[solved] *hidden wasp* trojan attack in linux os

“CONTAINERS DO NOT CONTAIN” --Dan Walsh
https://fedorapeople.org/~dwalsh/Presentations/DockerSecurity/#/

2 Likes

if linux supported code-signing, and the script was signed by a trusted entity then this would be totally ok :slight_smile:

But yes, telling people to do that in install instructions is pretty “low effort” and dangerous.

Thing is, unless you check the sha sum every time you run the thing, you don’t know if it changed.

Unless you download it from a trusted source, you don’t know if the executable and/or the sha sum changed.

Code signature checking at the OS level handles this for you. And this is also why secure boot is a thing - its not just RAH RAH MICROSOFT ARE EVIL AND WANT TO STOP MY SHIT WORKING.

You need to establish a root of trust as soon as possible in the boot sequence and the BIOS (or as per Apple a secure enclave) is the ideal place for this.

2 Likes

This is why you always download from a trusted source.

Would think this is pretty obvious.

If you value security on your machine at all, you never download from un-trusted sources.

Then you don’t NEED code signature checking. Leaving security up to the OS is poor admin practice, and poor computer management period.

Nope…

I’d also add.

Even if you DO download it from a trusted source, you have no idea if the executable AND sha sum have changed unless you can confirm that the site has not been hacked. Sites get hacked and frequently not discovered for days/months. Knowing that “this site is definitely NOT hacked” is pretty impossible. It’s like trying to prove that god exists because no proof has been found that he doesn’t.

Code signing, if done properly, will assist with this, as it would require theft of the developer’s code-signing certificate, which should never be on the repository (or any other internet facing device).

Don’t confuse “adding a security tool to the toolkit” with “leaving security up to the OS”.

It’s a tool in the toolbox.

Security is inherently the repsonsibility of the OS anyway. Even the best admin in the world relies on the integrity of the AAA subsystem of any platform, and this is not really any different. You’re simply checking the validity of the executable rather than the validity of the user via user authentication.

It’s exactly the same concept. Do you perhaps believe that user accounts are “leaving the security up to the OS” and the end user should just run everything as root because “they should only download from trusted sources” and/or “should audit code before they run it”?

The attitude of “it’s leaving the security up to the OS and poor admin practice” is throwing the baby out with the bathwater…

It (leaving security to the end user/admin) has been proven for 30-40(+?) years not to work, and not practical in the real world because end users are not capable and do not have time to audit the code of everything they run, every time they run it.

3 Likes

Don’t deny it, running random code from the internet is rad.

2 Likes

so is russian roulette: do it at your own risk :man_shrugging:

go fork bomb yourself

1 Like

Oh boy are you gonna have fun round here…

That feels like every clap single clap topic clap on these forums. Like it is beyond being a funny joke when every post about X platforms results in Install linukcsx REEEEEE!

1 Like

Most application vendors for enterprise and alot of personal programs do give you the hash values on their websites, or somewhere. You can easily check those against the file you downloaded from them. if it doesn’t match, don’t use it. It’s that simple. This goes doubly so for most Linux applications.

I’ve read MULTIPLE articles where this is EASILY DONE. Code signing is plain and simple just not needed when you have multiple permissions in a system that is inherently designed to be secure anyway from the ground up like Linux.

No, it’s not. That’s why so many things in Linux has permissions. And there’s TONS of them. But that is the job of the ADMIN to set them up correctly.

No. Just no. And you know better about this community to use such a blatantly obvious troll.

No one said anything about leaving security up to the end user. And yes, I believe security should be left up to the admin. And they should be setting as many rules, and restrictions as possible.

This is a great video on container security that really can apply to sysadmin, or even everyday.

No one here, at all has said this. Why are you bringing this up? No end user should be doing this. But the admins should be. It’s literally their job to deal with security of their machines they are being paid to maintain.

1 Like

Um… this is mostly a community of people who run Linux. The main YouTube channel this is based on, is primarily a Linux loving channel. Get used to it.

2 Likes

ty for the video

But what does this really mean? How a regular user should always be 100% sure that the source is trusted. Who really decides that a given source is trusted. And what if the trusted source will be compromised and no one will quickly detect it?

A type of discussion, to whom at the end of the day we trust and recognize as trusted.

If I write the appropriate code and share it when and who will recognize me as a trusted source?
It’s easy to say “trusted source”. Worse, however, to define it and put it into circulation for ordinary users.

1 Like

No

3 Likes

@moderators please close this.

Trusted source means your repository and everything else should be untrusted

@anon27007628 All done with the thread?

1 Like