Re: [DNG] ..are we|Devuan safe from this systemd backdoor malware, taking our kernels from Debian?
Quoting Arnt Karlsen (a...@iaksess.no): > ..very true. Are there ways to trick common Devuan installs > into automatically installing these bad things? > (Other than tricking newbie etc users, sysadmins etc into > doing it?) I don't see any particular structural accidents waiting to happen, above and beyond the norm in Unix. (OTOH, I don't spend a lot of time studying Desktop Environments. Someone else might do a better job at spotting, e.g., software structures likely to lull unwary desktop users into carrying out dangerous actions.) ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] ..are we|Devuan safe from this systemd backdoor malware, taking our kernels from Debian?
On Tue, 4 May 2021 10:00:25 -0700, Rick wrote in message <20210504170025.gb18...@linuxmafia.com>: > Quoting Arnt Karlsen (a...@iaksess.no): > > > On Fri, 30 Apr 2021 14:37:20 +0200, Arnt wrote in message > > <20210430143720.7311bc82@d44>: > > > > > > > https://www.theregister.com/2021/04/29/stealthy_linux_backdoor_malware_spotted/ > > > > > > > ..how it works: > > https://blog.netlab.360.com/stealth_rotajakiro_backdoor_en/ > > Answer: Avoid installing and running it. > > This isn't any kind of intrusion tool, just yet another backdoor > program that can be installed and activated after intrusion through > other means entirely -- indistinguishable except in fine detail from > countless others that have existed for decades. And _TheReg_ was > very clear about that: > > The malware is not an exploit; rather it's a payload that opens a > backdoor on the targeted machine. It might be installed by an > unsuspecting user, an intruder, or through a dropper Trojan. How > RotaJakiro has been distributed remains unanswered. > > So, there ya go: Avoid installing and running it. It's called system > administration. ..very true. Are there ways to trick common Devuan installs into automatically installing these bad things? (Other than tricking newbie etc users, sysadmins etc into doing it?) -- ..med vennlig hilsen = with Kind Regards from Arnt Karlsen ...with a number of polar bear hunters in his ancestry... Scenarios always come in sets of three: best case, worst case, and just in case. ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] ..are we|Devuan safe from this systemd backdoor malware, taking our kernels from Debian?
Quoting Arnt Karlsen (a...@iaksess.no): > On Fri, 30 Apr 2021 14:37:20 +0200, Arnt wrote in message > <20210430143720.7311bc82@d44>: > > > > https://www.theregister.com/2021/04/29/stealthy_linux_backdoor_malware_spotted/ > > > > ..how it works: > https://blog.netlab.360.com/stealth_rotajakiro_backdoor_en/ Answer: Avoid installing and running it. This isn't any kind of intrusion tool, just yet another backdoor program that can be installed and activated after intrusion through other means entirely -- indistinguishable except in fine detail from countless others that have existed for decades. And _TheReg_ was very clear about that: The malware is not an exploit; rather it's a payload that opens a backdoor on the targeted machine. It might be installed by an unsuspecting user, an intruder, or through a dropper Trojan. How RotaJakiro has been distributed remains unanswered. So, there ya go: Avoid installing and running it. It's called system administration. -- Cheers, Grammarian's bar joke #26: A gerund and an Rick Moeninfinitive walk into a bar, drinking to forget. r...@linuxmafia.com McQ! (4x80) ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
