SourceForge hacked, but not to worry(?)
The code repository "played a game of cat and mouse" with an interloper and says "no harm done." But should we be concerned?
Valleywag reports that SourceForge.net was hacked Wednesday, resulting in site downtime while SourceForge tracked down the hacker. SourceForge's Ross Turk confirms the report:
We played a game of cat and mouse with a "security enthusiast" from Europe yesterday. :) No harm done, though, and everything's running smoothly.
Given that projects upload their code to the SourceForge repository on a regular basis, there's not any serious cause for concern that a security breach would be a long-term threat. Additionally, it's doubtful that anyone would download and install any critically important software in the minutes or hours a security breach might allow, get it into production, and incur serious liability as a result. Last time I checked, enterprise software adoption and implementation doesn't work quite that fast.
Still, it's cause for SourceForge to bolster its defenses, especially how it gets the word out in case of a breach.