[TriLUG] Linux Mint Site Hacked
tj via TriLUG
trilug at trilug.org
Thu Feb 25 10:13:30 EST 2016
that is true
but the mint issue was md5 did not match with "botnet backdoor" ISO...
they can swap md5, but they did not...
I believe Mints is targeting common Windows Audiences that do not care on
md5 or hashing...
On Thu, Feb 25, 2016 at 9:26 AM, Erik Nelson via TriLUG <trilug at trilug.org>
wrote:
>
>
> On 02/22/2016 11:16 AM, tj via TriLUG wrote:
>
>> as I know, md5sum was not valid/did match . they changed the ISO downloan
>> to Bulgaria :D.
>>
>
> Just caught up with the thread, so forgive me if someone has made the
> point already...
>
> The real problem here is that it is *not* enough to post a checksum and
> call it a day. If a malicious entity
> has enough access to your servers to swap your iso for their poison, they
> have enough access to
> upload an md5 that will match said poison.
>
> Sign and verify signatures folks.
>
> - Erik
>
>
>> On Mon, Feb 22, 2016 at 11:11 AM, Thomas Delrue via TriLUG <
>> trilug at trilug.org> wrote:
>>
>> -----BEGIN PGP SIGNED MESSAGE-----
>>> Hash: SHA512
>>>
>>> They didn't even do that. They replace the *links* to the good ISO's
>>> with links to the hacker's machines containing bad ISO's.
>>>
>>> Goes to show though: sign everything with GPG and always validate sigs
>>>
>>> If anything, this was more an attack on the users rather than the OS...
>>>
>>> P.S.: Speaking of which, my key is 0x08B3FA4E...
>>>
>>> On 02/22/2016 10:59 AM, Christopher Blackmon via TriLUG wrote:
>>>
>>>> It's not as if they attacked the OS itself... they hacked the web
>>>> siteand replaced a .iso with a backdoored one. christopher
>>>>
>>>> From: tj via TriLUG <trilug at trilug.org> To: John Vaughters
>>>> <jvaughters04 at yahoo.com>; Triangle Linux Users Group General
>>>> Discussion <trilug at trilug.org> Sent: Monday, February 22, 2016 10:55
>>>> AM Subject: Re: [TriLUG] Linux Mint Site Hacked
>>>>
>>>> Linux os not a toy anymore :)
>>>>
>>>> on my understanding, they attack Mints due on many users of Mints
>>>> came for "user friendly" Windows, where to try windows alternative.
>>>> They do not understand MD5SUM or checking after downlonding the ISO
>>>> fie. As I remember downloading ISO WINS 10, none told me to check
>>>> MD5SUM :D
>>>>
>>> -----BEGIN PGP SIGNATURE-----
>>> Version: GnuPG v2.0.22 (GNU/Linux)
>>>
>>> iQIcBAEBCgAGBQJWyzM8AAoJEKosl9oIs/pOWm0QAI3/EPPSNExvtUd39GbKwyXc
>>> rK2mwyYTAWQeqrGUl227csErNY7csTuf7nGEnXtJkLSGm0SaJueJavkIOYlEwSFM
>>> EToK7vG/5/Q7IeVZ87nk1spSopWlN/cqhUSB/eZKBT6naWcBswR1XoRBarHk30xJ
>>> 440drNfRYN2l+h9Hzh8qtoGDkgVQV9TYcpv0FXQKYGAPPN/YgxuK1Yve5IT5b5GQ
>>> hrZhINUCAkbppcU/ywtboZzayep79rhlT/549WB2HlumicNgt67MHcnKZCsnx2Dv
>>> 6N5Zf886gg/ACKI3zJ/y4FVswzqQk4RT0C1Ufe2nnxfKziFEuIXZCksNYW+NneiR
>>> iz5lWnP+KibygSsYc7ogrUh19GQL1AIeMXho/Xq4ixXHp5NaQDoCjfj+tuBprySB
>>> LoIDOmBZwUqbtVhkoeZtvS9FR9wF5gMrhdLexJ5RqpMhVxiyRxKackcn723U5wh6
>>> FuUGR0ioJsZ+B8EB+hMxSSBWA1w3cCn2RqUehQlhYn6EA60kwGw0sr4NPz66+FJv
>>> gxf7o/s5AHzKEKKKa5oXf7cRAhXB+IbcHn+GpnTzdcqqiv19G5tKckSvdbjdycp+
>>> cp7K7HRh4FSnw5g7qga4F65EdF6kC8H2x4VA/sxBoLCtYUX70dGMKyOQeQe7cLke
>>> dHQCUwqoV40f90x2YMh0
>>> =B9cN
>>> -----END PGP SIGNATURE-----
>>> --
>>> This message was sent to: fendy <bimasakti at gmail.com>
>>> To unsubscribe, send a blank message to trilug-leave at trilug.org from
>>> that
>>> address.
>>> TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
>>> Unsubscribe or edit options on the web :
>>> http://www.trilug.org/mailman/options/trilug/bimasakti%40gmail.com
>>> Welcome to TriLUG: http://trilug.org/welcome
>>>
>>>
> --
> This message was sent to: fendy <bimasakti at gmail.com>
> To unsubscribe, send a blank message to trilug-leave at trilug.org from that
> address.
> TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
> Unsubscribe or edit options on the web :
> http://www.trilug.org/mailman/options/trilug/bimasakti%40gmail.com
> Welcome to TriLUG: http://trilug.org/welcome
>
More information about the TriLUG
mailing list