Backdoor: Watumiaji wa linux distribution sasa tumefikiwa

[Cybergates]

Wakuu!

Wazee wa kutafuta vichaka vya kujifichia sasa tumefikiwa.

Nimekua nikitumia linux kama primary kernel kwenye laptop yangu kazi

Moja ya sababu ni usalama, kupinguza attack, virus etc zinazo sumbua kwenye windows os


Sasa kuanzia update ya trh 25 - 29 /3, red hat waligundua backdoor kwenye moja ya package( xz inatumika kufanya compression ya files)


Aliyekua maintainer wa hii package kwa mda sasa alikua hafanyi contributions, kama unavyo jua open source wewe ukiacha mwengine anafanya


Contributer wa sasa (Miaka miwili) moja ya latest update alizofanya kwenye hii package ni kuweka backdoor ambayo inampa remote access ya computer yako

Hii backdoor inafanya kazi kwa ku bypass openSSH key verification kuwezesha remote access


Sasa assume wewe ni senior engineer, attacker ameweza ku access laptop yako unayotumia kwenye production

Ana uwezo wa ku clone au ku access private codebase, ku download .env, docker files na pia aweze ku push changes kwenye database


Yani j3 ijayo kuna kampuni zilikua zinafungwa. Tuwe makini sana hamna sehemu salama 100%

 

[Binadamu Mtakatifu]

kwaiyo unatushauri turudi kwenye closed source like macos?

 

[Cybergates]

kwaiyo unatushauri turudi kwenye closed source like macos?

Hata huko hamna usalama.

 

[Smart911]

Ahsante kwa taarifa...


Cc: Mahondaw

 

[Teknocrat]

Ahsante kwa taarifa...


Cc: Mahondaw

Hebu tuambie mzee wa kupokea taarifa , hizo kernel ni vitu gani ?

 

[Kiranga]

Wakuu!

Wazee wa kutafuta vichaka vya kujifichia sasa tumefikiwa.

Nimekua nikitumia linux kama primary kernel kwenye laptop yangu kazi

Moja ya sababu ni usalama, kupinguza attack, virus etc zinazo sumbua kwenye windows os


Sasa kuanzia update ya trh 25 - 29 /3, red hat waligundua backdoor kwenye moja ya package( xz inatumika kufanya compression ya files)


Aliyekua maintainer wa hii package kwa mda sasa alikua hafanyi contributions, kama unavyo jua open source wewe ukiacha mwengine anafanya


Contributer wa sasa (Miaka miwili) moja ya latest update alizofanya kwenye hii package ni kuweka backdoor ambayo inampa remote access ya computer yako

Hii backdoor inafanya kazi kwa ku bypass openSSH key verification kuwezesha remote access


Sasa assume wewe ni senior engineer, attacker ameweza ku access laptop yako unayotumia kwenye production

Ana uwezo wa ku clone au ku access private codebase, ku download .env, docker files na pia aweze ku push changes kwenye database


Yani j3 ijayo kuna kampuni zilikua zinafungwa. Tuwe makini sana hamna sehemu salama 100%

Unatumia RHEL au Red Hat derived distro?

Stable?

 

[Cybergates]

Unatumia RHEL au Red Hat derived distro?

Stable?

RHEL 9. Hii ni primary DS kwenye machine za ofisini.

Lakini laptop yangu natumia kali 2022.3

 

[Kiranga]

RHEL 9. Hii ni primary DS kwenye machine za ofisini.

Lakini laptop yangu natumia kali 2022.3

Sasa Kali nayo wameipiga?

 

[Cybergates]

Sasa Kali nayo wameipiga?

Ndio toleo la 2024.1

Kuanzia update ya trh 25 hadi 29

 

[Kiranga]

Ndio toleo la 2024.1

Kuanzia update ya trh 25 hadi 29

Dah, kazi ipo.

I thought Kali was the security distro and therefore more insulated from this type of vulnerabilities.

 

[100 others]

Linux ni pana sana inakuja na flavours tofauti, hizo ubuntu, red hat, kali ni linux tu zote.

Sema hakuna sehemu salama.

 

[Cybergates]

Dah, kazi ipo.

I thought Kali was the security distro and therefore more insulated from this type of vulnerabilities.

Hatari sana

oss-security - backdoor in upstream xz/liblzma leading to ssh server compromise

www.openwall.com

 

[Cybergates]

Linux ni pana sana inakuja na flavours tofauti, hizo ubuntu, red hat, kali ni linux tu zote.

Sema hakuna sehemu salama.

Mkuu, huyu ali push backdoor kwenye codebase (kernal yenyewe) ya linux kabisa kupitia package ya xz

Haijalishi unatumia kali, ubuntu, mac etc. Kama engine ya distribution yoyote inatumia lunux tulikua tunaweza kuwa hacked,

Mfano asinge kundulika 90% server zote duniani zingekua hacked, kama zingepokea update mpya

 

[Kiranga]

Hatari sana

oss-security - backdoor in upstream xz/liblzma leading to ssh server compromise

www.openwall.com

Lakini unafikiri closed source ni salama zaidi? Au inatoa a false sense of security tu kukiwa na matatizo yanakuwa hayaonekano lakini yapo tu?

Which is better? Open or closed source?

 

[Kiranga]

Mkuu, huyu ali push backdoor kwenye codebase (kernal yenyewe) ya linux kabisa kupitia package ya xz

Haijalishi unatumia kali, ubuntu, mac etc. Kama engine ya distribution yoyote inatumia lunux tulikua tunaweza kuwa hacked,

Mfano asinge kundulika 90% server zote duniani zingekua hacked, kama zingepokea update mpya

Yeah.

But I was expecting Kali to be more scrutinized due to its security first reputation.

 

[Cybergates]

Lakini unafikiri closed source ni salama zaidi? Au inatoa a false sense of security tu kukiwa na matatizo yanakuwa hayaonekano lakini yapo tu?

Which is better? Open or closed source?

Swali gumu. Mimi binafsi huwa naamini hamna ufanisi kwenye kujitolea (Kufanya kazi bila malipo)

Mfano, Hii backdoor kabla haijawa pushed kwenye codebase ya RHEL, security engineers wa RH walikua wana jaribu ku fix bug zilizo sababishwa na na hii package, baada ya mda research wa RH walikuja kungundua bags zina tokana na backdoor aliyokua imewekwa kwenye .test/ directory ya hii package huyu jamaa


Upande mwingine engineers wa fedora DS alu push hii package baada ya maintainer kwenye codebase yao kwa simple commit message "lgmt"


Kuijumla, kama red hat ingekua free, security researcher halipwi hata yeye ange push tu kama fedora walivyofanya


Lkn kama niambiwa nichague, ningeenda na open kwa maana ya macho ya watu ni wengi. Pia hii backdoor imegundulika baada ya siku 5 ivi.

 

[Cybergates]

Yeah.

But I was expecting Kali to be more scrutinized due to its security first reputation.

Kuna rafiki yangu huwa ananiambia "errors happen"

 

[Kimwerymdodo5]

Wakuu!

Wazee wa kutafuta vichaka vya kujifichia sasa tumefikiwa.

Nimekua nikitumia linux kama primary kernel kwenye laptop yangu kazi

Moja ya sababu ni usalama, kupinguza attack, virus etc zinazo sumbua kwenye windows os


Sasa kuanzia update ya trh 25 - 29 /3, red hat waligundua backdoor kwenye moja ya package( xz inatumika kufanya compression ya files)


Aliyekua maintainer wa hii package kwa mda sasa alikua hafanyi contributions, kama unavyo jua open source wewe ukiacha mwengine anafanya


Contributer wa sasa (Miaka miwili) moja ya latest update alizofanya kwenye hii package ni kuweka backdoor ambayo inampa remote access ya computer yako

Hii backdoor inafanya kazi kwa ku bypass openSSH key verification kuwezesha remote access


Sasa assume wewe ni senior engineer, attacker ameweza ku access laptop yako unayotumia kwenye production

Ana uwezo wa ku clone au ku access private codebase, ku download .env, docker files na pia aweze ku push changes kwenye database


Yani j3 ijayo kuna kampuni zilikua zinafungwa. Tuwe makini sana hamna sehemu salama 100%

Hivi kernel ndio ina control the execution of processes...?

 

[Cybergates]

Hivi kernel ndio ina control the execution of processes...?

Sijaelewa sana ulicho maanisha. Kifupi ni kwamba kernal inaong'anisha OS na Hardware

Maelezo zaidi hapa

Linux Kernel - GeeksforGeeks

A Computer Science portal for geeks. It contains well written, well thought and well explained computer science and programming articles, quizzes and practice/competitive programming/company interview Questions.

www.geeksforgeeks.org

 

[Kimwerymdodo5]

Sijaelewa sana ulicho maanisha. Kifupi ni kwamba kernal inaong'anisha OS na Hardware
View attachment 2951132
Maelezo zaidi hapa

Linux Kernel - GeeksforGeeks

A Computer Science portal for geeks. It contains well written, well thought and well explained computer science and programming articles, quizzes and practice/competitive programming/company interview Questions.

www.geeksforgeeks.org

Okay