I suspect it's just someone who doesn't understand what a mailing list is, or its purpose. The files I checked weren't malicious, though like you say, not particularly useful either (he once sent his kernel .config file, with nothing particular about it), although it would be a bait and switch, too.
Julien On 6/13/22 12:03, Laurence Perkins wrote:
Xbx shows up every once in a while, seems to be a young kid who doesn’t read English terribly well or know how mailing lists work and isn’t subscribed so doesn’t get list replies.The couple I’ve picked apart didn’t seem malicious, just not actually necessary or particularly useful. But I’d hate to discourage someone who’s trying to learn.Of course, that could be a double-bluff of some kind just waiting for us to trust him. Who knows.LMP *From:* [email protected] <[email protected]> *Sent:* Saturday, June 11, 2022 12:21 AM *To:* [email protected]*Subject:* [Possible Malware Fraud]Re: [gentoo-user] PySimpleBuild + MariaDB C Client------------------------------------------------------------------------*WARNING:* Your email security system has determined the message below may be a potential threat.It may trick victims into clicking a link and downloading malware. Do not open suspicious links.If you do not know the sender or cannot verify the integrity of the message, please do not respond or click on links in the message. Depending on the security settings, clickable URLs may have been modified to provide additional security.------------------------------------------------------------------------ Dear xbx7336,I'd like to thank you for sharing this little program with us,nevertheless I need you to understand that you just posted an unidentifiable zip package in a security and simplicity and modular linux distro mailchain, bypassing the fact you just used a .zip rather .tar.* I feel like I should state that simplicity of usage, security of though and modularity are all reasons >>Git<<exists.I don't know what PySimpleBuild is but MariaDB has been released under a GPL license so there should NOT be a reason not to post your "zip's" contents onto a github, gitlab or any other third party or your own git instance.Lets not even mention the security risks of downloading something from any (even trusted) email due to any and all email protocols having weaker security than a tamagotchi.Jun. 7, 2022, 11:37 by [email protected]: Dear All! I would like to share this little program. xbx.
OpenPGP_0x20B80B7E70598F97.asc
Description: OpenPGP public key
OpenPGP_signature
Description: OpenPGP digital signature
