[rox-devel] ROX web-site hacked

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

I got an email today from Google to say that the ROX web-site
contained spammy links. On investigation, I found some suspicious
files on the server (a .htaccess which redirected things to
"image.php", which contained a load of obfuscated PHP). The oldest
ctime was Nov 11, 2012.

This isn't very surprising; Drupal has regular security
vulnerabilities and I don't have time at the moment to keep it
properly patched. I have therefore exported the whole site to static
HTML (using httrack). I also moved it back to sourceforge.net since,
being static, database performance is no longer an issue:

  http://rox.sourceforge.net/desktop/

There should be no risk of anyone having installed malicious software
from the site, since 0install always ensures the GPG signatures are
correct when downloading software (and the signing key is not on the
server).

I will probably move ROX-Filer over to github at some point, along
with anything else that needs updating in the future.

Hopefully that's the end of it, but let me know if you spot anything suspicious.

-- 
Dr Thomas Leonard        http://0install.net/
GPG: 9242 9807 C985 3C07 44A6  8B9A AE07 8280 59A5 3CC1
GPG: DA98 25AE CAD0 8975 7CDA  BD8E 0713 3F96 CA74 D8BA