Hello everyone.
So, here is what is going on: my trisquel system was somehow compromised.
Every website I tried to access that had https, would load alright the https
would be there, the small lock too, hotmail would give me the green bar...
but EVERY site would do the same thing, a few seconds after it had loaded,
the lock/green bar, would disapear and the https connection would be lost. I
am not kidding, every website (wikipedia, startpage, hotmail, gmail, etc)
would load https, but suddendly would turn into http (without any error
message or something). This was clearly an attack to spy on my connections,
and was done with Javascript. I tried running Abrowser with JS disabled and
those websites would not turn http, they would stay in https with the small
lock in place.
So, a Javascript attack was in place. HOWEVER, it was not performed by my
ISP. I tried running other distros from livecd (mint, debian, tails,
trisquel) and all of them would work alright, only Trisquel that I had
installed in the hard drive would do that nasty trick. I also tried running
with other internet connections, like other wifi and such, and everything
would happen the same way (my trisquel would turn into http, livecds would
not).
I also noticed that https everywhere was "invisible". What I mean is, I had
it installed, but it wouldn't give me any options appearing and the websites
would behave as if it was not present.
So, my system was compromised. Only mine though? I don't know.
I didn't do anything out of ordinary in the web lately. I hope I noticed it
before my accounts were stolen... Anyway, I am alerting everyone, if my
Trisquel was attacked (even with certain precautions put in place) so can
yours be. Anyone noticed the same things lately?
I also run ClamAV in the home directory (trying to find a suspicious file
that I might have downloaded) but it was all clean.
I have now formatted the computer already and reinstalled. Everything seems
to be normal again. HOWEVER, I am not sure this is over. And I think it was
important to let everyone know about this. Trisquel WAS compromised in my pc,
it might be in yours too!
Pay attention, and if the Trisquel team would be so kind as to give me some
feedback on it, I would really appreciate it.
One last question: why can't I install trisquel 6 using text mode, without
internet connection? And why can't I see the full disk encryption option??
