Last week, Linux websites are hacked by some unknown Hackers. So All linux foundation websites are down for maintenance. They put message about security breach on their main page. Linux.com is still in maintenance. This is official FAQ from Linux.com about the Security Breach.
We want to thank you for your questions and your support. We hope this FAQ can help address some of your inquiries.
Q: When will Linux Foundation services, such as events, training and Linux.com be back online?
Our team is working around the clock to restore these important services. We are working with authorities and exercising both extreme caution and diligence. Services will begin coming back online in the coming days and will keep you informed every step of the way.
Q: Were passwords stored in plaintext?
The Linux Foundation does not store passwords in plaintext. However an attacker with access to stored password would have direct access to conduct a brute force attack. An in-depth analysis of direct-access brute forcing, as it relates to password strength, can be read at http://www.schneier.com/blog/archives/2007/01/choosing_secure.html. We encourage you to use extreme caution, as is the case in any security breach, and discontinue the use of that password if you re-use it across other sites.
Q: Does my Linux.com email address work?
Yes, Linux.com email addresses are working and safe to use.
Q: What do you know about the source of the attack?
We are aggressively investigating the source of the attack. Unfortunately, we can't elaborate on this for the time being.
Q: Is there anything I can do to help?
We want to thank everyone who has expressed their support while we address this breach. We ask you to be patient as we do everything possible to restore services as quickly as possible.
We want to thank you for your questions and your support. We hope this FAQ can help address some of your inquiries.
Q: When will Linux Foundation services, such as events, training and Linux.com be back online?
Our team is working around the clock to restore these important services. We are working with authorities and exercising both extreme caution and diligence. Services will begin coming back online in the coming days and will keep you informed every step of the way.
Q: Were passwords stored in plaintext?
The Linux Foundation does not store passwords in plaintext. However an attacker with access to stored password would have direct access to conduct a brute force attack. An in-depth analysis of direct-access brute forcing, as it relates to password strength, can be read at http://www.schneier.com/blog/archives/2007/01/choosing_secure.html. We encourage you to use extreme caution, as is the case in any security breach, and discontinue the use of that password if you re-use it across other sites.
Q: Does my Linux.com email address work?
Yes, Linux.com email addresses are working and safe to use.
Q: What do you know about the source of the attack?
We are aggressively investigating the source of the attack. Unfortunately, we can't elaborate on this for the time being.
Q: Is there anything I can do to help?
We want to thank everyone who has expressed their support while we address this breach. We ask you to be patient as we do everything possible to restore services as quickly as possible.