On Tue, 23 Jul 2013 15:46:56 +1000, Basil Chupin wrote:
The Ubuntu Forum was hacked a couple of days ago-
http://ubuntuforums.org/announce.html
which led to a discussion about how secure Linux actually is.
A question arises in my mind is: how vulnerable are our mailing lists/forum(s) seeing as how openSUSE MLs are also using vBulletin (an earlier version than the Ubuntu one, BTW). More discussion led to this URL-
With regards to this last URL, how does openSUSE fair? I just looked at the archive for opensuse-security mail list (and subscribed to it) but for the month of July only see some fixes to what appear to be apps from 'third parties'.
Is openSUSE 'watertight'? :-)
Because we integrate with NetIQ Access Manager, user passwords aren't stored in the vBulletin database. I know the systems used on the back- end, and while I wouldn't describe any system as 100% hack-proof, this one would require some pretty specialized knowledge and access to the identity servers (which are not in the same network). eDirectory is on the back-end, and even if one were to grab the database, it's not a traditional database and the structure is *very* unusual (gives it very high performance for millions - or billions - of identities), so one would have to have knowledge of the internals of the engine. So our passwords are extremely secure. *This* is the advantage of the authentication system we have in place. Jim -- Jim Henderson Please keep on-topic replies on the list so everyone benefits -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org