SourceForge hacked, but not to worry(?)

The code repository "played a game of cat and mouse" with an interloper and says "no harm done." But should we be concerned?

Valleywag reports that SourceForge.net was hacked Wednesday, resulting in site downtime while SourceForge tracked down the hacker. SourceForge's Ross Turk confirms the report:

We played a game of cat and mouse with a "security enthusiast" from Europe yesterday. :) No harm done, though, and everything's running smoothly.

Given that projects upload their code to the SourceForge repository on a regular basis, there's not any serious cause for concern that a security breach would be a long-term threat. Additionally, it's doubtful that anyone would download and install any critically important software in the minutes or hours a security breach might allow, get it into production, and incur serious liability as a result. Last time I checked, enterprise software adoption and implementation doesn't work quite that fast.

Still, it's cause for SourceForge to bolster its defenses, especially how it gets the word out in case of a breach.

Tags:
Tech Culture
About the author

    Matt Asay is chief operating officer at Canonical, the company behind the Ubuntu Linux operating system. Prior to Canonical, Matt was general manager of the Americas division and vice president of business development at Alfresco, an open-source applications company. Matt brings a decade of in-the-trenches open-source business and legal experience to The Open Road, with an emphasis on emerging open-source business strategies and opportunities. He is a member of the CNET Blog Network and is not an employee of CNET. You can follow Matt on Twitter @mjasay.

     

    Join the discussion

    Conversation powered by Livefyre

    Show Comments Hide Comments