the exploit that affected both the Linux Mint WordPress site and the Linux Mint 17.3 Cinnamon edition.

What you need to know:

  • Softpedia provides a solid account and breakdown of events. However, they did miss something…more on that later. If you’re into screen shots and the details of the event, check it out.
  • ISO Torrents were not affected.
  • SSL wouldn’t have protected swat. Don’t misunderstand, it does protect against OTHER potential attacks, but the initial point of entry was WordPress. Remember the entry point of attack was WordPress, so for this specific attack, Clem’s statement below is correct. However, offering anything for download without SSL in play is a special kind of dangerous. Let’s hope they keep the site offline until SSL is implemented. (Read the rest at Freedom Penguin)