[Bioperl-l] Perlmonks hacked
Chris Fields
cjfields1 at gmail.com
Thu Jul 30 09:27:57 EDT 2009
All,
In case there are a few users who haven't been notified, PerlMonks has
been hacked rather severely:
http://perlmonks.org/
The site was unsecure; all passwords were (astonishingly) stored as
plain text, are out in the open, can be easily found (I did, and not I
will not point them out). If anyone has decided to use a common
password for, say Perlmonks and PAUSE (or Amazon, or CitiBank, or...),
make sure to change both. Also realize that PerlMonks is NOT https,
and that they have NOT patched the security hole yet, so any changed
password may be further compromised (don't use a common password).
In fact, your PAUSE account may be frozen already due to this:
http://use.perl.org/~Alias/journal/39372
It's hard to overstate the intense irony of all this. For some reaction:
http://perlhacks.com/2009/07/perl-monks-passwords.php
http://blog.afoolishmanifesto.com/archives/1028
<now you can smack you hand against your head in frustration>
Good luck!
chris
More information about the Bioperl-l
mailing list