
Community site taken offline...
By Joris Evers
Published: 5 October 2005 08:45 BST
Spread Firefox, the marketing website for the open source Firefox web browser, has been hacked again and is expected to be offline until later this month.
The cyber break-in was discovered this week, according to a notice sent on Tuesday by the Spread Firefox team to registered users of the website. The breach was limited to SpreadFirefox.com and did not affect the main Mozilla.org website or Mozilla software, according to the emailed message.
The server that hosts the Spread Firefox website was compromised by attackers who attempted to exploit a security vulnerability in TWiki, according to the notice. TWiki is open source software for the collaborative authoring of online pages called "wikis".
This is the second time the site has been hacked via a flaw in software used to run the website. In July, the marketing site was compromised by attackers who exploited an unpatched security hole in PHP. The Drupal content management system used by the site is written in the PHP scripting language.
After the July attack, Mozilla instituted procedures to ensure it would not overlook any more security fixes. The Spread Firefox team said in its notice: "Unfortunately, those procedures overlooked the installation of the TWiki software, since it is not used by the main Spread Firefox site."
The Firefox marketing website has been taken offline and will be rebuilt from scratch, according to the email. "When the system is rebuilt, all the software will be audited to ensure that security updates will be applied in a timely manner," the team wrote.
The latest attack is not likely to have exposed any user information, according to the email. Still, people should change their password when the site comes back online, the team suggested. Spread Firefox's website should be back online circa 15 October, according to a notice on the site.
The hack is an additional embarrassment to Mozilla, which has emphasised security as a main selling point for its Firefox web browser.
Spread Firefox is the online Firefox marketing hub. Mozilla has successfully used the site to mobilise volunteers to popularise the browser through free marketing techniques such as website buttons and by collecting money for an ad in The New York Times.
Joris Evers writes for CNET News.com
For further information please visit our website: www.net2s.co.uk In London, NET2S has a team of 75 consultants spread across 19 of the top 20 ...
The ideal OpenSource ventures are Wikimedia, Mediawiki, Dekiwiki, Twiki and They are looking for someone to start mid June and work with them using ...
Excellent knowledge of Java, Perl & PHP based Languages? To apply you will need experience working with Java, Perl & PHP based applications, have a ...
CIO50 2008
The silicon.com CIO50 2008 profiles the most influential and innovative tech chiefs in the UK across all industries and organisation size, from the biggest FTSE100 companies to high growth dot-com start ups and the public sector. The list was voted on by the UK CIO community and a panel of experts. Find out more in our latest special report.
Stories from the web...
Copyright ©1995-2008 CNET Networks, Inc. All rights reserved. Top of page
Steve Ranger Editor's Blog: Why we write about the iPhone Is it just because it's so shiny?
Siān Croxon Legal Eye: Trademark landmark Pricking O2's bubble