Seemingly nothing about the HACK on these forums - why?

Questions about other topics - please check if your question fits better in another category before posting here
Forum rules
Before you post read how to get help. Topics in this forum are automatically closed 6 months after creation.
Locked
AUserInEssex

Seemingly nothing about the HACK on these forums - why?

Post by AUserInEssex »

No official announcement?

I am deleting my forum account.
AUserInEssex

Re: Seemingly nothing about the HACK on these forums - why?

Post by AUserInEssex »

PS: I tried to delete my board cookies - via a function the forum provides - before leaving. Note for others: this logs you off the forum.
User avatar
jimallyn
Level 19
Level 19
Posts: 9075
Joined: Thu Jun 05, 2014 7:34 pm
Location: Wenatchee, WA USA

Re: Seemingly nothing about the HACK on these forums - why?

Post by jimallyn »

Didn't search very hard did you? There have been several threads about it, one of which had a link to Clem's blog post in it.
“If the government were coming for your TVs and cars, then you'd be upset. But, as it is, they're only coming for your sons.” - Daniel Berrigan
mintybits

Re: Seemingly nothing about the HACK on these forums - why?

Post by mintybits »

I have the same question!

I was expecting to see an obvious link on the home page to an explanation of what happened. I thought there must be a sticky in Announcements, at least. But I can't find anything.

It is annoying because this appears to be a security threat to me. According to this http://www.zdnet.com/article/hacker-hun ... TRE17cfd61 my email address and password may be available to hackers now. So I have had to spend some time locating and changing every website login that I use. Fortunately, I didn't put any other confidential info in my profile.

The worst thing is that I only found out from my brother who happened across the article. Why didn't the Mint Forums email everyone to warn them of the security breach?

So far I am not impressed. First by the security breach which was major. And secondly by how this has (not) been communicated to people like me who are affected.
Ark987

Re: Seemingly nothing about the HACK on these forums - why?

Post by Ark987 »

jimallyn wrote:Didn't search very hard did you? There have been several threads about it, one of which had a link to Clem's blog post in it.
You are asking us to crawl the forum like Google does to the internet :lol: I completely agree with the OP a sticky post in the Announcement section is missing. However we have to wait a little bit, could be that the admins are busy right now...
MintBean

Re: Seemingly nothing about the HACK on these forums - why?

Post by MintBean »

There IS an official announcement on the front page.
The hack HAS been the subject of a number of threads on this forum.
The Mint team HAS issued a software update (which is automatically available through the normal software updates) for potentially affected installs which will warn the user.
The Mint team HAS taken steps to beef up the forum board security.
The Mint team HAS been very transparent on this and HAS responded to individual questions in response to the news item where appropriate.

@mintybits- you complain about security when you but use the same password across multiple sites? That's a real security no-no. I do agree with you however that they should have sent emails out to forum users in order to inform people as soon as possible.
Acewiza

Re: Seemingly nothing about the HACK on these forums - why?

Post by Acewiza »

It's also been reported and analyzed by several 3rd party entities, Engadget, et al. Sad to say, even with best practices implemented, nobody is immune and this type thing is not really all that uncommon these days. Damage control, response speed and effectiveness and transparency in disclosures are the hallmarks of truly professional security teams.

Calm down and save the alarmist rhetoric for some other online soap opera.
Acewiza

Re: Seemingly nothing about the HACK on these forums - why?

Post by Acewiza »

mintybits wrote:... my email address and password may be available to hackers now. So I have had to spend some time locating and changing every website login that I use...
You appear to be your own worst enemy in terms of cyber-security.
wong

Re: Seemingly nothing about the HACK on these forums - why?

Post by wong »

Hacks happen, an email would have been nice.

I get 'Welcome to the Forums' & 'Your Post has been approved' emails from the Admin team, this seem at least as worthy.
User avatar
Spearmint2
Level 16
Level 16
Posts: 6900
Joined: Sat May 04, 2013 1:41 pm
Location: Maryland, USA

Re: Seemingly nothing about the HACK on these forums - why?

Post by Spearmint2 »

viewtopic.php?f=90&t=217171

a discussion thread that doesn't directly address what happened and gets off into things that didn't happen, but maybe worth a read.
All things go better with Mint. Mint julep, mint jelly, mint gum, candy mints, pillow mints, peppermint, chocolate mints, spearmint,....
User avatar
karlchen
Level 23
Level 23
Posts: 18179
Joined: Sat Dec 31, 2011 7:21 am
Location: Germany

Re: Seemingly nothing about the HACK on these forums - why?

Post by karlchen »

Question
Seemingly nothing about the HACK on these forums - why?
Answer
  • It can only seem so, in case you insist on keeping your eyes wide shut. - cf. MintBean's post.
  • The link to the info about the hack can be found on the Mint homepage currently. Linux Mint. Admittedly a very well hidden location and outside the forums. :wink:
    Beware of hacked ISOs if you downloaded Linux Mint on February 20th!
    This article was posted on Sun, 21 Feb 2016 01:44:13 +0000
    I’m sorry I have to come with bad news. We were exposed to an intrusion today. It was brief and it shouldn’t impact many people, but if it impacts you, it’s very important you read the information below. What happened? Hackers made a modified Linux Mint ISO, with a backdoor in it, and managed to […]
    Read more
  • Published the links to the two relevant Mint blog posts in an announcement here. Might have done so a day earlier. True.
Image
The people of Alderaan have been bravely fighting back the clone warriors sent out by the unscrupulous Sith Lord Palpatine for 762 days now.
Lifeline
killer de bug

Re: Seemingly nothing about the HACK on these forums - why?

Post by killer de bug »

Ark987 wrote:You are asking us to crawl the forum like Google does to the internet :lol: I completely agree with the OP a sticky post in the Announcement section is missing. However we have to wait a little bit, could be that the admins are busy right now...
I don't agree with you at all.

If I look for an official announcement, I look on the official web site. Not on the forum.
This is true for every company and not only for Linux Mint.

Therefore I assume that communication was handle in a very reactive and very professional way.
Ark987

Re: Seemingly nothing about the HACK on these forums - why?

Post by Ark987 »

killer de bug wrote: I don't agree with you at all.

If I look for an official announcement, I look on the official web site. Not on the forum.
This is true for every company and not only for Linux Mint.

Therefore I assume that communication was handle in a very reactive and very professional way.
The database of this forum was compromised containing at least the email address of all registered users. By the time of this writing it has been already addressed, still I don't see a valid reason of not announcing it here.

User awareness is part of security, in some cases the only and most important one.
User avatar
Moem
Level 22
Level 22
Posts: 16227
Joined: Tue Nov 17, 2015 9:14 am
Location: The Netherlands
Contact:

Re: Seemingly nothing about the HACK on these forums - why?

Post by Moem »

Ark987 wrote: The database of this forum was compromised containing at least the email address of all registered users. By the time of this writing it has been already addressed, still I don't see a valid reason of not announcing it here.
So you're saying that it has been announced and there is no good reason not to announce it? Well, I can't argue with that... but I'm not sure I see your point.
Image

If your issue is solved, kindly indicate that by editing the first post in the topic, and adding [SOLVED] to the title. Thanks!
Ark987

Re: Seemingly nothing about the HACK on these forums - why?

Post by Ark987 »

M0em wrote:
Ark987 wrote: The database of this forum was compromised containing at least the email address of all registered users. By the time of this writing it has been already addressed, still I don't see a valid reason of not announcing it here.
So you're saying that it has been announced and there is no good reason not to announce it? Well, I can't argue with that... but I'm not sure I see your point.
You people.... Would you mind to read the time and date of each post?

There is 12 hours difference from that official post and the 1st post of this thread, and ~ 1 hour of difference between my 1st post here and the official one. This post can be locked as it has serve it purpose, everything else will lead to flaming.
Locked

Return to “Other topics”