Language Selection

English French German Italian Portuguese Spanish

Annual Kaspersky Labs Fearmongering!

Merry Fearmongering!

Kaspersky Labs (maker of the infamous KAV for Windows), has started what I call their "annual fearmongering initiative".

It appears about this time of year, when they release their so-called "Look everyone! We found a proof of concept malware that does something nasty to *insert opensource solution name here*" press releases.

Obviously, this is designed to spread fear.
(If you know what you're doing in Linux, there's nothing to fear.)

Here's a friendly reminder...

This is from 2006.

The case of the non-viral virus
http://software.newsforge.com/article.pl?sid=06/04/10/2218210

Torvalds creates patch for cross-platform virus
http://software.newsforge.com/article.pl?sid=06/04/18/1941251

OpenOffice.org virus debunked by experts
http://software.newsforge.com/article.pl?sid=06/06/02/2136202

And for this year? (2007)

iPod virus scare stories are here
http://www.theinquirer.net/default.aspx?article=38767
(It involves Linux installed on iPod).

Notice how in BOTH cases:

(1) The malware in question are "proof of concept" ones!
Translation? They do NOTHING in real life! They don't spread by themselves. They do NOT do any widespread damage!

(2) They don't do anything until you run them with root privilages and the like. As in you intentionally or delibrately infect yourself! No one is THAT stupid!

(3) Kaspersky Labs were the only ones that happen to find this type of malware! It leads me to believe it is THEM who are delibrately writing this proof of concept nonsense to begin with!

(4) It involves opensource solutions.

While these tactics may work on the Windows crowd, don't expect the Linux crowd to fall for the same BS. Its not gonna work.

Let me end this post by suggesting you read this article.
(If you've read it before, I want you to remind yourself again this year.)

Can the malware industry be trusted?
http://software.newsforge.com/article.pl?sid=06/06/06/1832223

My response to Kaspersky...
Do you really think we're that stupid?

More in Tux Machines

XOD: A New And Open Source Visual Programming Language For Arduino, Raspberry Pi, Etc.

However, when it comes to hardware tinkering, programming knowledge is a must. To take care of this issue, developers have been trying to create what’s called visual programming languages. Many of them are already popular, including the likes of Node-Red and NoFlo, and others are budding. One such new visual programming language for Raspberry Pi, Arduino, and other development boards is XOD. In an email sent to Fossbytes, the creators of XOD programming language told that they’ve added graphical functionality and functional reactive principles. XOD language, XOD IDE, and library sources will be open sourced and published on GitHub once it’s launched. Read more

8 ways to contribute to open source when you have no time

One of the most common reasons people give for not contributing (or not contributing more) to open source is a lack of time. I get it; life is challenging, and there are so many priorities vying for your limited attention. So how can you find the time in your busy life to contribute to the open source projects you care about? In the interest of full disclosure, I should warn you that I was late getting this article to the editors because I couldn't find the time to work on it. Take my advice at your own risk. Read more

Norway register shares dataset tools as open source

Norway’ Brønnøysundregistrene (Brønnøysund Register Centre), the government agency managing many of the country’s public registers and digital information exchange systems, is developing a semantic catalogue which it will make available as open source software in autumn. The tools are intended for Norway’s public sector, that can use them to for task involving public and not-public datasets. Read more

Security: Brutal Kangaroo Targets Windows, Linux Updates Available, Reproducible Builds, and Patching Stack Clash

  • Brutal Kangaroo
    Today, June 22nd 2017, WikiLeaks publishes documents from the Brutal Kangaroo project of the CIA. Brutal Kangaroo is a tool suite for Microsoft Windows that targets closed networks by air gap jumping using thumbdrives. Brutal Kangaroo components create a custom covert network within the target closed network and providing functionality for executing surveys, directory listings, and arbitrary executables. The documents describe how a CIA operation can infiltrate a closed network (or a single air-gapped computer) within an organization or enterprise without direct access. It first infects a Internet-connected computer within the organization (referred to as "primary host") and installs the BrutalKangaroo malware on it. When a user is using the primary host and inserts a USB stick into it, the thumbdrive itself is infected with a separate malware. If this thumbdrive is used to copy data between the closed network and the LAN/WAN, the user will sooner or later plug the USB disk into a computer on the closed network. By browsing the USB drive with Windows Explorer on such a protected computer, it also gets infected with exfiltration/survey malware. If multiple computers on the closed network are under CIA control, they form a covert network to coordinate tasks and data exchange. Although not explicitly stated in the documents, this method of compromising closed networks is very similar to how Stuxnet worked. The Brutal Kangaroo project consists of the following components: Drifting Deadline is the thumbdrive infection tool, Shattered Assurance is a server tool that handles automated infection of thumbdrives (as the primary mode of propagation for the Brutal Kangaroo suite), Broken Promise is the Brutal Kangaroo postprocessor (to evaluate collected information) and Shadow is the primary persistence mechanism (a stage 2 tool that is distributed across a closed network and acts as a covert command-and-control network; once multiple Shadow instances are installed and share drives, tasking and payloads can be sent back-and-forth).
  • Security updates for Wednesday
  • Reproducible Builds: week 112 in Stretch cycle
  • 5 things you need to know about Stack Clash to secure your shared Linux environment
    The vulnerability is present in Unix-based systems on i386 and amd64 architectures. Affected Linux distributions include Red Hat, Debian, Ubuntu, SUSE, CentOS and Gentoo. Solaris is owned by Oracle. FreeBSD, OpenBSD and NetBSD are also impacted. Qualys has been working with distributions and vendors since May to get the vulnerabilities fixed, and the updates are just beginning to be released. Administrators need to act promptly to update affected machines with the security updates.