This weekend the Apache Software Foundation suffered a security breach. The post-mortem from the Apache Infrastructure Team is worth reading, because the attack was vsophisticated and they explain exactly how it worked.
Nelson Minar blames problems with passwords for the Apache security breach this weekend. Paul Querna blames Internet security as a whole. I’m still waiting for someone to blame URL shorteners, as they played a role in the attack as well.
April 14, 2010 at 7:41 pm
I will happily blame URL shorteners. They are dangerous in so many ways. TinyURL provides a way to “preview” the URL you’re about to be redirected to by tweaking the URL. All of these services should default to such a mode and make it a global preference.
April 15, 2010 at 12:22 am
I don’t care for URL shorteners, either, but anyone this sophisticated could have disguised a malicious link behind a 302 redirect on their own were TinyURL never created.