[TYPO3-english] Is TER safe after hacking of typo3.org?

ries van Twisk typo3 at rvt.dds.nl
Wed Nov 26 00:28:30 CET 2008

On Nov 25, 2008, at 4:57 PM, Jan Loderhose wrote:

> hi folks,
> my question is basically directed at members of the core team but  
> maybe there
> are some people out there interested in the anwser, so i post the  
> following on
> the list.
> well, its been some time, since the accounts of typo3.org and forge  
> users were
> disabled due to a lame admin password ... (enough arguing on that)
> since that day me and some other typo3-guys wonder if any other data  
> could be
> corrupted due to that incident. how about importing extensions from  
> ter?
> was there any analysis concerning injections of bad code into  
> extensions sources?
> i ask since md5-hashes are easily manipulable as well as file  
> modification
> dates, so it won't prove anything, if there hasn't been any  
> indication for
> alterations via simply checking data integrity.
> has anyone ever gone into a deeper research?
> maybe i missed a thread on this topic. in that case i'd appreciate a  
> hint on the
> date and subject, so i may read it ex post.
> to make this plain: my questions are not meant as a rampage, but i  
> long for an
> official statement from an association member.
> cheers and thanks,
> jan


I think we need to wait for an official statement before we can go  
ahead, only
then we know for 100% sure that we are safe.


More information about the TYPO3-english mailing list