My Journey to Becoming a Linux End User on Linux Mint
-
@BRRABill said:
Even the hacker agrees (from an article on ZDNET)...
The hacker then used their access to the site to change the legitimate checksum -- used to verify the integrity of a file -- on the download page with the checksum of the backdoored version.
"Who the f**k checks those anyway?" the hacker said.
lol - even Scott said - do as I say, not as I do.. LOL
-
@johnhooks said:
I pretty much download ISOs from torrents if it's possible. It's faster, and these kinds of things don't happen.
You trust a torrent more than a site such as linuxmint?
-
@BRRABill said:
@johnhooks said:
I pretty much download ISOs from torrents if it's possible. It's faster, and these kinds of things don't happen.
You trust a torrent more than a site such as linuxmint?
Exactly - why would you trust a torrent more than a website download?
-
The torrent file comes from the website, then it builds from the seeders.
-
@johnhooks said:
The torrent file comes from the website, then it builds from the seeders.
What prevents the hacker from seeding a bad torrent?
-
@Dashrender said:
@johnhooks said:
The torrent file comes from the website, then it builds from the seeders.
What prevents the hacker from seeding a bad torrent?
They would be the only one seeding it.
Everything sent through a torrent is hashed, so they would somehow have to change everyone's copy of the ISO.
-
@johnhooks said:
@Dashrender said:
@johnhooks said:
The torrent file comes from the website, then it builds from the seeders.
What prevents the hacker from seeding a bad torrent?
They would be the only one seeding it.
Everything sent through a torrent is hashed, so they would somehow have to change everyone's copy of the ISO.
hack the page, call it a new version - seed the fake one to torrents - ok probably to many places to get caught.. but still possible.
-
@Dashrender said:
@johnhooks said:
@Dashrender said:
@johnhooks said:
The torrent file comes from the website, then it builds from the seeders.
What prevents the hacker from seeding a bad torrent?
They would be the only one seeding it.
Everything sent through a torrent is hashed, so they would somehow have to change everyone's copy of the ISO.
hack the page, call it a new version - seed the fake one to torrents - ok probably to many places to get caught.. but still possible.
Right, it would take so long for that to happen that it would kind of be useless. If you change the direct download ISO then you've got everyone who downloaded it. However that's not the case with the torrents.
There is also no guarantee that anyone will seed from you either. You could sit there all day and maybe only a couple people seed a few parts from you.
-
@Dashrender said:
@johnhooks said:
The torrent file comes from the website, then it builds from the seeders.
What prevents the hacker from seeding a bad torrent?
MD5 Checksumming
-
@scottalanmiller said:
@Dashrender said:
@johnhooks said:
The torrent file comes from the website, then it builds from the seeders.
What prevents the hacker from seeding a bad torrent?
MD5 Checksumming
I meant doing their own seed, not trying to replace the real one.
-
@Dashrender said:
@scottalanmiller said:
@Dashrender said:
@johnhooks said:
The torrent file comes from the website, then it builds from the seeders.
What prevents the hacker from seeding a bad torrent?
MD5 Checksumming
I meant doing their own seed, not trying to replace the real one.
Nothing prevents it and it is happening all the time.
-
@Dashrender said:
@scottalanmiller said:
@Dashrender said:
@johnhooks said:
The torrent file comes from the website, then it builds from the seeders.
What prevents the hacker from seeding a bad torrent?
MD5 Checksumming
I meant doing their own seed, not trying to replace the real one.
MD5 doesn't prevent them from doing it, it prevents anyone from downloading it. Torrents, as we know, are just random upload / download systems. You always checksum something coming from them.
-
@JaredBusch said:
Nothing prevents it and it is happening all the time.
It's what BT is best known for, in fact.
-
@scottalanmiller said:
@JaredBusch said:
Nothing prevents it and it is happening all the time.
It's what BT is best known for, in fact.
Only in your opinion.
-
@JaredBusch said:
@scottalanmiller said:
@JaredBusch said:
Nothing prevents it and it is happening all the time.
It's what BT is best known for, in fact.
Only in your opinion.
Well, my opinion too. Probably more out of ignorance, of the finer workings & uses, as I've never needed to download anything via BT. Most people that who use it, that I know (which isn't many), only use if for movies/TV shows.
-
Downloading images is pretty safe. If you download torrent file A from the website and then it's hacked and torrent file B is uploaded, you don't receive any pieces from file B. Whoever uploaded the second image would need to somehow use the exact same md5 hash for the new file as the old one. The program hashes each piece you download and compares the both the hash for the piece and the whole hash.
tl:dr you can't just rename a file and have people download it from you and mix it with the real file. And even if you could, they would have to get the one part that you changed from your file since you're the one seeding it. It would take forever to infect any real number of people.
-
Once again, the whole issue came from a WordPress insecurity.
-
How are people finding the BT tracker in the first place? from one placed on the WordPress site? right?
So the hackers put a new BT Tracker, along with a new MD5 hash on the site.. and awayyyyyyyy we go.
-
@Dashrender said:
How are people finding the BT tracker in the first place? from one placed on the WordPress site? right?
So the hackers put a new BT Tracker, along with a new MD5 hash on the site.. and awayyyyyyyy we go.
But they would only be seeding from each other. Anyone with the real file wouldn't get anything from them at all.
-
@johnhooks said:
@Dashrender said:
How are people finding the BT tracker in the first place? from one placed on the WordPress site? right?
So the hackers put a new BT Tracker, along with a new MD5 hash on the site.. and awayyyyyyyy we go.
But they would only be seeding from each other. Anyone with the real file wouldn't get anything from them at all.
Just like anyone who downloaded from the site before it was hacked would be safe, only those who start the BT after the hack would be affected by the new BT Tracker - that's all I was saying.
Anyone who downloaded the ISO direct the day before the hack isn't affected by the hacked version now.