Investigations are no doubt continuing on numerous fronts, and Kernel.org is working to make sure that each of its 448 users change their passwords and SSH keys. In the meantime, however, the good news is that there appears to be no need to worry about the code we all know and love.
Three separate explanations of why that's the case have appeared since the hack was first discovered. In essence, they boil down to the fact that kernel development is done using Linux creator Linus Torvalds' own Git distributed revision control system. Here's why that makes such a big difference.
'A Cryptographically Secure Hash'
"The potential damage of cracking kernel.org is far less than typical software repositories," reads on the Kernel.org website.
"For each of the nearly 40,000 files in the Linux kernel, a cryptographically secure SHA-1 hash is calculated to uniquely define the exact contents of that file," the note explains. "Git is designed so that the name of each version of the kernel depends upon the complete development history leading up to that version. Once it is published, it is not possible to change the old versions without it being noticed."