I once emailed him directly to tell him to stop sending those emails,
back when he was sending them more frequently. I didn't get a response,
but the emails seemed to stop for a while, though it seems he is
starting it again.
I suspect it's just someone who doesn't understand what a mailing list
is, or its purpose. The files I checked weren't malicious, though like
you say, not particularly useful either (he once sent his kernel .config
file, with nothing particular about it), although it would be a bait and
switch, too.
Julien
On 6/13/22 12:03, Laurence Perkins wrote:
Xbx shows up every once in a while, seems to be a young kid who
doesn’t read English terribly well or know how mailing lists work and
isn’t subscribed so doesn’t get list replies.
The couple I’ve picked apart didn’t seem malicious, just not actually
necessary or particularly useful. But I’d hate to discourage someone
who’s trying to learn.
Of course, that could be a double-bluff of some kind just waiting for
us to trust him. Who knows.
LMP
*From:* coa...@tuta.io
*Sent:* Saturday, June 11, 2022 12:21 AM
*To:* gentoo-user@lists.gentoo.org
*Subject:* [Possible Malware Fraud]Re: [gentoo-user] PySimpleBuild +
MariaDB C Client
*WARNING:* Your email security system has determined the message below
may be a potential threat.
It may trick victims into clicking a link and downloading malware. Do
not open suspicious links.
If you do not know the sender or cannot verify the integrity of the
message, please do not respond or click on links in the message.
Depending on the security settings, clickable URLs may have been
modified to provide additional security.
Dear xbx7336,
I'd like to thank you for sharing this little program with
us,nevertheless I need you to understand that you just posted an
unidentifiable zip package in a security and simplicity and modular
linux distro mailchain, bypassing the fact you just used a .zip rather
.tar.* I feel like I should state that simplicity of usage, security
of though and modularity are all reasons >>Git<<
exists.
I don't know what PySimpleBuild is but MariaDB has been released under
a GPL license so there should NOT be a reason not to post your "zip's"
contents onto a github, gitlab or any other third party or your own
git instance.
Lets not even mention the security risks of downloading something from
any (even trusted) email due to any and all email protocols having
weaker security than a tamagotchi.
Jun. 7, 2022, 11:37 by xbx7...@gmail.com:
Dear All!
I would like to share this little program.
xbx.
OpenPGP_0x20B80B7E70598F97.asc
Description: OpenPGP public key
OpenPGP_signature
Description: OpenPGP digital signature