Language Selection

English French German Italian Portuguese Spanish

Linux is as secure as ever

Filed under
Linux
Security

There have been several stories proclaiming that a recent Linux infection proves Windows malware monopoly is over and that Think Linux is free from malware? Think again; it's been hacked. Much as it pains me to disagree with the good people, they're wrong.

Here's what really happened. UnrealIRCd, a rather obscure open-source IRC (Internet Relay Chat) server, wasn't so much hacked as the program it was letting people download has been replaced by one with a built-in security hole.

Let me spell it out for you. Even before this latest fiasco, no one who cares about security was letting IRC clients or servers run on their systems. It's always been too easy to abuse.

In this particular case, the group behind UnrealIRCd were just dumb about tracking their own program. Clearly, they never bothered to check their own code. The users, by virtue of the fact that they were running IRC in the first place, don't get any prizes for being bright either. After all, they were running IRC: Case closed.

Rest Here




How much more malware is lurking

zdnet.com: The revelation that the open-source Unreal IRC server download has been infected with malware for some eight months is pretty worrying. But the added discovery that this Trojan horse made its way into the Gentoo distro is real reason for the Linux community to re-examine how trusted repositories are handled.

Rest Here

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

today's leftovers

Graphics News

More of today's howtos

GNOME News: Black Lab Drops GNOME and Further GNOME Experiments in Meson

  • Ubuntu-Based Black Lab Enterprise Linux 11.0.1 Drops GNOME 3 for MATE Desktop
    Coming about two weeks after the release of Black Lab Enterprise Linux 11, which is based on the Ubuntu 16.04.2 LTS (Xenial Xerus) operating system using the HWE (hardware enablement) kernel from Ubuntu 16.10 (Yakkety Yak), Black Lab Enterprise Linux 11.0.1 appears to be an unexpected maintenance update addressing a few important issues reported by users lately.
  • 3.26 Developments
    My approach to development can often differ from my peers. I prefer to spend the early phase of a cycle doing lots of prototypes of various features we plan to implement. That allows me to have the confidence necessary to know early in the cycle what I can finish and where to ask for help.
  • Further experiments in Meson
    Meson is definitely getting more traction in GNOME (and other projects), with many components adding support for it in parallel to autotools, or outright switching to it. There are still bugs, here and there, and we definitely need to improve build environments — like Continuous — to support Meson out of the box, but all in all I’m really happy about not having to deal with autotools any more, as well as being able to build the G* stack much more quickly when doing continuous integration.