W3C home > Mailing lists > Public > semantic-web@w3.org > April 2009

Re: FOAF sites offline during cleanup

From: Hugh Glaser <hg@ecs.soton.ac.uk>
Date: Sun, 26 Apr 2009 19:45:12 +0100
To: Peter Krantz <peter.krantz@gmail.com>, Bijan Parsia <bparsia@cs.manchester.ac.uk>
CC: "paola.dimaio@gmail.com" <paola.dimaio@gmail.com>, Dan Brickley <danbri@danbri.org>, foaf-dev Friend of a <foaf-dev@lists.foaf-project.org>, "foaf-protocols@lists.foaf-project.org" <foaf-protocols@lists.foaf-project.org>, Semantic Web <semantic-web@w3.org>, Thomas Roessler <tlr@w3.org>
Message-ID: <EMEW3|1994652bcd34dfaadf820d01162d637fl3PJjP02hg|ecs.soton.ac.uk|AB5F%hg@ecs.soton.ac.uk>
Yes, when Dan has recovered from the more urgent tasks he has, it would be good to have his reflections on what happened.

I think the primary question I would like to know the answer to is:
"Was there anything special about it being a "Semweb" site that created a vulnerability."
Was it an equivalent of an SQL injection for SPARQL, or maybe it was through a SPARQL endpoint, or something else RDF?

Or maybe it was "just" a standard hack, and we shouldn't get ourselves over-concerned about the RDFness.

My sympathy, of course.

Hugh

On 26/04/2009 18:38, "Peter Krantz" <peter.krantz@gmail.com> wrote:

Hijacking this thread back to the original topic:

How can we help? Two important areas to start working with:

1. How to get your servers back online in a clean uninfected state and,

2. how do we provide security recommendations for people who publish
semweb data online?

Anyone who is willing to help out?

Regards,

Peter Krantz
Received on Sunday, 26 April 2009 18:46:35 UTC

This archive was generated by hypermail 2.4.0 : Thursday, 24 March 2022 20:41:15 UTC