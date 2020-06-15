I remain rather disappointed and disillusioned about what happened after 1.0.4 was released. Two PRs in that release were soon seen to have side effects on more ‘marginal’ test systems, precisely what added testing could have revealed. An additional issue arose from changes in R’s make system, which is harder to anticipate or test. Each and every infelicity was fixed within a day or so, and we always make candidate releases available—the current Rcpp as of this writing is 1.0.4.12 meaning twelve microreleases were made since 1.0.4. And those microreleases are always available for normal download and install.packages use via the Rcpp drat repository accessible to all. So it was truly troubling to see some, especially those with experience in setting up or running testing / ci platforms, pretend to be unable to access, install, and provide these for their own tests, or the tests of their users. It just doesn’t pass a basic logic test: it takes a single call to install.packages(), or, even more easily, a single assignment of an auxiliary repo. All told this was a rather sad experience.

Threat to Windows and Linux cannot be really put in the same basket Twice in the space of three months, researchers from BlackBerry have put out studies pushing claims about malware and ransomware that is alleged to attack Linux, giving the impression that this operating system is also under as much threat as Windows. But both studies contained little to justify these conclusions; the second, issued in the first week of June, contained the word Linux thrice, in two sentences. One of these was the line: "Tycoon is a multi-platform Java ransomware targeting Windows and Linux that has been observed in-the-wild since at least December 2019." And the other was: "The malicious JRE build contains both Windows and Linux versions of this script, suggesting that the threat actors are also targeting Linux servers." The rest of the study, that runs to about 1500 words (not counting text in illustrations and tables), was solely about the Windows version of what the researchers claimed was a new form of ransomware known as Tycoon. The earlier study, issued in April, claims that groups connected to China were targeting Linux servers with malware, with the claim resting on the reported discovery of a previously unidentified Linux malware toolset which included two kernel-level rootkits that made it difficult to identify executables. But the study contained no information as to how this malware gained a foothold on these servers, surely an important step in the attack process. On asking, this response was elicited: "The rootkits were installed by way of an interactive bash script, which in some cases reached out to an online build server to determine particulars about the target system (distro, kernel version, etc) before delivering a bespoke rootkit and backdoor." The vulnerabilities in the Linux kernel that were remotely exploited in this manner were not specified; it must be noted that such a class of flaws are very rare for Linux. The reply added: "There are several ways in which the installation script could have landed on the server, including brute force SSH attack (a technique reportedly used by the botnet to spread itself), physical access to the server (espionage operations are not always exclusively digital), or any other of the myriad ways in which admin credentials for servers are compromised and then used to log in."