Wait, was Linux Mint really hacked?
http://thehackernews.com/2016/02/linux-mint-hack.html
According to this, if you got an ISO of Linux Mint 17.3 from the official website on February 20th, you got an infected version with the Tsunami backdoor. The website is indeed down at the moment.
What would anyone have to gain by hacking a free and volunteer-powered initiative, other than getting bragging rights among equally moronic hackers?
According to this, if you got an ISO of Linux Mint 17.3 from the official website on February 20th, you got an infected version with the Tsunami backdoor. The website is indeed down at the moment.
What would anyone have to gain by hacking a free and volunteer-powered initiative, other than getting bragging rights among equally moronic hackers?
Comments
Include a rootkit, get unrestrained access to affected user's systems. They could even install keyloggers, who knows?
It's terrible people would want to crack a FOSS project, what a shame.
It is a bit sad, but hey, hackers are always around, you can't have good without bad. However, I have to say that for being able to cause the hack twice in a row, that is pretty impressive. The Mint team better be careful.
What happened was the hackers compiled their own custom A̶r̶c̶h Mint ISO with the backdoor, subsequently hacking the website and providing the custom ISO for download. It's actually pretty simple in concept, but is very substantial in its reach.
Remember, this is also the same distro that holds back security updates.
Also noticed I said Arch, not Mint. I knew what I was talking about!
Perfect example is right in FCC reg: "This device must not create any harmful interference; and this device must accept any interference, including that which may create undesired operation".
So your electronic devices must be "hackable" in a way to be legally sold in the United States. Have a nice day.
I used this to describe how consumer wireless devices can be "hacked" by the right interference.
Whether or not the device breaks under the interference is up to the design. I've had countless analog electronic devices fail various degrees under numerous forms of interference. It all depends on what's inside.
Now for the real "any electronic device", remember back in 93* testing a specific electromagnetic unit that could stop a simple lightbulb from lighting to complex electronics from functioning. Hell to a lesser degree, people are extracting and/or modifying electronic signals from cable wire and other devices these days, without contact with the electronics.
What is it, preaking or something? Can't remember.
These simple "OS" hacks and issues are nothing compared to the true hardware vulnerabilities and "hackabilities" that lie in system hardware.
EDIT:
* Not actually in '93, used a figure of speech. I mean fairly recently as in 2009.
Honestly, I think there need to be harsher punishments on these "hackers". I'm talking life imprisonment. Also, why the heck is bloatware even allowed? One time in ye olden days of 2010 I received a cheap-ass Samsung netbook that took 5 min to boot to a usable state because of the bloat. IMHO bloatware is a form of malware. Oh well, migrating to Linux anyway.
Fucking murderers don't even get that nowadays. The hell does some skiddie deserve such a stupid punishment.
As for bloatware, I agree there should be some kind of law restricting that kind of stuff. I especially don't like when they bundle Norton crap that goes "YOUR COMPUTER IS IN DANGER!!!" the moment you boot it for the first time. I'm surprised that isn't considered as scareware...