|Re: [Hangout-NYLXS] Linux Mint security breach
|Quoting Ruben Safir (ruben-at-mrbrklyn.com):
news.softpedia.com has a history of really terrible coverage that
doesn't even aspire to address basics -- presumably because it is
pitched at ignorant readers.
1. Story doesn't mention whether Linux Mint normally supplies checksums
(e.g., sha1sums) with the images and whether it has a public gpg key to
(In fact, this intrusion was so sloppy that intruders didn't even bother
to replace posted checksums, which IIRC are present along with a public
signing key. Site appears to be offline ATM.)
2. Story therefore also doesn't mention whether the trojaned images
match signing keys posted for them by the intruders. (Didn't happen.)
3. Story doesn't even attempt to address why users wouldn't become
suspicious when the download links foe the Cinnamon edition (only)
suddenly pointed to Bulgaria.
4. Story also fails to mention the one interesting bit, that remote
attackers took advantage of a locally-unfixed bug in Wordpress to spawn
www-data - owned processes under intruder control.
In short, bad coverage as usual.
hangout mailing list