Linux infection proves Windows malware monopoly is over
Robert Brockway
robert-5LEc/6Zm6xCUd8a0hrldnti2O/JbrIOy at public.gmane.org
Fri Jun 18 22:21:53 UTC 2010
On Mon, 14 Jun 2010, Michael Lauzon wrote:
> Well, isn't this an interesting turn of events:
> "If you downloaded and installed the open-source Unreal IRC server in
> the last 8 months or so, you’ve been pwned. Here’s the official
> announcement:
This isn't the first time this has happened. It happened with a version
of OpenSSH once and has happened a few times with various distros. This
is the principal reason why md5 hashes for downloads are displayed and
checked.
These days integrity checking is done on packages for most distros which
will prevent this as long as the verifying server hasn't been compromised
as well. This comes down to good security practices.
It's rather unfortunate that the application was compromised for so long
but methods to avoid this problem have been in use for a couple of
decades, so maybe they need to pick up their game (and probably will now
:) ).
Rob
--
Email: robert-5LEc/6Zm6xCUd8a0hrldnti2O/JbrIOy at public.gmane.org Linux counter ID #16440
IRC: Solver (OFTC & Freenode)
Web: http://www.practicalsysadmin.com
Open Source: The revolution that silently changed the world
More information about the Legacy
mailing list