Skip to content

Posts from the ‘Linux’ Category

Warning! Linux Mint – Multiple hacks.

The Linux Mint blog announces that the project’s web site was compromised and made to point to a backdoored version of the distribution. It is advised that if you did download an ISO on the 20th, then you avoid using it.

If you are a forum user it is advised that you change your passwords, especially if it is a shared password on other sites.

The following information was posted on the Linux Mint blog with regards to hacked ISOs:

Beware of hacked ISOs if you downloaded Linux Mint on February 20th!

I’m sorry I have to come with bad news.

We were exposed to an intrusion today. It was brief and it shouldn’t impact many people, but if it impacts you, it’s very important you read the information below.

What happened?

Hackers made a modified Linux Mint ISO, with a backdoor in it, and managed to hack our website to point to it.

Does this affect you?

As far as we know, the only compromised edition was Linux Mint 17.3 Cinnamon edition.

If you downloaded another release or another edition, this does not affect you. If you downloaded via torrents or via a direct HTTP link, this doesn’t affect you either.

Finally, the situation happened today, so it should only impact people who downloaded this edition on February 20th.

How to check if your ISO is compromised?

If you still have the ISO file, check its MD5 signature with the command “md5sum yourfile.iso” (where yourfile.iso is the name of the ISO).

The valid signatures are below:

6e7f7e03500747c6c3bfece2c9c8394f linuxmint-17.3-cinnamon-32bit.iso
e71a2aad8b58605e906dbea444dc4983 linuxmint-17.3-cinnamon-64bit.iso
30fef1aa1134c5f3778c77c4417f7238 linuxmint-17.3-cinnamon-nocodecs-32bit.iso
3406350a87c201cdca0927b1bc7c2ccd linuxmint-17.3-cinnamon-nocodecs-64bit.iso
df38af96e99726bb0a1ef3e5cd47563d linuxmint-17.3-cinnamon-oem-64bit.iso
If you still have the burnt DVD or USB stick, boot a computer or a virtual machine offline (turn off your router if in doubt) with it and let it load the live session.

Once in the live session, if there is a file in /var/lib/man.cy, then this is an infected ISO.

What to do if you are affected?

Delete the ISO. If you burnt it to DVD, trash the disc. If you burnt it to USB, format the stick.

If you installed this ISO on a computer:

Put the computer offline.
Backup your personal data, if any.
Reinstall the OS or format the partition.
Change your passwords for sensitive websites (for your email in particular).
Is everything back to normal now?

Not yet. We took the server down while we’re fixing the issue.

Who did that?

The hacked ISOs are hosted on 5.104.175.212 and the backdoor connects to absentvodka.com.

Both lead to Sofia, Bulgaria, and the name of 3 people over there. We don’t know their roles in this, but if we ask for an investigation, this is where it will start.

What we don’t know is the motivation behind this attack. If more efforts are made to attack our project and if the goal is to hurt us, we’ll get in touch with authorities and security firms to confront the people behind this.

If you’ve been affected by this, please do let us know.

The following information was posted on the Linux Mint blog with regards to the compromised databases:

All forums users should change their passwords.
It was confirmed that the forums database was compromised during the attack led against us yesterday and that the attackers acquired a copy of it. If you have an account on forums.linuxmint.com, please change your password on all sensitive websites as soon as possible.

The database contains the following sensitive information:

Your forums username
An encrypted copy of your forums password
Your email address
Any personal information you might have put in your signature/profile/etc…
Any personal information you might written on the forums (including private topics and private messages)
People primarily at risk are people whose forums password is the same as their email password or as the password they use on popular or sensitive websites. Although the passwords cannot be decrypted, they can be brute-forced (found by trial) if they are simple enough or guessed if they relate to personal information.

Out of precaution we recommend all forums users change their passwords.

While changing your passwords, please start with your email password and do not use the same password on different websites.

Xfce compositing and compton keyboard shortcut toggle

In a previous post we addressed a simple way of enabling and disabling compositing in Xfce using a shell script. In this post we discuss how to do the same with compton, as well as some additions made to the original script.

So, without further ado, the relevant code:

For compton:

#!/bin/sh
if [ `pidof compton` ]; then
	# Comment the line below to disable notifications
	notify-send -t 400 'Disabled compton' --icon=video-display
	# Kill compton
	killall compton
else
	# Comment the line below to disable notifications
	notify-send -t 400 'Enabled compton' --icon=video-display
	# Start compton as a daemon
	compton -b
fi
exit

The difference here is that it will send a message to the notification daemon. This line may be commented out (or deleted) by those who wish not to have that feature.

To achieve the same for XFWM4 compositing, we must change our old script to the following:

#!/bin/sh
status=$(xfconf-query -c xfwm4 -p /general/use_compositing)
xfconf-query -Tc xfwm4 -p /general/use_compositing
# Comment the lines below to disable notifications
if [ $status = "false" ]; then
	notify-send -t 400 'Enabled compositing' --icon=video-display
else
	notify-send -t 400 'Disabled compositing' --icon=video-display
fi
exit

As before, name the file whatever you wish (I named mine compositing.sh), mark it executable with chmod u+x compositing.sh and assign it as a keyboard shortcut.

Xfce – Set a keyboard shortcut for compositing toggle

I use Xfce as my primary desktop environment, and recently, I found the need to disable and enable compositing on a regular basis. This led to my search for a way to do this via keyboard shortcuts, as it was quite inconvenient to have to open the Window Manager Tweaks GUI each time to simply toggle a check box.

So, I discovered xfconf-query, and upon some further reading, came to this as the quickest possible way of doing it via the command line:

xfconf-query -Tc xfwm4 -p /general/use_compositing

Create file compositing.sh using the editor of your choice, with the following content:

#!/bin/sh
xfconf-query -Tc xfwm4 -p /general/use_compositing

Make the file executable:

chmod u+x compositing.sh

Now open Menu > Settings > Keyboard > Application shortcuts > Add

Voila! Enjoy switching compositing on and off as and when you need to.

Linux Voice – Crowd funding

Linux Voice – A new magazine currently seeking crowd funding.

As a long time reader of the Linux Format magazine, a brilliant read, I was quite shocked to find out that some key members of this magazine had left. They also had a pretty entertaining podcast on TuxRadar.com, where they made their announcement to leave linux format on the last episode of their podcast there.

However, do not despair! Those that did leave decided to start a new magazine/podcast, called Linux Voice, which has been a very pleasant surprise. The guys are currently running a crowdfund on their Indiegogo page, any pledges will be welcome I’m sure.

The project sounds good to me, considering the magazines in the past had shareholders and bosses to please, this new format should give them more freedom and we should see even better content. I personally can’t wait and wish the guys success in this project.

Find out more on their website and their Indiegogo page, both of which are linked above.

Google acquires Motorola Mobility

Google Inc. (NASDAQ: GOOG) and Motorola Mobility Holdings, Inc. (NYSE: MMI) yesterday announced that they have entered into a definitive agreement under which Google will acquire Motorola Mobility for $40.00 per share in cash, or a total of about $12.5 billion, a premium of 63% to the closing price of Motorola Mobility shares on Friday, August 12, 2011. The transaction was unanimously approved by the boards of directors of both companies.

The acquisition of Motorola Mobility, a dedicated Android partner, will enable Google to supercharge the Android ecosystem and will enhance competition in mobile computing. Motorola Mobility will remain a licensee of Android and Android will remain open. Google will run Motorola Mobility as a separate business.

Larry Page, CEO of Google, said, “Motorola Mobility’s total commitment to Android has created a natural fit for our two companies. Together, we will create amazing user experiences that supercharge the entire Android ecosystem for the benefit of consumers, partners and developers. I look forward to welcoming Motorolans to our family of Googlers.”

Sanjay Jha, CEO of Motorola Mobility, said, “This transaction offers significant value for Motorola Mobility’s stockholders and provides compelling new opportunities for our employees, customers, and partners around the world. We have shared a productive partnership with Google to advance the Android platform, and now through this combination we will be able to do even more to innovate and deliver outstanding mobility solutions across our mobile devices and home businesses.”

Andy Rubin, Senior Vice President of Mobile at Google, said, “We expect that this combination will enable us to break new ground for the Android ecosystem. However, our vision for Android is unchanged and Google remains firmly committed to Android as an open platform and a vibrant open source community. We will continue to work with all of our valued Android partners to develop and distribute innovative Android-powered devices.”

The transaction is subject to customary closing conditions, including the receipt of regulatory approvals in the US, the European Union and other jurisdictions, and the approval of Motorola Mobility’s stockholders. The transaction is expected to close by the end of 2011 or early 2012.

Source

Google now have in their hands a hardware manufacturer. Google have reiterated that they remain committed to the android platform and hope to continue working with their partners, as seen in this statement from Larry Page (CEO of Google) on the official google blog:

This acquisition will not change our commitment to run Android as an open platform. Motorola will remain a licensee of Android and Android will remain open. We will run Motorola as a separate business. Many hardware partners have contributed to Android’s success and we look forward to continuing to work with all of them to deliver outstanding user experiences.

No doubt this acquisition will be worrying for hardware manufacturers who are part of the open handset alliance, it will definitely be interesting to see how this acquisition will affect Android’s hardware partners.

This acquisition also means that Google will have access to more intellectual property thus strengthening their patent portfolio. It is probable that the main reason for this acquisition was to obtain defensive patents rather than Google’s interests in manufacturing hardware for the android platform.

Thus the patent war continues.

The Humble Indie Bundle #3 Is Live

The Humble Indie Bundle #3 is officially live.

You can get 5 classic indie games: Crayon Physics Deluxe, Cogs, Hammerfight, VVVVVV and And Yet It Moves for whatever price you want while helping the Child’s Play Charity and the Electronic Frontier Foundation.

The games being cross-platform mean that they work natively on Linux Mac OS X, and Windows. All games are DRM free, so you can install them as many times as you like and even redeem them on Steam and Desura.

So what’s stopping you? Get your hands on some games and support some good causes in the process.

NinjaVideo.net + Linux

DivX streaming from Ninjavideo.net on windows was simple enough with the installation of the DivX web player. On linux, the old mplayerplug-inused to work fine when used with a greasemonkey script. Recently however this was depreciated in debian testing, and replaced with gecko-mediaplayer.

With the removal of the old mplayerplug-in for firefox, things stopped working! The videos would not load with gecko-mediaplayer (which uses gnome-mplayer rather than mplayer), and so after some investigation I was able to find a bug report where someone was having similar issues.

It appears to have been fixed in the latest release, but it is not yet in the debian repos. So in order to start using ninjavideo again, you need to compile gnome-mplayer an gecko-mediaplayer. I have keep all my source files in $HOME/src dir simply because it’s easier to manage. You can stick to your habits, or follow the instructions below.


sudo aptitude build-dep gnome-mplayer
sudo aptitude build-dep gecko-mediaplayer
cd ~/src
wget http://gnome-mplayer.googlecode.com/files/gnome-mplayer-0.9.9.2.tar.gz
wget http://gecko-mediaplayer.googlecode.com/files/gecko-mediaplayer-0.9.9.2....
tar xzfv gnome-mplayer-0.9.9.2.tar.gz
tar xzfv gecko-mediaplayer-0.9.9.2.tar.gz

First let’s compile gnome-mplayer:

cd gnome-mplayer-0.9.9.2
./configure
make
sudo make install

Then, gecko-mediaplayer:

cd gnome-mplayer-0.9.9.2
./configure
make
sudo make install

And that’s it, you’re done! Restart firefox, remove/disable any conflicting plugins (e.g. totem, vlc) and ninjavideo should be running as it was!

CentOS5 – yum – cElementTree – Python

So you updated using yum, and lo and behold yum is no longer working. An attempt to use yum gives you the following:


$ yum
There was a problem importing one of the Python modules
required to run yum. The error leading to this problem was:

No module named cElementTree

Please install a package which provides this module, or
verify that the module is installed correctly.

It's possible that the above module doesn't match the
current version of Python, which is:
2.4.3 (#1, Jul 27 2009, 17:57:39)
[GCC 4.1.2 20080704 (Red Hat 4.1.2-44)]

If you cannot solve this problem yourself, please go to
the yum faq at:
http://wiki.linux.duke.edu/YumFaq

I had this error on a CentOS5 VPS. Now, the fix for this is simple enough. It involves removal of some packages, then re-installing those packages we removed.


rpm -e yum yum-fastestmirror python-urlgrabber python-sqlite python-elementtree
wget http://mirror.centos.org/centos/5/os/i386/CentOS/yum-3.2.22-20.el5.cento...
wget http://mirror.centos.org/centos/5/os/i386/CentOS/yum-fastestmirror-1.1.1...
wget http://mirror.centos.org/centos/5/os/i386/CentOS/python-urlgrabber-3.1.0...
wget http://mirror.centos.org/centos/5/os/i386/CentOS/python-sqlite-1.1.7-1.2...
wget http://mirror.centos.org/centos/5/os/i386/CentOS/python-elementtree-1.2....
rpm -i yum-3.2.22-20.el5.centos.noarch.rpm yum-fastestmirror-1.1.16-13.el5.centos.noarch.rpm python-urlgrabber-3.1.0-5.el5.noarch.rpm python-sqlite-1.1.7-1.2.1.i386.rpm python-elementtree-1.2.6-5.i386.rpm

Of course bear in mind the architecture and versions (depends when you are reading this post!) of the files.

This should get you up and running again.