Re: [Possible Malware Fraud]Re: [gentoo-user] PySimpleBuild + MariaDB C Client

2022-06-13 Thread Julien Roy 
I once emailed him directly to tell him to stop sending those emails, 
back when he was sending them more frequently. I didn't get a response, 
but the emails seemed to stop for a while, though it seems he is 
starting it again.


I suspect it's just someone who doesn't understand what a mailing list 
is, or its purpose. The files I checked weren't malicious, though like 
you say, not particularly useful either (he once sent his kernel .config 
file, with nothing particular about it), although it would be a bait and 
switch, too.



Julien

On 6/13/22 12:03, Laurence Perkins wrote:


Xbx shows up every once in a while, seems to be a young kid who 
doesn’t read English terribly well or know how mailing lists work and 
isn’t subscribed so doesn’t get list replies.


The couple I’ve picked apart didn’t seem malicious, just not actually 
necessary or particularly useful.  But I’d hate to discourage someone 
who’s trying to learn.


Of course, that could be a double-bluff of some kind just waiting for 
us to trust him.  Who knows.


LMP

*From:* coa...@tuta.io 
*Sent:* Saturday, June 11, 2022 12:21 AM
*To:* gentoo-user@lists.gentoo.org
*Subject:* [Possible Malware Fraud]Re: [gentoo-user] PySimpleBuild + 
MariaDB C Client




*WARNING:* Your email security system has determined the message below 
may be a potential threat.


It may trick victims into clicking a link and downloading malware. Do 
not open suspicious links.


If you do not know the sender or cannot verify the integrity of the 
message, please do not respond or click on links in the message. 
Depending on the security settings, clickable URLs may have been 
modified to provide additional security.




Dear xbx7336,


I'd like to thank you for sharing this little program with 
us,nevertheless I need you to understand that you just posted an 
unidentifiable zip package in a security and simplicity and modular 
linux distro mailchain, bypassing the fact you just used a .zip rather 
.tar.* I feel like I should state that simplicity of usage, security 
of though and modularity are all reasons >>Git<<


 exists.

I don't know what PySimpleBuild is but MariaDB has been released under 
a GPL license so there should NOT be a reason not to post your "zip's" 
contents onto a github, gitlab or any other third party or your own 
git instance.


Lets not even mention the security risks of downloading something from 
any (even trusted) email due to any and all email protocols having 
weaker security than a tamagotchi.


Jun. 7, 2022, 11:37 by xbx7...@gmail.com:

Dear All!

I would like to share this little program.

xbx.



OpenPGP_0x20B80B7E70598F97.asc
Description: OpenPGP public key


OpenPGP_signature
Description: OpenPGP digital signature

RE: [Possible Malware Fraud]Re: [gentoo-user] PySimpleBuild + MariaDB C Client

2022-06-13 Thread Laurence Perkins 
Xbx shows up every once in a while, seems to be a young kid who doesn’t read 
English terribly well or know how mailing lists work and isn’t subscribed so 
doesn’t get list replies.

The couple I’ve picked apart didn’t seem malicious, just not actually necessary 
or particularly useful.  But I’d hate to discourage someone who’s trying to 
learn.

Of course, that could be a double-bluff of some kind just waiting for us to 
trust him.  Who knows.

LMP

From: coa...@tuta.io 
Sent: Saturday, June 11, 2022 12:21 AM
To: gentoo-user@lists.gentoo.org
Subject: [Possible Malware Fraud]Re: [gentoo-user] PySimpleBuild + MariaDB C 
Client



WARNING: Your email security system has determined the message below may be a 
potential threat.

It may trick victims into clicking a link and downloading malware. Do not open 
suspicious links.

If you do not know the sender or cannot verify the integrity of the message, 
please do not respond or click on links in the message. Depending on the 
security settings, clickable URLs may have been modified to provide additional 
security.



Dear xbx7336,

I'd like to thank you for sharing this little program with us,nevertheless I 
need you to understand that you just posted an unidentifiable zip package in a 
security and simplicity and modular linux distro mailchain, bypassing the fact 
you just used a .zip rather .tar.* I feel like I should state that simplicity 
of usage, security of though and modularity are all reasons >>Git<<
 exists.

I don't know what PySimpleBuild is but MariaDB has been released under a GPL 
license so there should NOT be a reason not to post your "zip's" contents onto 
a github, gitlab or any other third party or your own git instance.

Lets not even mention the security risks of downloading something from any 
(even trusted) email due to any and all email protocols having weaker security 
than a tamagotchi.

Jun. 7, 2022, 11:37 by xbx7...@gmail.com<mailto:xbx7...@gmail.com>:
Dear All!

I would like to share this little program.

xbx.