SecurityPortal: A Matter of Trust: How Apache.org Was CompromisedJun 06, 2001, 21:00 (0 Talkback[s])
(Other stories by Kurt Seifried)
WEBINAR: On-demand Event
Replace Oracle with the NoSQL Engagement Database: Why and how leading companies are making the switch REGISTER >
Kurt Seifried discusses how Apache.org was compromised, offering that part of a growing problem we face in computer security is trust: "The SSH protocol is used to secure these connections with strong encryption, which provides a tunnel between the two communicating machines. Furthermore, it is assumed that the end developer's machine is secure, and that there are no keystroke loggers running, or items like KeyGhost hooked up to the machine. Herein lies a problem. More and more people are using machines that are not always secure or should not be considered "trusted."
"The number of publicly available terminals in libraries, educational computer labs, cafe's and other places has exploded in the last few years. The vast majority of these machines are not very well secured, ranging from Linux machines in a private cubicle (where LILO was not locked down) to windows machines that will cheerfully boot from a floppy disk.
0 Talkback[s] (click to add your comment)