[Gimp-user] gimpx? possible malicious software using Gimp name
Hi all, I just received a text message on google voice with something which was made to look like a failed image embed that led to this page http://imgsend.com/?photo=792MBQ which talked about requiring a gimp photo viewer for a .JPG.GMP file. Links lead to a gimpx.org domain which thing looks like a malicious site crafted to fool windows users into installing malware to me. If I'm incorrect and this is somehow a valid tool please let me know to set my mind at ease. If not, does anyone know if there's something that can be done about it? ___ gimp-user-list mailing list gimp-user-list@gnome.org https://mail.gnome.org/mailman/listinfo/gimp-user-list
Re: [Gimp-user] gimpx? possible malicious software using Gimp name
On 25.05.13 at 7:22 PM Michael Strout wrote: http://imgsend.com/?photo=792MBQ which talked about requiring a gimp photo viewer for a .JPG.GMP file. Links lead to a gimpx.org domain which thing That is obviously an attempt to abuse GIMPs name for something different, if not malicious activities. GIMPs own image files don't have the GMP extension and GIMPs website is not gimpx.org. Don't let yourself be fooled. Kind regards, Sven ___ gimp-user-list mailing list gimp-user-list@gnome.org https://mail.gnome.org/mailman/listinfo/gimp-user-list
Re: [Gimp-user] gimpx? possible malicious software using Gimp name
On 25.05.2013 19:22, Michael Strout wrote: Hi all, I just received a text message on google voice with something which was made to look like a failed image embed that led to this page http://imgsend.com/?photo=792MBQ which talked about requiring a gimp photo viewer for a .JPG.GMP file. Links lead to a gimpx.org domain which thing looks like a malicious site crafted to fool windows users into installing malware to me. Yes, it is. See https://mail.gnome.org/archives/gimp-developer-list/2012-August/msg00074.html for an analysis, with slightly different urls. If I'm incorrect and this is somehow a valid tool please let me know to set my mind at ease. This isn't a valid tool. Most likely a trojan. If not, does anyone know if there's something that can be done about it? Educating users would be the best approach. Any suggestions how to phrase a warning for www.gimp.org/downloads? -- Regards, Michael ___ gimp-user-list mailing list gimp-user-list@gnome.org https://mail.gnome.org/mailman/listinfo/gimp-user-list
Re: [Gimp-user] gimpx? possible malicious software using Gimp name
On 26.05.2013 21:07, Steve Kinney wrote: At present, the link to the Windows port on the Downloads page at gimp.org is hidden behind a show other downloads link buried in the middle of the page. You're not using a Windows platform, are you? -- Regards, Michael ___ gimp-user-list mailing list gimp-user-list@gnome.org https://mail.gnome.org/mailman/listinfo/gimp-user-list
Re: [Gimp-user] gimpx? possible malicious software using Gimp name
On Sun, 26 May 2013 15:07:06 -0400, Steve Kinney wrote: The owner of the domain name gimpx.org is hiding behind a pseudo-anonymous registrar. That in itself is enough to rule out installing anything offered on the site. My own domains all have privacy protection enabled - and one of them is the first place where I offer the installers, often days before I upload them to SourceForge. -- Jernej Simončič http://eternallybored.org/ ___ gimp-user-list mailing list gimp-user-list@gnome.org https://mail.gnome.org/mailman/listinfo/gimp-user-list
Re: [Gimp-user] gimpx? possible malicious software using Gimp name
On 05/26/2013 03:43 PM, Michael Schumacher wrote: On 26.05.2013 21:07, Steve Kinney wrote: At present, the link to the Windows port on the Downloads page at gimp.org is hidden behind a show other downloads link buried in the middle of the page. You're not using a Windows platform, are you? Nope, left that nonsense behind ages ago. At the moment my main workstation is running Mint 14 w/Cinnamon, see: http://pilobilus.net/linux_mint_review.html For my take on the quality and reliability of Microsoft products, see the sections on System Security and Hardware Level Attacks here: http://pilobilus.net/comsec-101.html I have pretty much settled on Debian Testing as a replacement for Mint when it expires next year. :o) Steve ___ gimp-user-list mailing list gimp-user-list@gnome.org https://mail.gnome.org/mailman/listinfo/gimp-user-list
Re: [Gimp-user] gimpx? possible malicious software using Gimp name
On 05/26/2013 04:35 PM, Jernej Simončič wrote: On Sun, 26 May 2013 15:07:06 -0400, Steve Kinney wrote: The owner of the domain name gimpx.org is hiding behind a pseudo-anonymous registrar. That in itself is enough to rule out installing anything offered on the site. My own domains all have privacy protection enabled - and one of them is the first place where I offer the installers, often days before I upload them to SourceForge. A matter of preference... but I bet the people who download code from your sites know exactly who they are dealing with! :o) Steve ___ gimp-user-list mailing list gimp-user-list@gnome.org https://mail.gnome.org/mailman/listinfo/gimp-user-list
Re: [Gimp-user] gimpx? possible malicious software using Gimp name
On Mon, May 27, 2013 at 12:17 AM, Steve Kinney ad...@pilobilus.net wrote: On 05/26/2013 03:43 PM, Michael Schumacher wrote: On 26.05.2013 21:07, Steve Kinney wrote: At present, the link to the Windows port on the Downloads page at gimp.org is hidden behind a show other downloads link buried in the middle of the page. You're not using a Windows platform, are you? Nope, left that nonsense behind ages ago. At the moment my main workstation is running Mint 14 w/Cinnamon, see: The reason for the question was that show other downloads is supposed to be for other platforms than the one you are browsing with ;) /Ø ___ gimp-user-list mailing list gimp-user-list@gnome.org https://mail.gnome.org/mailman/listinfo/gimp-user-list
Re: [Gimp-user] gimpx? possible malicious software using Gimp name
On 05/26/2013 06:56 PM, Øyvind Kolås wrote: On Mon, May 27, 2013 at 12:17 AM, Steve Kinney ad...@pilobilus.net mailto:ad...@pilobilus.net wrote: [ ... ] The reason for the question was that show other downloads is supposed to be for other platforms than the one you are browsing with ;) Well that makes sense - very clever, and not at all hard to justify! :o) Steve ___ gimp-user-list mailing list gimp-user-list@gnome.org https://mail.gnome.org/mailman/listinfo/gimp-user-list