Slashdot Mirror
Korean Mozilla Binaries Infected
Magnus writes "Korean distributions of Mozilla and Thunderbird for Linux were infected with Virus.Linux.RST.b. This virus searches for executable ELF files in the current and /bin directories and infects them. It also contains a backdoor, which downloads scripts from another site, and executes them, using a standard shell."
That's odd... I learned here that Mozilla is clearly more responsive to security bugs than Microsoft. What gives?
"Ask not what your country can do for you." --John F. Kennedy
What's that sound? Uh-oh...that's the sound of the other shoe dropping.
Unfortunately, as Linux continues to gain popularity, this sort of thing is only going to increase. One of the basic reasons Linux used to be so secure is because anyone who took the time to sit down and learn the OS was technically savvy enough by the time they were done that they knew enough to take at least elementary precautions against infection. With the advent of easy to use, out-of-the-box Linux solutions (Xandros, I'm looking at you), the formerly steep learning curve for Linux has softened, and with that, some of its security has eroded.
Please don't think I'm trying to bill myself as some sort of Linux zealot, that believes that the holy OS should be kept out of the hands of the 'great unwashed', because I'm not. I'm just saying that a computer is only as secure as the person sitting at the keyboard lets it be.
____
~ |rip/\/\aster /\/\onkey
So what? The binaries on the Mozilla site were infected. Big deal. If you downloaded the source tarball and built it yourself, you would have a clean copy. Likewise, if you downloaded the binary package from your Linux distributor, you would have a clean copy {since they compile the sources themselves, and just make the appropriate tweaks to make it fit in better with their distro}.
If you download untrustworthy binaries, you're a twat, and you deserve everything that happens to you. It might teach you a lesson. What earthly good is a door with multipoint locking and over a billion key differs, if you go inviting random strangers off the street into your home?
Je fume. Tu fumes. Nous fûmes!
Hah, should keep some Koreans busy fixing it then, instead of sending me spam!
#include <sig.h>
Too bad my _important_ personal files read/writable by any infected binary I run.
Linux has really poor security. Currently Linux security consists of lusers repeating the mantra "I don't run as root, so I'm safe." Not running as root offers a little protection to the _other_ lusers on you system, because an infected binary (unless it is suid root, and many of them are) can't take them all out once. That's cold comfort to the person who does have all their files wiped out.
This is a ludicrous statement.
A system where apps have to be signed in order for the app to be deployable on an OS would make that OS a totally closed and a private shop. No developer would be allowed to develop apps for the OS unless some central body deems it in their interest.
In this case, if the story is true, it may have made no difference, as the files were on Mozilla's own FTP site. Even if the app was signed, it may be that the files were infected as they were being built. In other words if Mozilla were signing their apps, they could have been signed with Mozilla's trusted certificate and still be infected with the virus.
I think it's yet another example of how Amateurish open source development can be. It's totally unforgivable for any professional software organisation to distribute apps infected with a virus, neverlone such a major vendor.
Slashdot's moderating has really gone steeply down hill of late there's no way this should be a 5.