I was interested in setting up a Linode account but I think it's best to wait for some more information at this point. Thoughts?
> 06:00 < ryann> Yep
> 06:00 < AlexC_> ryann: And you plan on releasing these?
> 06:00 < ryann> They did try to encrypt them, but using public key encryption doesn't work if you have the public and private key in the same directory
Jesus Christ. I agree, there is something very wrong with how Linode is treating this situation. Cperciva's comment a couple of days back about the doubletalk in the official statement seems especially precinct, and the new claim about both the private and public keys for the credit card info being stored in the same place... appallingly incompetent if true.
Uh... which comment was this?
The price is reasonable: $21/month for a 512 MB instance, and free 20,000 GB bandwidth!
In addition, they offer freaking 2-factor authentication! That says a lot when the only ones I know of offering such are AWS and SoftLayer.
05:24 -!- ryan| [~violator@37.235.49.168] has joined #linode
05:24 < ryan|> quite rude of you
05:25 -!- ryan| was kicked from #linode by akerl [ryan|]
05:27 -!- root__ [~h@vmx13318.hosting24.com.au] has joined #linode
05:27 -!- root__ is now known as ryan||
05:27 < ryan||> Quite rude out of you
05:27 < ryan||> To ban me like that
Really puts into perspective the difference in the levels of skill involved.
When dealing with someone of this level, they really should have just notified everyone immediately. There's no telling what info these people have now.
I wonder what they were after if not money. What are people hosting ?
Apparently, the hackers looked up a Quora list of notable sites hosted on Linode and went after those [2], suggesting that the attackers wanted to burn a 0day for some notoriety or to damage Linode/Coldfusion reputation.
1. Technical info: http://arstechnica.com/security/2013/04/coldfusion-hack-used...
