Security through disinterest. What, me worry?<br><br><div class="gmail_quote">On Thu, Dec 8, 2011 at 12:47 PM, Elijah Post <span dir="ltr"><<a href="mailto:elijahpost@gmail.com">elijahpost@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;"><br><br><div class="gmail_quote">On Thu, Dec 8, 2011 at 12:46 PM, Elijah Post <span dir="ltr"><<a href="mailto:elijahpost@gmail.com" target="_blank">elijahpost@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
*facepalm*<div><div><br><br><div class="gmail_quote">On Thu, Dec 8, 2011 at 12:42 PM, Rubin Abdi <span dir="ltr"><<a href="mailto:rubin@starset.net" target="_blank">rubin@starset.net</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Andy noticed it time last night. The attacker most likely got in through<br>
exploits with an old mediawiki instance I had forgotten about from years<br>
ago, went in and added in some .htaccess redirects to some .ru domain. I<br>
don't have any evidence that they touched the wordpress DB, and your<br>
passwords are hashed up, but I'm email to let you know all this has<br>
happened.<br>
<br>
If you're not security conscience and reuse the same password for<br>
everything, I would highly recommend going around and changing your<br>
passwords right now. If you're smart and used a unique password for this<br>
wordpress instance, then you're good.<br>
<br>
Currently the blog is down. I'm going to do an export of it, move it<br>
over to a new VPS and hopefully not drag anything malicious along with<br>
it. I think I can recreate the user accounts just fine but there's a<br>
chance that wont happen and I'll have to recreate things from scratch,<br>
which is fine. Except that your passwords will get reset once the blog<br>
comes back online.<br>
<br>
Let me know if you've got any questions. Thanks!<br>
<span><font color="#888888"><br>
--<br>
Rubin<br>
<a href="mailto:rubin@starset.net" target="_blank">rubin@starset.net</a><br>
<br>
</font></span></blockquote></div><br><br clear="all"><span class="HOEnZb"><font color="#888888"><div><br></div></font></span></div></div><span class="HOEnZb"><font color="#888888"><span><font color="#888888">-- <br><div>
<font face="'arial narrow', sans-serif"><b style="background-color:rgb(255,255,255)"><u>Elijah Louis Spenser Post</u><br>
Mechanic (San Francisco Bike Kitchen)</b></font><div>
<font face="'arial narrow', sans-serif"><b style="background-color:rgb(255,255,255)">Participant (NoiseRep at Noisebridge)</b></font></div></div><br>
</font></span></font></span></blockquote></div><span class="HOEnZb"><font color="#888888"><br><br clear="all"><div><br></div>-- <br><div><font face="'arial narrow', sans-serif"><b style="background-color:rgb(255,255,255)"><u>Elijah Louis Spenser Post</u><br>
Mechanic (San Francisco Bike Kitchen)</b></font><div>
<font face="'arial narrow', sans-serif"><b style="background-color:rgb(255,255,255)">Participant (NoiseRep at Noisebridge)</b></font></div></div><br>
</font></span><br>_______________________________________________<br>
Noisebridge-discuss mailing list<br>
<a href="mailto:Noisebridge-discuss@lists.noisebridge.net">Noisebridge-discuss@lists.noisebridge.net</a><br>
<a href="https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss" target="_blank">https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss</a><br>
<br></blockquote></div><br><br clear="all"><br>-- <br>Everything should be made as simple as possible, but no simpler - <a href="http://en.wikipedia.org/wiki/Albert_Einstein" title="Albert Einstein" target="_blank">Albert Einstein</a><br>
Simplicity is the ultimate sophistication - <a href="http://en.wikipedia.org/wiki/Leonardo_Da_Vinci" title="Leonardo Da Vinci" target="_blank">Leonardo Da Vinci</a><br>
Perfection is reached not when there is nothing left to add, but when there is nothing left to take away - <a href="http://en.wikipedia.org/wiki/Antoine_de_Saint_Exup%C3%A9ry" title="Antoine de Saint Exupéry" target="_blank">Antoine de Saint Exupéry</a><br>
Keep It Simple Stupid - <a href="http://en.wikipedia.org/wiki/Clarence_Johnson" title="Clarence Johnson" target="_blank">Kelly Johnson</a><br>