[TriLUG] Linux Mint Site Hacked

Matt Flyer via TriLUG trilug at trilug.org
Mon Feb 22 09:31:18 EST 2016 

>From the article:

" But the best way to get users to download the backdoored version was by
changing the checksum -- used to verify the integrity of a file -- on the
website with the checksum of the backdoored version.

"Who the f**k checks those anyway?" the hacker said."

This raises a point about the difference between verifying the sum and
running a verification against the signing key.  From the article, I don't
get the impression that they were able to sign the software, just replace
the checksum values.

I know the Windows mindset and to some degree the phone / tablet 'app'
mentality encourages download and installation of random executable code,
but I remain really hesitant to do so and prefer to verify what I install
to the extent possible.

> Well according to that I am not in the pool.  I didn't think I was as I
> had
> no need to be a forum member.  I mostly use Mint for other people's
> machines.
>
> When the forum comes back on line I am going to double check though.
>
> Ken
>
> On Mon, Feb 22, 2016 at 7:12 AM, Christopher Blackmon <ckblackm at yahoo.com>
> wrote:
>
>> Forum info was posted and about 70k email addresses have
>> been entered here:  https://haveibeenpwned.com/
>>
>> You can check and see if you were on the list.
>>
>> Christopher
>>
>>
>> ------------------------------
>> *From:* Ken MacKenzie via TriLUG <trilug at trilug.org>
>> *To:* Triangle Linux Users Group General Discussion <trilug at trilug.org>
>> *Sent:* Monday, February 22, 2016 7:04 AM
>> *Subject:* [TriLUG] Linux Mint Site Hacked
>>
>> So I am figuring most have seen the news but if not:
>>
>>
>> http://www.zdnet.com/article/hacker-hundreds-were-tricked-into-installing-linux-mint-backdoor/
>>
>> Funny thing is I actually grabbed an iso that day.  Didn't install it
>> yet
>> as it was for a computer that was waiting on hardware first.  Deleted it
>> as
>> soon as I heard.
>>
>> Supposedly according to the hacker he got the forum and forum passwords
>> cracked as well.  In case anyone was on the forums.  I don't recall if I
>> had a login there, site is still down for me to check.
>>
>> Ken
>> --
>> This message was sent to: ckblackm at yahoo.com <ckblackm at yahoo.com>
>> To unsubscribe, send a blank message to trilug-leave at trilug.org from
>> that
>> address.
>> TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
>> Unsubscribe or edit options on the web    :
>> http://www.trilug.org/mailman/options/trilug/ckblackm%40yahoo.com
>> Welcome to TriLUG: http://trilug.org/welcome
>>
>>
> --
> This message was sent to: Matt Flyer <matt at noway2.thruhere.net>
> To unsubscribe, send a blank message to trilug-leave at trilug.org from that
> address.
> TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
> Unsubscribe or edit options on the web	:
> http://www.trilug.org/mailman/options/trilug/matt%40noway2.thruhere.net
> Welcome to TriLUG: http://trilug.org/welcome

More information about the TriLUG mailing list