Groups | Search | Server Info | Login | Register

Groups > alt.os.linux.mint > #19964

Re: Hacker explains how he put "backdoor" in hundreds of Linux Mint downloads

From Mike Easter <MikeE@ster.invalid>
Newsgroups alt.os.linux.mint
Subject Re: Hacker explains how he put "backdoor" in hundreds of Linux Mint downloads
Date 2016-02-22 10:12 -0800
Message-ID <dj11d3FmjU1@mid.individual.net> (permalink)
References (1 earlier) <naepoh$jpa$1@dont-email.me> <dj0pmpFsf3mU1@mid.individual.net> <ercmcbdovl4bpdgd49l700gg99jcjqpfmt@7ax.com> <dj0t40Ftc51U1@mid.individual.net> <dj103hFu5u6U1@mid.individual.net>

Show all headers | View raw

Mike Easter wrote:
> The md5 for the .iso is given up in the top section where the link to
> the torrent and the release notes and announcement are found.
>
> Any time I download an .iso, I always check its md5 for the sole purpose
> of confirming a good download, not for thwarting a bogus .iso.
>
> The fact of md5 insecurity collision exploits is not important in that
> context.

The article sez: // The hacker then used their access to the site to 
change the legitimate checksum -- used to verify the integrity of a file 
-- on the download page with the checksum of the backdoored version. //

That 'strategy' doesn't make (much) sense to me.

If I'm understanding correctly, the md5 we are talking about is on the 
mint site, not at the Bulgarian bogus .iso site.  There are 3 legitimate 
.bg mirrors.  There is ONE md5 for ALL of the .iso/s at all of the 
mirrors all over the world.

So, the problem with changing the md5 is that EVERYONE downloading from 
all of those mirrors (other than the bogus .bg one) would get an md5 
mismatch which would call immediate attention to there being some kind 
of problem.

Few people would be downloading from the bad .bg; LOTS of people would 
be dl/ing from all the other mirrors and checking the md5 and finding 
things amiss and contacting 'Mint people' about the bad md5 opening the 
door to discovery of the hack.

-- 
Mike Easter

Back to alt.os.linux.mint | Previous | NextPrevious in thread | Next in thread | Find similar

Thread

Hacker explains how he put "backdoor" in hundreds of Linux Mint downloads Johnny <johnny@invalid.net> - 2016-02-22 03:44 -0600
  Re: Hacker explains how he put "backdoor" in hundreds of Linux Mint downloads TimW <tim@mysurname.me.uk> - 2016-02-22 11:03 +0000
    Re: Hacker explains how he put "backdoor" in hundreds of Linux Mint downloads Mike Easter <MikeE@ster.invalid> - 2016-02-22 08:01 -0800
      Re: Hacker explains how he put "backdoor" in hundreds of Linux Mint downloads FredW <fredw@ninmule.invalid> - 2016-02-22 17:31 +0100
        Re: Hacker explains how he put "backdoor" in hundreds of Linux Mint downloads Mike Easter <MikeE@ster.invalid> - 2016-02-22 08:59 -0800
          Re: Hacker explains how he put "backdoor" in hundreds of Linux Mint downloads Mike Easter <MikeE@ster.invalid> - 2016-02-22 09:50 -0800
            Re: Hacker explains how he put "backdoor" in hundreds of Linux Mint downloads Mike Easter <MikeE@ster.invalid> - 2016-02-22 10:12 -0800
          Re: Hacker explains how he put "backdoor" in hundreds of Linux Mint downloads FredW <fredw@ninmule.invalid> - 2016-02-22 19:29 +0100
            Re: Hacker explains how he put "backdoor" in hundreds of Linux Mint downloads Mike Easter <MikeE@ster.invalid> - 2016-02-22 10:43 -0800
              Re: Hacker explains how he put "backdoor" in hundreds of Linux Mint downloads FredW <fredw@ninmule.invalid> - 2016-02-22 20:08 +0100
                Re: Hacker explains how he put "backdoor" in hundreds of Linux Mint downloads Mike Easter <MikeE@ster.invalid> - 2016-02-22 11:53 -0800
            Re: Hacker explains how he put "backdoor" in hundreds of Linux Mint downloads "Cybe R. Wizard" <cybe_r_wizard@WizardsTower.invalid> - 2016-02-23 05:42 -0600
              Re: Hacker explains how he put "backdoor" in hundreds of Linux Mint downloads ronb <ronb02NOSPAM@gmail.com> - 2016-02-23 19:34 +0000
                Re: Hacker explains how he put "backdoor" in hundreds of Linux Mint downloads stepore <linshine@here.now> - 2016-02-23 20:59 -0800
              Re: Hacker explains how he put "backdoor" in hundreds of Linux Mint downloads stepore <linshine@here.now> - 2016-02-23 21:02 -0800
                Re: Hacker explains how he put "backdoor" in hundreds of Linux Mint downloads "Cybe R. Wizard" <cybe_r_wizard@WizardsTower.invalid> - 2016-02-24 00:50 -0600
          Re: Hacker explains how he put "backdoor" in hundreds of Linux Mint downloads Yrrah <Yrrah-aolm@aolm.invalid> - 2016-02-22 20:15 +0100
            Re: Hacker explains how he put "backdoor" in hundreds of Linux Mint downloads Johnny <johnny@invalid.net> - 2016-02-22 13:55 -0600
        Re: Hacker explains how he put "backdoor" in hundreds of Linux Mint downloads Andy <nospam@no.no> - 2016-02-22 21:57 +0000
      Re: Hacker explains how he put "backdoor" in hundreds of Linux Mint downloads Mike Easter <MikeE@ster.invalid> - 2016-02-22 08:49 -0800
      Re: Hacker explains how he put "backdoor" in hundreds of Linux Mint downloads stepore <linshine@here.now> - 2016-02-22 20:51 -0800
        Re: Hacker explains how he put "backdoor" in hundreds of Linux Mint downloads Mike Easter <MikeE@ster.invalid> - 2016-02-23 02:51 -0800

csiph-web