Friendly forums for passionate Dems!
More than 93 million posts since 2001
Home Latest Greatest Videos Forums Hide ads Join up!
Home Latest Greatest
Videos Forums Help
Hide ads Join up!
Latest Discussions»Help & Search»Computer Help and Support»Backdoor found in widely ...»Reply #3
Welcome to DU! The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards. Join the community: Create a free account Support DU (and get rid of ads!): Become a Star Member Latest Breaking News Editorials & Other Articles General Discussion The DU Lounge All Forums Issue Forums Culture Forums Alliance Forums Region Forums Support Forums Help & Search

Computer Help and Support

In reply to the discussion: Backdoor found in widely used Linux utility breaks encrypted SSH connections [View all]

CloudWatcher

(2,073 posts)
3. I think this is much worse than most reports would have you believe
Reply to Nittersing (Original post)
Sat Mar 30, 2024, 02:01 PM
Mar 2024

I think this is a lot worse than reported. Yes, this attempt was foiled before it got widespread, but the technique they used opens a new front in the war against malware.

(1) This was a years-long effort. Clearly not a random teenage hacker going for kicks (i.e. it was a government group).
(2) It took advantage of the rapidly aging population of open-source package owners & maintainers.

The approach here was to create a useful but fictional volunteer contributor and slowly build up their reputation and credibility until they could be given control of a widely used package. And then to use that power to introduce malware that would be included by large distributions.

This was only discovered because the malware was buggy and affected the performance of the OpenSSH package. If they had been a little bit better at coding the backdoor, it would not have been discovered before being distributed to millions of Linux systems.

But we caught them, why is this so bad? It's bad because there's very little we can do to prevent this style of attack from being used over and over again until we can no longer trust any large open source software system.

If I just stay away from open-source systems like Linux, won't that be enough? No, because every major OS (Windows and Android and Mac and iOS included) include open source software for you. And regardless of how big those companies are, they do not have the people to review and vet every line of source code in the packages they include.

Won't my anti-virus/anti-malware software detect threats like this? Nope. If the malware is done carefully, it'll just look like part of the system.

Aren't you being just a little bit paranoid? Yes. But then I was also around when the Morris Worm took over the net because of a back-door that was introduced by the actual author of the widely used & installed Sendmail program.

"Just because you're paranoid doesn't mean they aren't after you" -- Author Unknown

Some more details:

https://lcamtuf.substack.com/p/technologist-vs-spy-the-xz-backdoor

Edit history

Please sign in to view edit histories.

Recommendations

1 members have recommended this reply (displayed in chronological order):

Nittersing
6 replies = new reply since forum marked as read
Highlight: NoneDon't highlight anything 5 newestHighlight 5 most recent replies RecommendedHighlight replies with 5 or more recommendations
Backdoor found in widely used Linux utility breaks encrypted SSH connections [View all] Nittersing Mar 2024 OP
Updating. usonian Mar 2024 #1
Thank you!! Nittersing Mar 2024 #2
I think this is much worse than most reports would have you believe CloudWatcher Mar 2024 #3
Closed source proprietary software is also vulnerable to these sorts of attacks. hunter Apr 2024 #4
Not condoned, but expected! CloudWatcher Apr 2024 #5
Updates for this LPBBEAR Apr 2024 #6
Latest Discussions»Help & Search»Computer Help and Support»Backdoor found in widely ...»Reply #3
Home | Latest Discussions | Greatest Discussions | Latest Videos | All Forums

About | Copyright | Privacy | Terms of service | Contact

In Memoriam

© 2001 - 2025 Democratic Underground, LLC. Thank you for visiting.