Posts tagged ‘tools’

install skype under lucid lynx

a howto how I like it:

For 32-bit
$ wget http://www.skype.com/go/getskype-linux-beta-ubuntu-32
For 64-bit
$ wget http://www.skype.com/go/getskype-linux-beta-ubuntu-64

$ sudo apt-get install libqt4-dbus libqt4-network libqt4-xml libasound2

$ sudo dpkg -i skype-XXXXXXXXXXXX.deb

$ sudo apt-get -f install

Advertisements

Tuesday, 17 August 2010 at 10:00 UTC Leave a comment

Atlassian security breach and customer support in real-time

About an hour ago customers of Atlassian (the company behind great tools like Jira and Confluence) got an email about a security breach and to change their password.

Be aware that this security issue only affects Atlassian customers who created an Atlassian account and purchased one of our products before June 2008. Since then, we have been using a more secure user management system based on Atlassian’s Crowd product. When you change your Atlassian account password using the procedure below, your Atlassian customer account details will be stored in our updated Crowd user management system, which will further minimise the chance of a security breach occurring in future.

[1] Source: Jason Winder Webnet IT Blog: Atlassian Stored Passwords in Cleartext?

Just after this email it seems that most people were not able to retrieve Atlassian’s service to react.

Now after one hour there was no official statement of Atlassian!

Guys @Atlassian ! Please use Twitter or Uservoice to react in our real-time live and give us some background information!

Twitter User Feedback

Update 1:

[2] @atlassian on Twitter at 7 00 PM GMT replied:

Atlassian had a security breach. Apologies for the confusion. Our site is experiencing heavy loads. We are working on getting back up ASAP.

[3] Zoli Erdos at Cloudave: Atlassian Security Breach and Warning

Update 2:
[4] Atlassian’s Mike Cannon-Brookes initial customer feedback today morning

The legacy customer database, with passwords stored in plain text, was a liability. Even though it wasn’t active, it should have been deleted. There’s no logical explanation for why it wasn’t, other than as we moved off one project, and on to the next one, we dropped the ball and screwed up.
Disclosure: in terms of the security breach itself, we will disclose the various attack vectors and what happened once we have a full picture. Expect this in the coming week.

Looking forward to it, so everybody can learn from such IT security mistakes.

Monday, 12 April 2010 at 19:56 UTC 3 comments


Categories