0111010111000110
----- Original Message -----
From: "Pierre Letouzey" <pierre.letouzey@inria.fr>
To: <coq-club@inria.fr>
Cc: "Coq Developers Mailing List" <coqdev@inria.fr>
Sent: Tuesday, August 22, 2017 5:43 PM
Subject: Re: [Coq-Club] coq.inria.fr offline (and under
investigation)
> Dear all,
>
> Good news, the Inria security team have ended its investigation of coq.inria.fr,
> and it confirmed that the integrity of the server (and its files) has not been
> compromised. The initial alert was due to a crafted bug report put on our
> bugzilla, with some html attachment pointing to islamist messages, pretending
> to have hacked our site. But this bug report was created by a plain regular
> bugzilla account created just before, with no further exploit. So this was little
> more than a bug spam, and yes, we're many here to consider that the admin and
> security team at Inria have quite overreacted. These matters are taken very
> seriously nowadays...
>
> All the services provided by coq.inria.fr should be back to normal quite soon
> now, in particular the bugzilla is now operational again, without data loss.
> Please note that bug attachments of type text/html are now disallowed
> (but such files could be placed in a .tgz or .zip if they are truly meaningful
> for a bug report).
>
> By the way, even if the Coq files available for download on coq.inria.fr/distrib
> have not been impacted by this incident, let me remind that I maintain a gpg-signed
> list of all the SHA1 fingerprints of the files we distribute:
>
> https://coq.inria.fr/distrib/SHA1SUMS
> https://coq.inria.fr/distrib/SHA1SUMS.asc
>
> If in doubt, please refer to this list after checking for its signature.
> Moreover, each recent Windows and Mac packages should be internally signed as well.
>
> Sorry again for the inconvenience, quite independent from our will...
>
> Pierre Letouzey, for the Coq dev team
>
>
>
> ----- Mail original -----
>>
>> Dear all,
>>
>> The server behind our website coq.inria.fr has been put offline early today
>> by the Inria sysadmin staff and is awaiting further investigations.
>> For the moment, we have very little information about what appended,
>> we've just been told that a component of the website has been compromised
>> by intruders (bugzilla ? wiki ?) during the night. Unfortunately, these
>> investigations by the Inria admins may take several days (next Tuesday
>> is holiday here). We requested that at least the static part of the website
>> (especially downloads and documentation) be made available as soon as
>> possible,
>> but we still do not know yet when this will happen. Of course, we'll keep
>> you informed as soon as we know more about this attack and its consequences.
>>
>> Most sorry for the inconvenience...
>>
>> Pierre Letouzey, for the Coq dev team
>>
>>
======================
Vleeptron is guessing that Ynglisshe is not Pierre's first lingo. (But overall High Marks in the Ynglisshe Intro Final.) But we admire his admission that The Mess that Affected the Coq community last week was "quite independent from our will..." A similar and more common English expression is "against our will..." but this also carries the unpleasant suggestion of being tied to a bed in a cheap motel room.
Which raises the question: Can AI perceive shame and remorse for and embarrassment, or the binary equivalent, for its screwups?
Leave a bunch of Comments. ASCII only.
2 comments:
o5w11y1t77 w5o40i0k03 c7g27z4e81 j4s63e1r73 m3k50i4k77 c6c70u3k14
z5v62r1s62 z1z66w7l64 y6n30n9p47 x6u77u9m61 x8n07g5y13 m8g60o5v54
Post a Comment