Heyo, it seems like the download pages still point to the hacked ISOs.Honestly, the only reason why I noticed is because I was downloading the ISOs in bulk using wget, I saw a strange IP address and the fact that it was a PHP file.
Beware Planet Earth Torrent Download [hack]
I downloaded and installed 17.3 with Xfce 2 days ago, but have already removed the ISO. I understand your claim that only the Cinnamon version was hacked, but would still feel much safer if I can run some checks to confirm my installation is virus-free. Is there any other way to do this?
Ok I started downloading it via torrent, but now stopped it until things are correct.I am concerned about sites I maintain via wordpress hosting, however my servers are on 1and1 so I think 1and1 keeps them pretty safe and I have security plugins, but my wordpress have been hacked before also, but not since beefing up wordpress security, 1and1 is good in shutting down the site if it is under attack and alerting me.Do you have your own server or is it hosted, maybe you should go to hosting that has more security ? Idk, now I must check my wordpress sites.
On the contrary, posting (known insecure) md5sums on the same (hacked) website (wordpress!) as the download link itself and not even providing secure https connections, is IMHO for the very least *grossly negligent* and hard to not interpret as a dead canary.
ty for the blog, i had no idea linuxmint was attacked. im glad also that you provide torrents thou i only use mate 17.2 and 17.3. prior to this attack i was not able to download any torrents on linuxmint.com for week or two. everyone should make the habit to check the md5 checksum. thats the way to go!!! viva mate!!!
I tried to read through everything, only saw one mention of the man-db under /var/libChecking for the man-cy, I do not have but I do have the man-db folder.New to linux here, found a distro that is pleasing, concerned about this hacked version.I had two events though that concerned me, on the 20th, navigate to Google.com and the site was blocking me, too many attempts or too many connections.Installed skype, was sending a file to my colleague and it indicated I was sending the file to two contacts, and further investigating this was showing to be the same contact waiting to receive, I figure this is a skype issue though.I have the ISO and install went fine, I am as I say new to linux and still have to learn how to do the MD5 check.Should I be concerned? ISO File date is from Feb 05-2016 so downloaded long before the 20th.REALLY liking this distro ? thank youHarlan
Another way to get a good image is to use the torrents. Check linuxtracker.org or tuxdistro.com for the Mint torrent files. Oh, and make sure they are torrents from before the hack in mid January, just in case the asshats try to seed a fake torrent. You can then use the above sha256 hashes (or the ones from the mirror Clem posted a link to) to verify the ISO image before installing it.
If you want to dabble with torrenting, make sure the content you download is safe and legal. To protect yourself and to stay completely anonymous online, we recommend you always use a VPN such as NordVPN.
The Pirate Bay is a behemoth in the torrenting world, bringing in tens of millions of visitors a month, with the same amount of files in their library, fast download speeds, and an easy-to-use interface.
YTS is hands-down the best torrenting website for movie enthusiasts. With over 75 million visits a month, a download speed of 3 to 4 MB/s, and flawless design, YTS is the go-to site for movie torrents.
Not only does YTS have a phenomenal interface, but the library on display is also impressive. It has millions of torrents, including rare, old titles in HD quality. The site also compresses all its downloads, so even if you have low bandwidth, you should be able to download them with ease.
LimeTorrents has a seamless interface and good seeder/leecher ratios on new torrents. It also boasts a download speed in the 3 to 4 MB/s range and has just under 20 million users a month across all mirrors. Moreover, it offers many search options.
This article has an educational purpose. We advise you against torrenting in general, just to be on the safe side. If you do torrent, however, make sure the files you download are shared legally in your country.
"Airbiquity Bolsters OTAmatic Security"(press coverage related to Uptane)Article Airbiquity, December 2018."How Cybersecurity Company Grimm Combats Car Hacking"Article In CyberDefense, November 2018."This personal server lets you keep your emails entirely in your control"Article Fast Company, October 2018."Who wears a white hat? To beef up vehicles' cyberattack defenses, differentiating friends from foes is key"Article Automotive News, October 2018."Automotive Cybersecurity: Open Source OTA, Crypto and Market"(press coverage related to Uptane)Article Auto Connected Car News, August 2018."NYU Tandon Joins Top Open-Source Initiative for Automotive Software and Cybersecurity"(press coverage related to our laband NYU joining the Linux Foundation)Article Business Insider, August 2018."Twenty-Two Organizations From AI, Automotive, Blockchain, Cloud and More Join The Linux Foundation and Invest in Open Source Technology."(press coverage related to our laband NYU joining the Linux Foundation)Article Business Insider, August 2018."How The Update Framework Improves Software Distribution Security."(press coverage related to TUF Uptane, and in-toto) Article eWeek, July 2018."Container and Kubernetes Security: It's Complicated."Article eSecurity Planet, June 2018."Tandon Grad Student Wins Awards for His Computer Science Research."(press coverage related to Atoms of Confusion)Article NYU School of Engineering, June 2018."Securing the container image supply chain."(press coverage related to in-toto)Article Linux Weekly News, May 2018."Automotive Cybersecurity."(press coverage related to Uptane)Article Auto Connected Car News, May 2018."Trump's decision to eliminate role of cybersecurity czar rattles experts. Here's why."Article NBC News, May 2018."Uber's self-driving cars to return to testing tracks"Article Teiss.co.uk, May 2018."Security in Kubernetes -- A Look at Different Projects" (press coverage related to TUF and in-toto) Article The New Stack, May 2018."Your smart speaker records you more often than you think"Article Science Line, April 2018."As cities get high-tech, hackers become more dangerous"Article Curbed, April 2018."A new package index for Python" (press coverage related toTUF) Article Linux Weekly News, April 2018."Exploring container security: Digging into Grafeas container image metadata" (press coverage related to in-toto) Article Google Cloud Platform Blog, April 2018."Urban Bungle: Atlanta Cyber Attack Puts Other Cities on Notice" Article Scientific American, April 2018."Marketing, Cyber Security Professors Weigh in on Cambridge Analytica Scandal" Article Washington Square News, March 2018."Lock-in-Pop: Securing Privileged Operating System Kernels byKeeping on the Beaten Path" (press coverage related to Lind) Article Lobste.rs, March 2018."Chryslers over-the-air update fiasco is limited to the Northeast, but customers are still waiting for a fix"Article The Verge, February 2018."Tisch Alumni Used Fake Bots to Boost Celebrity Status"Article Washington Square News, February 2018."Americans Concerned About Cybersecurity of Self-Driving Cars"Article Morning Consult, January 2018."Is Your Tech Spying On You?"Article The Sun, January 2018."Car hacking remains a very real threat as autos become ever more loaded with tech"Article USA Today (and dozens of others), January 2018."The Worst Healthcare Cybersecurity Breaches of 2017" Article Healthcare Analytics News, December 2017."An overview of KubeCon + CloudNativeCon" (press coverage related to TUF)Article LWN (Linux Weekly News), December 2017."Let's talk about the latest godawful cybersecurity plan" Article Science Line, December 2017."Terrorists 'could kill millions' by remotely hacking cars: experts" Article The New York Post, November 2017."Hackers can take control of cars with internet connectivity, warn experts"Article Moneycontrol, November 2017."Hackers can cause car accidents"Article Gears of Biz, November 2017."Hackers Now Able to Take Control of Cars to Cause Deliberate Accidents, Scientists Warn"Article Independent, November 2017."Cyber criminals working for enemy states could 'kill millions' by remotely hacking cars, warns expert"Article Daily Mail, November 2017."Hackers could take control of cars and kill millions, ministers warned"Article The Times, November 2017."Linux Foundation Taps Researcher's Security Framework as Standard for the Cloud" (press coverage related to TUF)Article NYU Tandon Press Release, November 2017."CNCF Adds Security, Service Mesh and Tracing Projects: Docker Notary, Lyft Envoy and Uber Jaeger" (press coverage related to TUF)Article InfoQ, October 2017."Two new open-source security projects are joining the Cloud Native Computing Foundation" (press coverage related to TUF)Article GeekWire, October 2017."The Cloud Native Computing Foundation adds two security projects to its open source stable" (press coverage related to TUF)Article TechCrunch, October 2017."Cloud Native Computing Foundation Adopts 2 Security Projects" (press coverage related to TUF)Article Enterprise Cloud News, October 2017."Japanese text" (press coverage related to TUF)Article Tech Crunch Japan, October 2017."Russian text" (press coverage related to TUF)Article NIXP, October 2017."La Cloud Native Computing Foundation cuenta ya con 14 proyectos" (press coverage related to TUF)Article Silicon, October 2017."SD Times news digest: CNCF's two new security projects" (press coverage related to TUF)Article SD Times, October 2017."Two new open-source security projects are joining the Cloud Native Computing Foundation" (press coverage related to TUF)Article World News, October 2017."Linux Foundation Messages to the Media: The Cloud Native Computing Foundation adds two security projects to its open source stable" (press coverage related to TUF)Article Tux Machines, October 2017."Two new open-source security projects are joining the Cloud Native Computing Foundation" (press coverage related to TUF)Article Tech Rights, October 2017."The Cloud Native Computing Foundation adds two security projects to its open source stable" (press coverage related to TUF)Article First World News Channel, October 2017."CNCF Brings in Notary, The Update Framework to Boost Container Security" (press coverage related to TUF)Article eWeek, October 2017."CNCF's Latest Projects TUF and Notary Aimed at Security" (press coverage related to TUF)Article SDxCentral, October, 2017."CNCF Brings Security to the Cloud Native Stack with Notary, TUF Adoption" (press coverage related to TUF)Article The New Stack, October 2017."Popular Science names two Brooklyn technologies among top 100 inventions of 2017" (press coverage related to Uptane)Article Technical.ly Brooklyn, October 2017."Cybersecurity Protocol that Fends off Automobile Hacks Named to Popular Science Magazine's List of Top 100 Technologies of the Year" (press coverage related to Uptane)Article Sys-Con, October 2017."The year's most important innovations in security" (Uptane named one of the top security innovations of 2017!)Article Popular Science, October 2017."The Quick Guide to Simple and Secure Automatic Updates" (press coverage related to TUF)Article Paragon, August 2017."If online, beware: fraudsters proliferate"Article The Beacon, August 2017. "Google rolls out important update for Gmail on iOS - here's why you should download it"Article Thai Tech, August 2017. "Trump Hotels Hacked -- Again"Article JetSet, August 2017. 2ff7e9595c
Comments