SpreadFirefox Hacked Again…
From http://www.mozillazine.org/talkback.html?article=7479:
“The Mozilla Foundation’s community marketing site Spread Firefox has been hacked for the second time in less than three months. According to an email sent to registered users of the site, unknown remote attackers exploited a vulnerability in the TWiki wiki software, which was installed on the server but not actually used by the public website. The TWiki software has now been disabled. The Spread Firefox Team does not believe that any sensitive data was taken but they have shut down the site as a precaution. Only Spread Firefox was affected by the security breach; no other Mozilla Foundation or Mozilla Corporation sites have been hacked and the flaw does not affect users of Mozilla software.”
This is what happens when you have a website run by people who do their own thing entirely, who obviously don’t pay enough attention to keeping things up to date, without keeping the mozilla system administrators in the loop, and to think, the new version of SFX is being done behind closed doors with limited community interaction. This should send plenty of messages of safety about a site that’s already been hacked twice, that they’re still not being open, and as a result, its the only mozilla site to be hacked. I think its time that the Mozilla Foundation/Corporation take some responsibility for what happens with SpreadFirefox.com.
Personally, I’m no longer comfortable with the way SpreadFirefox is maintained. I don’t believe its admins are doing an acceptable job. (This is seperate from the Mozilla Sysadmins, who are doing the best they can) I’d like to see SFX have the ability for users to delete their account. Since obviously they’re not safe. Might also make the number of accounts more realistic.
I also find it interesting, that Asa, spreadfirefox admin and frequent mozilla blogger, fails to mention on his blog at all either hacking. 🙂 Guess the only mozilla news is good news.
So true.
“This is what happens when you have a website run by people who do their own thing entirely, who obviously don’t pay enough attention to keeping things up to date”
That’s what I was trying to say here ( http://mozillazine.org/talkback.html?article=6940#3 )
“Personally, I’m no longer comfortable with the way SpreadFirefox is maintained.”
So am I.
Personally, I’m no longer comfortable with the way SpreadFirefox is maintained. I don’t believe its admins are doing an acceptable job. (This is seperate from the Mozilla Sysadmins, who are doing the best they can) I’d like to see SFX have the ability for users to delete their account. Since obviously they’re not safe. Might also make the number of accounts more realistic.