Linux Mint Website and Forum Breached, Redirect to Modified Cinnamon Edition With Back Door

“I’m sorry I have to come with bad news,” wrote Clement Lefebvre, head of the Linux Mint project, before announcing Linux Mint suffered an intrusion; on February 20, “hackers made a modified Linux Mint ISO, with a backdoor in it, and managed to hack our website to point to it.” 

It’s not all Linux Mint, ranked by DistroWatch as the most popular Linux distribution for the last year, that were affected, but only the ISO for Linux Mint 17.3 Cinnamon edition downloaded from the site on Saturday. Lefebvre noted that other ISO releases downloaded from the site on Feb. 20 as well as the Cinnamon edition ISOs downloaded via torrents or a direct HTTP link should not be affected. 

If you downloaded the Cinnamon edition yesterday, then Lefebvre advised users to compare the MD5 signature. However, technologist Micah Lee seemed flabbergasted by that advice, since the attackers could have also changed the MD5 checksums. 

Nevertheless, if you installed the maliciously tainted edition, then Lefebvre said to take your PC offline, reinstall a clean version and then change your email and other passwords. 

The attackers breached the site via WordPress, Lefebvre admitted in a comment. “The hacked ISOs are hosted on 5.104.175.212 and the backdoor connects to absentvodka.com. Both lead to Sofia, Bulgaria, and the name of 3 people over there.”

....

Steve Ragan contacted me to say the config file for phpBB that was posted on Hacker News was copied from elsewhere as 'proof' by the hacker. Additionally, Tsunami isn't the name of the bot; “the code is called Kaiten, and it's been open source since about 2001.”

Read the article at Network World

It's worth noting that Linux was not hacked. It was rewritten and redirected to the counterfeit version.

Gas Pricing Apps

GasBuddy is an old favorite and gives you the most up-to-date gas prices wherever you may be in the U.S. or Canada. GasBuddy relies on users to update prices, who in turn have a chance to win $100 every day for adding prices. It also gives you a map so finding the lowest gas prices is easy. The app is free for all platforms.

Gas Guru gives you the lowest and closest gas prices. With Gas Guru, you can even search for the lowest fuel prices based on grades – even diesel. You can search using a list or you can view the app’s map to see your options. The app is free for Android and iOS and works with Apple Watch.

Using a smartphone’s location, the app called Fuel Finder will show you the closest gas stations and how much you can expect to pay at each. It, too, includes a map to make finding stations a breeze. You can even find stations that have ATMs or car washes. The app is $1.99 for Android.

Linux v. Windows

This comparison has been beaten to death by virtually every hack that ever learned how to turn on a computer. But I can't seem to let it go.

The arguments in favor of proprietary operating systems and software are almost understandable for the computer illiterate. But I am mystified by seasoned professionals who argue that Microsoft is superior.

It is clear from a cursory glance at statistics that free software powers the internet by factors of  >10. And this is for good reason - and at the root of my reason for writing this article. Linux just runs like a TANK. And virtually the only things that will stop it are the admin, a total power outage, or the Apocalypse!

Windows, on the other hand, is not only susceptible to any cold or flu bug that walks down the street five blocks away, and is the biggest target out there for anyone from a script kiddie to corporate espionage to international warfare, it is also its own worst enemy... and yours.

Nothing annoys me much more than when I need to do something on one of my machines and Windows tells me, "No. I need to update my software which ALWAYS requires a restart and you'll just have to wait until I'm done." Imagine that. Some bot from Silicon Valley takes over my machine and says I have to wait in line to use my property!

Linux has no horse pucky like this. Yes, it will tell you, the admin, that you need to update your system asap. But it will never commandeer your machine and tell you to wait in line! And updates very seldom require a reboot, and when they do you have the choice of when you will reboot. No waiting in line to use your own property.

Frankly, the only reason I keep Windows machines around are to use as benchmarks and comparisons for when I have to work on and repair other people's Windows machines when they are broken... and I get a lot of that. In fact, when I send a Linux machine out it never comes back. MacroCrap are in and out so much that my doors are my cooling system fans.