Leif Nixon, Combitech
This is an old story, but it hasn’t been told in public before. In 2011, the kernel.org infrastructure was severely compromised, sending shock waves through the Linux kernel community. Despite promises, no detailed incident report was ever released. It is time to tell the full story; the background, the incident itself, and how some of the perpetrators were caught.
And what does this tell us about the security of the open source supply chain?