Re: My iso may have been hacked, too!

Le septidi 7 fructidor, an CCXXIV, Andrew McGlashan a écrit : > Get the byte size of the ISO file and make sure that you only test > exactly that many bytes from the /dev/sdb device. > > Divide the number of bytes with say 40960 and then multiply the answer > with 40960 to see that you get the

Re: My iso may have been hacked, too!

On 10/08/2016 2:38 PM, Andrew F Comly 康大成 wrote: > $ gpg --verify SHA512SUMS.sign SHA512SUMS > gpg: Signature made 2016年06月05日 (週日) 23時59分09秒 CST using RSA key > ID 6294BE9B > gpg: Good signature from "Debian CD signing key > >" >

Re: iso hacked suspicious: answers

Hi, Andrew F Comly wrote: > E) Burn iso to media > dd if=/dev/zero of=/dev/sdb1 bs=1M; > wait; Why this overwriting of partition 1 by zeros ? The partition table will be overwritten by the ISO anyways. (And on what asynchronous processes are you waiting to end ?) >

Re: iso hacked suspicious: answers

Le 10/08/2016 à 17:13, Andrew F Comly 康大成 a écrit : iso hacked suspicious: answers Concerning the other questions re: "E-F)", please find the below answers: E) Burn iso to media dd if=/dev/zero of=/dev/sdb1 bs=1M; This action is not needed. The next command will overwrit

Re: you iso's may have been hacked

Hi, Andrew F Comly wrote: > Am I supposed to edit the script and put something in for magic=' '? No. Magic is what an ISO 9660 should bear at byte offset 32768: A byte with ASCII value 1 and five bytes saying "CD001": $ dd if=debian-8.4.0-amd64-netinst.iso bs=1 skip=32768 count=6 | od -c

iso hacked suspicious: answers

iso hacked suspicious: answers #Thanks for the reminder that protonmail didn't save the two email addresses that I entered in the "To:" line. Concerning the other questions re: "E-F)", please find the below answers: E) Burn iso to media dd if=/dev/zero of=/dev/sdb1 bs=1M;

Re: you iso's may have been hacked

Thomas Schmitt wrote: >Steve McIntyre wrote: >> It's also contained in the debian-role-keys keyring in the >> debian-keyring package: [...] >> and the full fingerprint is also on the Debian website using https for >> people who would rather trust that. > >We users could easily be outsmarted in

Re: you iso's may have been hacked

Hi, Steve McIntyre wrote: > It's also contained in the debian-role-keys keyring in the > debian-keyring package: [...] > and the full fingerprint is also on the Debian website using https for > people who would rather trust that. We users could easily be outsmarted in this aspect, i fear. It's

Re: you iso's may have been hacked

Thomas Schmitt wrote: >Hi, > >Andrew F Comly wrote: >> gpg: WARNING: This key is not certified with a trusted signature! > >I wonder whom we could trust to certify the Debian gpg key ... It's signed by a number of prominent DDs, including 2 DPLs and 2 Release Managers. Oh, and a number of idiots

Re: you iso's may have been hacked

Le 10/08/2016 à 08:36, Thomas Schmitt a écrit : Andrew F Comly wrote: Notice how the two sha512sum numbers (local vs burnt usb) don't match! Of course : the image and the device do not have the same size. Determine the ISO size on /dev/sdb by program isosize and curb its reading by help

Re: you iso's may have been hacked

Hi, Andrew F Comly wrote: > gpg: WARNING: This key is not certified with a trusted signature! I wonder whom we could trust to certify the Debian gpg key ... > Notice how the two sha512sum numbers (local vs burnt usb) don't match! Determine the ISO size on /dev/sdb by program isosize and curb

Re: you iso's may have been hacked

Hi, Doug wrote: > If the md5 sum doesn't agree with what's posted, it most likely means a > glitch in the data transmission. Download it again. Good advise. One has to be aware that MD5 is not considered to be safe against malicious manipulations but only for transport safety. If one has to

My iso may have been hacked, too!

sum numbers (local vs burnt usb) don't match! Sincerely, Andrew F Comly === === ---- Original Message Subject: Re: you iso's may have been hacked Local Time: August 10, 20

Re: you iso's may have been hacked

been hacked On 2016-08-09 20:24, limpia wrote: Thanks, but it would be a lot more help to know more details, Especially which mirror you used, what was the url to where you downloaded it from, ? Was it a amd64 image or i386 ? Was it a "Live CD image", "netinstall" or ? Thank

Re: you iso's may have been hacked

On 08/09/2016 08:03 PM, phil hall wrote: i have just downloaded debian gnome 8.5.0 when complete i clicked check MD5 sum it listed a number that's not in your MD5sum document. I have never checked an MD5sum, so don't know if this is a Mint bug or you've been hacked If the md5 sum doesn't

Re: you iso's may have been hacked

On 2016-08-09 20:03, phil hall wrote: i have just downloaded debian gnome 8.5.0 when complete i clicked check MD5 sum it listed a number that's not in your MD5sum document. I have never checked an MD5sum, so don't know if this is a Mint bug or you've been hacked On 2016-08-09 20:24, limpia

Re: you iso's may have been hacked

On 2016-08-09 20:03, phil hall wrote: i have just downloaded debian gnome 8.5.0 when complete i clicked check MD5 sum it listed a number that's not in your MD5sum document. I have never checked an MD5sum, so don't know if this is a Mint bug or you've been hacked Thanks, but it would be a lot

you iso's may have been hacked

i have just downloaded debian gnome 8.5.0 when complete i clicked check MD5 sum it listed a number that's not in your MD5sum document. I have never checked an MD5sum, so don't know if this is a Mint bug or you've been hacked

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

On Wed 24 Feb 2016 at 10:58:56 (+0100), Nicolas George wrote: > Le quintidi 5 ventôse, an CCXXIV, David Wright a écrit : > > Well, md5 beats md4 > > There is something wrong in your library. Thanks for your misplaced confidence in me. It was my timing that wasn't rigorous enough. Cheers, David.

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

Hi, Henrique de Moraes Holschuh wrote: > MD5 alone can be somewhat dangerous even in benevolent environments: if the > data sets are large enough or you are just unlucky, The size of the data set does not matter much. As already stated, there is the Pidgeon Hole Principle, which tells us that a

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

On 02/25/2016 03:07 PM, Stefan Monnier wrote: >> MD5 alone can be somewhat dangerous even in benevolent environments: if the >> data sets are large enough or you are just unlucky, you are going to hit a >> colision and corrupt-or-lose-data-on-dedup sooner or later. > > [G]it doesn't seem worried

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

>> MD5 alone can be somewhat dangerous even in benevolent environments: if the >> data sets are large enough or you are just unlucky, you are going to hit a >> colision and corrupt-or-lose-data-on-dedup sooner or later. > it doesn't seem worried about this. Admittedly, they use sha1 rather ^ G

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

> MD5 alone can be somewhat dangerous even in benevolent environments: if the > data sets are large enough or you are just unlucky, you are going to hit a > colision and corrupt-or-lose-data-on-dedup sooner or later. it doesn't seem worried about this. Admittedly, they use sha1 rather than md5,

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

On Tue, 23 Feb 2016, David Wright wrote: > 1) I do what fdupes does, ie identify files (in a benevolent >environment) using the MD5 signature to detect duplicate >contents. MD5 alone can be somewhat dangerous even in benevolent environments: if the data sets are large enough or you are

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

On 23/02/16 05:50, Thomas Schmitt wrote: > But my curiosity is about whether i indirectly helped the hackers. Technology is just that, technology. With the exception of land mines, it mostly is neither good nor bad itself, it's how it's used, and many tools can be used for both. Software is no

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

On 02/24/2016 01:48 PM, Nicolas George wrote: > Le sextidi 6 ventôse, an CCXXIV, Christian Seiler a écrit : >> Yes, I know what an HMAC is. But an HMAC is _utterly_ useless for a >> digital signature. > > Please stop commenting the finger when I try to show you the moon. The problem is that you

OT: ownership of Mega.co.nz (was Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System)

On Thu, Feb 25, 2016 at 12:18:40AM +1100, Andrew McGlashan wrote: > https://en.wikipedia.org/wiki/Mega_%28service%29 > > "In July 2015, Dotcom said he doesn't trust Mega service in a Q > session with tech website Slashdot, claims the company had "suffered > from a hostile takeover by a Chinese

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

On 24/02/2016 11:47 PM, Thomas Schmitt wrote: > I wrote: >>> ... google ... Kim Schmitz ... rofl ... i am not that curious. > > Andrew McGlashan wrote: >> Actually he doesn't run mega.nz any longer and he has said that he >> wouldn't trust the site now due to current ownership > > Now is this

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, Feb 24, 2016 at 01:47:57PM +0100, Thomas Schmitt wrote: > Hi, [...] > A large file emerges in ~/Desktop. (I am wearing my garlic necklace now, > spraying holy water, and looking up witch signs in the Malleus Maleficarum.) A nice and

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

Le sextidi 6 ventôse, an CCXXIV, Christian Seiler a écrit : > Yes, I know what an HMAC is. But an HMAC is _utterly_ useless for a > digital signature. Please stop commenting the finger when I try to show you the moon. I was not saying that HMAC are useful for digital signatures, I was giving

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

Hi, an interesting detail in advance: It does not boot from USB stick. Too dumb for that. >From DVD it boots only via BIOS or EFI BIOS emulation, not via generic EFI. I wrote: > > ... google ... Kim Schmitz ... rofl ... i am not that curious. Andrew McGlashan wrote: > Actually he doesn't run

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

>> So a valid way to construct an OpenPGP v4 signature would be to >> use >> >> H(contents || 0x04 0x00 0x01 0x08 0x00 0x00) >> >> as the input for the RSA algorithm (and then pack that up in a >> nice OpenPGP packet). > > I did not have the reference of what OpenPGP does near at hand, I was

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

On 24/02/16 22:50, Nicolas George wrote: > Le sextidi 6 ventôse, an CCXXIV, Richard Hector a écrit : >> Fair enough. Got a link to someone else's explanation? > > Sorry, I do not. But I gave a rather lengthy explanation myself in > the part you trimmed. Oh, ok. I assumed from your comment about

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

Le quintidi 5 ventôse, an CCXXIV, David Wright a écrit : > Well, md5 beats md4 There is something wrong in your library. Regards, -- Nicolas George signature.asc Description: Digital signature

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

Le quintidi 5 ventôse, an CCXXIV, Christian Seiler a écrit : > But if you say what Debian is doing is a mistake, then this _is_ what > you are talking about. I am quite sure of what I am talking about and what I am not talking about. > This is decisively not true when we are talking about

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

Le sextidi 6 ventôse, an CCXXIV, Richard Hector a écrit : > Fair enough. Got a link to someone else's explanation? Sorry, I do not. But I gave a rather lengthy explanation myself in the part you trimmed. Regards, -- Nicolas George signature.asc Description: Digital signature

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

On 24/02/16 07:52, Nicolas George wrote: > Le quintidi 5 ventôse, an CCXXIV, Christian Seiler a écrit : >> > You have _emphasized_ it, but you haven't _explained_ it, nor provided >> > any search term one could use to look up an explanation for it. > Explaining takes time, I do not want to do it

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

On 23/02/2016 10:02 PM, Thomas Schmitt wrote: > Hi, > > Nicolas George wrote: >> Of course, that does not mean MD5 and SHA-1 should be used nowadays. New >> theoretical attacks are found, keeping using hashes with known weaknesses is >> stupid. > > The ISO checksums are provided more for

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

On 23/02/2016 9:50 AM, Thomas Schmitt wrote: > Hi, > > Sven Hartge wrote: >> You cannot wget a mega.nz URL. You have to use a Javascript-enabled >> Browser to get the file. > > Shall i really enable insecure Javascript to download a malicious ISO ? > > ... google ... Kim Schmitz ... rofl ...

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

On Tue 23 Feb 2016 at 16:58:38 (+0100), Nicolas George wrote: > Le quintidi 5 ventôse, an CCXXIV, David Wright a écrit : > > 1) I do what fdupes does, ie identify files (in a benevolent > >environment) using the MD5 signature to detect duplicate > >contents. > > You did not specify the

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

On 02/23/2016 07:52 PM, Nicolas George wrote: > What you quote is about signing a summary of files at once versus signing > each file individually. This is not what I was talking about. What I was > talking about was signing the file contents itself versus signing the hash > of the file. But if

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

Le quintidi 5 ventôse, an CCXXIV, Christian Seiler a écrit : > You have _emphasized_ it, but you haven't _explained_ it, nor provided > any search term one could use to look up an explanation for it. Explaining takes time, I do not want to do it if nobody will read it. > Why is what Debian does

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

On 02/23/2016 04:49 PM, Nicolas George wrote: > Le quintidi 5 ventôse, an CCXXIV, Thomas Schmitt a écrit : >> If the SHA512SUMS.sign > > Stop right there. Signing a bunch of hashes is a beginner's mistake, I have > already emphasized that in this thread. You have _emphasized_ it, but you haven't

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

Le quintidi 5 ventôse, an CCXXIV, Thomas Schmitt a écrit : > You have unsurpassable objections against variants which might not > much weaken the strength of PGP ? > Not even willing to consider the constraints of such variants ? I have no idea what you are trying to express. > Despite leading

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

> The collisions are not known, and very unlikely, but "absolute" means > absolute, not "very likely". from the way you stated: > These are all cryptographic hash functions: too strong for a preliminary > test, insufficient for absolute certainty. I understood you suggest there is a relevant

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

Le quintidi 5 ventôse, an CCXXIV, arian a écrit : > where do you get that these are "insufficient for absolute certainty"? > (beside maybe md4) > there are no known collisions in sha1 and better, and even md4's preimage > attack has complexity 2^102. [1,2] There are collisions for SHA1 as soon as

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

Hi, Nicolas George wrote: > Signing a bunch of hashes is a beginner's mistake, You have unsurpassable objections against variants which might not much weaken the strength of PGP ? Not even willing to consider the constraints of such variants ? I assume this was discussed among DDs and they

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

> and even md4's preimage attack has complexity 2^102. [1,2] sorry, forgot the quotes: [1] https://en.wikipedia.org/wiki/Preimage_attack [2] https://en.wikipedia.org/wiki/MD4#Security signature.asc Description: OpenPGP digital signature

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

> These are all cryptographic hash functions: too strong for a preliminary > test, insufficient for absolute certainty. where do you get that these are "insufficient for absolute certainty"? (beside maybe md4) there are no known collisions in sha1 and better, and even md4's preimage attack has

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

Le quintidi 5 ventôse, an CCXXIV, Seeker a écrit : > If you take security out of the equation, simple true or false. > > 1. A corrupted download is better able to be detected when using MD5 than it > is with CRC32. > > 2. A corrupted download is better able to be detected when using SHA than it

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

On 2/23/2016 3:08 AM, Nicolas George wrote: Le quintidi 5 ventôse, an CCXXIV, Thomas Schmitt a écrit : The ISO checksums are provided more for transport verification than for the fight against intentional mainpulation. If that were true, CRC32 would be enough. Is that a 'Law of averages'

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

Le quintidi 5 ventôse, an CCXXIV, David Wright a écrit : > 1) I do what fdupes does, ie identify files (in a benevolent >environment) using the MD5 signature to detect duplicate >contents. You did not specify the average size of files nor how sure you want to be. If the files are large,

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

On Tue 23 Feb 2016 at 16:04:37 (+0100), Nicolas George wrote: > Le quintidi 5 ventôse, an CCXXIV, David Wright a écrit : > > Any faster ones that you recommend from the lists below? (I've rolled > > my own implementation of fdupes (which uses MD5) in python.) > > Nobody can recommend anything

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

Le quintidi 5 ventôse, an CCXXIV, Thomas Schmitt a écrit : > Only as far as use cases for Debian ISO image hashs are concerned. > No hash collisions among all Debian ISOs (or better all ISOs in the > world) is a valuable property. ??? I have no idea what you are talking about. > If the

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

I could imagine that PGP is easier to surpass than that. > > It is not a matter of surpassing anything. There is no use in converting the frontside of the house into a fortress while having a backdoor made of cardboard. If the SHA512SUMS.sign file can be hacked, then the SHA512 sums are not tru

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

Le quintidi 5 ventôse, an CCXXIV, David Wright a écrit : > Any faster ones that you recommend from the lists below? (I've rolled > my own implementation of fdupes (which uses MD5) in python.) Nobody can recommend anything without knowing the intended use. Regards, -- Nicolas George

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

On Tue 23 Feb 2016 at 13:15:38 (+0100), Nicolas George wrote: > Le quintidi 5 ventôse, an CCXXIV, Thomas Schmitt a écrit : > > i wrote: > > > > The ISO checksums are provided more for transport verification than > > > > for the fight against intentional mainpulation. > > > Nicolas George wrote: >

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

Le quintidi 5 ventôse, an CCXXIV, Thomas Schmitt a écrit : > i have to revoke some of my criticism towards Debian's signed > hash value lists. > Together, MD5, SHA1, SHA256, and SHA512 provide up to 132 bytes of > uniqueness (assumed that they have no systematic correlations). This is irrelevant.

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

Le quintidi 5 ventôse, an CCXXIV, Thomas Schmitt a écrit : > i wrote: > > > The ISO checksums are provided more for transport verification than > > > for the fight against intentional mainpulation. > Nicolas George wrote: > > If that were true, CRC32 would be enough. > For detecting most

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

Hi, i wrote: > > The ISO checksums are provided more for transport verification than > > for the fight against intentional mainpulation. Nicolas George wrote: > If that were true, CRC32 would be enough. For detecting most glitches, yes. But not if we want to use it for identifying files in

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

On Tue, Feb 23, 2016 at 12:02:50PM +0100, Thomas Schmitt wrote: > Hi, > > Nicolas George wrote: > > Of course, that does not mean MD5 and SHA-1 should be used nowadays. New > > theoretical attacks are found, keeping using hashes with known weaknesses is > > stupid. > > The ISO checksums are

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

Hi, i have to revoke some of my criticism towards Debian's signed hash value lists. Together, MD5, SHA1, SHA256, and SHA512 provide up to 132 bytes of uniqueness (assumed that they have no systematic correlations). I could imagine that PGP is easier to surpass than that. Well, according to

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

Le quintidi 5 ventôse, an CCXXIV, Thomas Schmitt a écrit : > The ISO checksums are provided more for transport verification than > for the fight against intentional mainpulation. If that were true, CRC32 would be enough. > Signing the hash lists by PGP still seems a bit weak as protection.

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

Le 23/02/2016 12:02, Thomas Schmitt a écrit : Most important seems a permanent supervision of the web site content from not publicly known client machines. if I followed right this, there was a redirect to an external site. How can this be possible? html links is the first thing spam uses

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

Hi, Nicolas George wrote: > Of course, that does not mean MD5 and SHA-1 should be used nowadays. New > theoretical attacks are found, keeping using hashes with known weaknesses is > stupid. The ISO checksums are provided more for transport verification than for the fight against intentional

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

Hi, Darac Marjal wrote: > It's difficult to provide a malicious ISO with the same MD5 as another, but > not impossible. You can just append a certain amount of junk data until the > hashes match. Or you manipulate a dedicated byte array in your evil add-on. This would avoid suspicious size

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

Le quintidi 5 ventôse, an CCXXIV, Darac Marjal a écrit : > It's difficult to provide a malicious ISO with the same MD5 as another, but > not impossible. You can just append a certain amount of junk data until the > hashes match. Similarly, you CAN do the same with SHA-1 (hash collisions ARE >

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

On Tue, Feb 23, 2016 at 09:39:24AM +0800, Gener Badenas wrote: On Tue, Feb 23, 2016 at 3:23 AM, Thomas Schmitt <[1]scdbac...@gmx.net> wrote: Hi, > [2]http://thehackernews.com/2016/02/linux-mint-hack.html A virus of 1.5 GiB size. Does anybody know a download URL for such an

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

Hi, Gener Badenas wrote: > Will people downloading the linix mint from torrent be affected? http://blog.linuxmint.com/?p=2994 "Does this affect you? As far as we know, the only compromised edition was Linux Mint 17.3 Cinnamon edition. If you downloaded another release or another edition, this

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

> On Feb 22, 2016, at 6:39 PM, Gener Badenas <gener.ong.bade...@gmail.com> > wrote: > > Will people downloading the linix mint from torrent be affected? Don't think so. Google (or DuckDuckGo) for 'linux mint hacked' and you'll get lots of info with no "Click Here&q

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

On Tue, Feb 23, 2016 at 3:23 AM, Thomas Schmitt wrote: > Hi, > > > http://thehackernews.com/2016/02/linux-mint-hack.html > > A virus of 1.5 GiB size. > > Does anybody know a download URL for such an infected ISO image ? > (I am curious whether they used my software or mkisofs

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

Hi, Sven Hartge wrote: > You cannot wget a mega.nz URL. You have to use a Javascript-enabled > Browser to get the file. Shall i really enable insecure Javascript to download a malicious ISO ? ... google ... Kim Schmitz ... rofl ... i am not that curious. Have a nice day :) Thomas

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

Thomas Schmitt wrote: > Dalios wrote: >> https://mega.nz/#!QwY1EZKJ!GW1gLzXaOUo8sNGF-zddRLwgsfamZy7C5u0CARjaUs0 > Only wgets a small index.html file: > meta name="description" content="MEGA provides free cloud storage with > convenient and powerful always-on privacy. Claim

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

Hi, Dalios wrote: > https://mega.nz/#!QwY1EZKJ!GW1gLzXaOUo8sNGF-zddRLwgsfamZy7C5u0CARjaUs0 Only wgets a small index.html file: meta name="description" content="MEGA provides free cloud storage with convenient and powerful always-on privacy. Claim your free 50GB now!" Probably spam, i fear. >

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

On 02/22/2016 09:23 PM, Thomas Schmitt wrote: > Does anybody know a download URL for such an infected ISO image ? > (I am curious whether they used my software or mkisofs or something > unusual.) Here you go: https://mega.nz/#!QwY1EZKJ!GW1gLzXaOUo8sNGF-zddRLwgsfamZy7C5u0CARjaUs0 Have in mind

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, 22 Feb 2016 20:50:55 +0100 "Thomas Schmitt" wrote: >Hi, > >> Cannot say more, but the article is rather detailed. > >It tells a lot about the hack and the Mint people are bravely answering >questions. >But my curiosity

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

Hi, > Cannot say more, but the article is rather detailed. It tells a lot about the hack and the Mint people are bravely answering questions. But my curiosity is about whether i indirectly helped the hackers. I cannot prevent such misuse of xorriso, neither practically nor legally. The GPL does

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

The article indicates that hackers redirected the download link for one edition of mint to an ftp site with their infected iso image. Cannot say more, but the article is rather detailed. Kare On Mon, 22 Feb 2016, Thomas Schmitt wrote: Hi,

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

Hi, > http://thehackernews.com/2016/02/linux-mint-hack.html A virus of 1.5 GiB size. Does anybody know a download URL for such an infected ISO image ? (I am curious whether they used my software or mkisofs or something unusual.) Have a nice day :) Thomas

Warning ?~@~T Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System)

Sharing in case anyone was impacted. -- Forwarded message -- Date: Mon, 22 Feb 2016 08:50:44 -0800 http://thehackernews.com/2016/02/linux-mint-hack.html

[SOLVED] [OT] Has my e-mail account been hacked?

has access (legitimately or not) to the second account and is > sending mails with a forged envelope From. Your only recourse is to > present the evidence to the ISP and let them deal with it. Thank you, Jochen and Brian, that is exactly the kind of information I was looking for. I now know

Re: [OT] Has my e-mail account been hacked?

On 10/13/2015 06:24 PM, Stephen Powell wrote: On Tue, 13 Oct 2015 02:36:46 -0400 (EDT), Jimmy Johnson wrote: Looks like it was mailed from MS Windows. Maybe mailed from a Windows OS with a virus. Do you run Windows too? No, I don't. There is no computer connected to my home network that

Re: [OT] Has my e-mail account been hacked?

On Tue 13 Oct 2015 at 22:21:08 -0400, Stephen Powell wrote: > On Tue, 13 Oct 2015 18:57:58 -0400 (EDT), Brian wrote: > > > > The comment was a general one and directed at all our readers. However, > > earlier you said "Someone discovered my password somehow". You have > >

Re: [OT] Has my e-mail account been hacked?

Say that you are using the Desktop version of Android(tm). It's pretty close to the truth. On 10/14/15 05:33, Stuart Longland wrote: On 14/10/15 13:23, John Hasler wrote: Lie. Tell them you're running Windows 95. "Ohh sorry, we only support Windows 7 or 8"

Re: [OT] Has my e-mail account been hacked?

On Wed, Oct 14, 2015 at 01:33:02PM +1000, Stuart Longland wrote: > On 14/10/15 13:23, John Hasler wrote: > > Lie. Tell them you're running Windows 95. > > "Ohh sorry, we only support Windows 7 or 8" I can truthfully say that my Android-based tablet can't get access. It's hard for ISPs not to

Re: [OT] Has my e-mail account been hacked?

On 14/10/15 13:23, John Hasler wrote: > Lie. Tell them you're running Windows 95. "Ohh sorry, we only support Windows 7 or 8" -- Stuart Longland (aka Redhatter, VK4MSL) I haven't lost my mind... ...it's backed up on a tape somewhere. signature.asc Description: OpenPGP digital signature

Re: [OT] Has my e-mail account been hacked?

On 14/10/15 12:51, Stephen Powell wrote: > Their level 1 help desk isn't much help anyway, if you're a Linux user. > The last time I called their level 1 help desk for technical support, the > conversation went something like this: Yep, familiar story. Some can't get it through their thick heads

Re: [OT] Has my e-mail account been hacked?

On Tue, 13 Oct 2015 11:22:34 -0400 (EDT), Andrew McGlashan wrote: > > On 13/10/2015 7:15 PM, Jochen Spieker wrote: >> Stuart Longland: I had a similar case on my self-administered mail >> host. A friend of mine has an account there and random hosts from >> all over the world used his credentials

Re: [OT] Has my e-mail account been hacked?

On Tue, 13 Oct 2015 22:09:53 -0400 (EDT), Stuart Longland wrote: > > This isn't level 1 helpdesk material, you'll actually need a technical > contact there. Their level 1 help desk isn't much help anyway, if you're a Linux user. The last time I called their level 1 help desk for technical

Re: [OT] Has my e-mail account been hacked?

On 14/10/15 11:53, Stephen Powell wrote: > On Tue, 13 Oct 2015 04:15:21 -0400 (EDT), Jochen Spieker wrote: >> >> Stuart Longland: >>> On 13/10/15 09:58, Stephen Powell wrote: Unfortunately, I don't. Attached below is one of the mail delivery failure notices, which includes the

Re: [OT] Has my e-mail account been hacked?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hi, On 14/10/2015 12:53 PM, Stephen Powell wrote: > No. My id on this mail server is "zlinuxman". I have no idea who > "thecoughingcanary" is. Nor do I understand why the SMTP server > would allow "thecoughingcanary" to send out e-mails in my

Re: [OT] Has my e-mail account been hacked?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hi, On 14/10/2015 1:09 PM, Stuart Longland wrote: >> No. My id on this mail server is "zlinuxman". I have no idea >> who "thecoughingcanary" is. Nor do I understand why the SMTP >> server would allow "thecoughingcanary" to send out e-mails in my

Re: [OT] Has my e-mail account been hacked?

Stephen Powell writes: > And that was that. They'll gladly take the money of a Linux user. > But if you have problems, you're on your own. Lie. Tell them you're running Windows 95. -- John Hasler jhas...@newsguy.com Elmwood, WI USA

Re: [OT] Has my e-mail account been hacked?

On Tue, 13 Oct 2015 18:57:58 -0400 (EDT), Brian wrote: > > The comment was a general one and directed at all our readers. However, > earlier you said "Someone discovered my password somehow". You have > just demolished that guess as having no basis as a likely cause.

Re: [OT] Has my e-mail account been hacked?

On 10/13/2015 09:51 PM, Stephen Powell wrote: On Tue, 13 Oct 2015 22:09:53 -0400 (EDT), Stuart Longland wrote: This isn't level 1 helpdesk material, you'll actually need a technical contact there. Their level 1 help desk isn't much help anyway, if you're a Linux user. The last time I called

Re: [OT] Has my e-mail account been hacked?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Of course ftp, clear text passwords, is also a problem; if it was this, then every time you update files via ftp, can you then immediately change your password when done? Mute point if they are using their own credentials to send mail and not your

Re: [OT] Has my e-mail account been hacked?

On 10/12/2015 04:58 PM, Stephen Powell wrote: On Mon, 12 Oct 2015 16:53:05 -0400 (EDT), Stuart Longland wrote: I'd check the backscatter case, as this requires no skill on the part of the attacker and is the most likely case. ... It's worth knowing how to read the headers of emails in this

Re: [OT] Has my e-mail account been hacked?

On 13/10/15 16:36, Jimmy Johnson wrote: > On 10/12/2015 04:58 PM, Stephen Powell wrote: >> On Mon, 12 Oct 2015 16:53:05 -0400 (EDT), Stuart Longland wrote: >>> >>> I'd check the backscatter case, as this requires no skill on the part of >>> the attacker and is the most likely case. >>> ... >>>

Re: [OT] Has my e-mail account been hacked?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, Oct 13, 2015 at 01:54:53AM -0700, Jimmy Johnson wrote: [...] > >It's a popular client to spoof too. > > I'm just saying that there is a possible bot running and the chances > are it's running in a windows environment, maybe even in a v-box,

Re: [OT] Has my e-mail account been hacked?

On 10/13/2015 12:06 AM, Stuart Longland wrote: On 13/10/15 16:36, Jimmy Johnson wrote: On 10/12/2015 04:58 PM, Stephen Powell wrote: On Mon, 12 Oct 2015 16:53:05 -0400 (EDT), Stuart Longland wrote: I'd check the backscatter case, as this requires no skill on the part of the attacker and is

  1   2   3   4   5   6   >