Page 1 of 1

Huge Victory for Linux Ubuntu Distro and Kernel Users

Posted: Sat Mar 23, 2013 3:16 am
by ASmith
A customized kernel and distro of Linux Ubuntu is slated to become the Standard Operating System for the Billions across China.
This could potentially be quite big for Ubuntu and Linux in general. Canonical and the Chinese government have announced a collaboration to build a version of Ubuntu specifically for the Chinese market, which will become the reference architecture for standard operating systems in the country.

The first version will be released next month, and will be named Ubuntu Kylin. This first, initial version will already contain a number of China-specific tweaks, such as Chinese input methods and the Chinese calendar, and search support for the most popular Chinese music services will be built straight into the Dash, Ubuntu's global search thing. Future releases will expand to include integration with Baidu maps, the Taobao shopping service, Chinese payment processors, and local public transport information. The collaboration will move past desktops in the future.

"The release of Ubuntu Kylin brings the Chinese open source community into the global Ubuntu community," according to Mark Shuttleworth, "With Ubuntu Kylin, China now has its own secure and stable desktop operating system, produced alongside Ubuntu's global community. Ubuntu combines proven technology with a mature ecosystem and strong OEM and ISV partners, and this initiative allows the Joint Lab to bring those strengths to China across the full range of platforms: desktop, server, cloud, tablet and phone." [1]
The pros are pretty obvious, those being the Billions of new Linux Ubuntu users will be added to the Ubuntu community and the Kylin customisation will focus on security as well as stability.

The cons are not as obvious, those being Western State sponsored maleware, virus's and worms are almost certainly going to be created to target Chinese servers just as the same bad actors did the same to create Stuxnet, Duqu, Flame Virus's to target Microsoft OS inside Iran which have since been globally spread to Win-X users. Sadly, Linux distro's allegedly hadn't been the target of State sponsored maleware before and the vast majority of Linux users do not run rootkit checkers nor any antivirus application to make certain their system is as clean and secure as possible. This will likely change over the next few years as China fully embraces the Ubuntu Kylin OS and Western State agencys responds programming various keyloggers, virus and worms that specifically target the Linux Ubuntu OS which are bound to get into the global wild just as Stuxnet, Duqu and Flame virus's that targeted Win-x OS did from Iran to the rest of the world. [2][3][4][5]

References:

[1] Ubuntu Kylin to become the Standard Operating System for all of China http://www.osnews.com/story/26885/Ubunt ... _for_China
[2] Clam AntiVirus http://www.clamav.net/lang/en/download/ ... ges-linux/
[3] ClamTk Virus Scanner, A GUI front-end for ClamAV http://clamtk.sourceforge.net/
[4] Linux Detecting/Checking Rootkits with Chkrootkit and rkhunter http://www.cyberciti.biz/faq/howto-chec ... -software/
[5] Security Checker - Tiger https://taufanlubis.wordpress.com/2008/ ... ker-tiger/
[6] 20 Linux System Monitoring Tools Every SysAdmin Should Know http://www.cyberciti.biz/tips/top-linux ... tools.html

Re: Huge Victory for Linux Ubuntu Distro and Kernel Users

Posted: Sat Mar 23, 2013 4:54 am
by palo
Sounds like the beginning of the end of the secure Linux. So what are the Linux anti virus and anti rootkit options again? Thanks for listing them.

Pat

Re: Huge Victory for Linux Ubuntu Distro and Kernel Users

Posted: Sun Mar 24, 2013 2:39 am
by ASmith
palo wrote:Sounds like the beginning of the end of the secure Linux. So what are the Linux anti virus and anti rootkit options again? Thanks for listing them.

Pat
Thanks for your response Pat, yes sadly I took the article deeper into what the Cons end result is likely to entail of China switching massively over to Linux Ubuntu Kylin as their go-to computer operating system for Billions of Chinese users.

I'm excited that Billions of new global users will be using Linux and a Ubuntu based Kernel, that's a big plus. However the darker side (Cons) is that Western State agencys will design deadly maleware, virus's, keyloggers and rootkits to target Linux Ubuntu compatible systems in China and instead of some reclusive teen with a budget equal to the newest X-Box and very limited to injection points of infection, State Agency hackers have 100's of millions budgeted and a large staff to exploit software, hardware and firmware chips to spread their maleware thru dozens of entry points.

Linux users and Mint Community members should begin the habit of installing ClamAV [1][2] and optionally but recommended also install it's GUI interface TKClamAV to routinely run recursive scans weekly or from time to time. The AV engine is free as are the daily updates. ClamAV has routinely found problem files in my Win-X partition which none of my Win-X AV programs discovered. Recently the newest ClamAV engine found some suspicious files stored by my secondary browser cache (Opera) which some miscreant had slipped into a everyday webpage, they were located and easily deleted without problems.

I recommend Linux Mint users run the Tiger UNIX Security Tool as root to give you a overall look at any security problems over a wide range of checks which are all scripted and automated.

Although I have never found any reaction or positive find running Chkrootkit and/or rkhunter, I definitely recommend Linux Mint users do not avoid installing and running them from time to time. [3][4]

Often Western State Sponsored maleware place a very suspicious load on a infected system which can certainly help disclose a problem to a Linux Mint user who is paying careful attention to their standard load and execution times suddenly doubling or slowing down as the maleware payload connects to its remote database to upload its collection from your computer. A collection of system tools to help discover why the CPU load suddenly has increased or your computer experiences temporary periods of slow downs is useful in such cases. [5]

A worrisome addition by Western State Sponsored maleware has recently been a remote purge command which can be used to eliminate the maleware coding or in most cases to remotely cripple the computer completely. When X-Box kids decompile such a Western State Sponsored maleware and uncover the remote purge command, in a very short period of 48 hrs, thousands become aware of that exploit and begin crippling computers for their depraved fun. I have seen this personally and although the State Sponsored programmer thought the remote purge was hidden, it was uncovered and quickly exploited. Within days all kinds of questionable individuals were attempting to send the purge code globally.

I share your sadness in the loss of near invulnerability for Linux OS especially after dealing with the near tidal wave of maleware targeting my Win-X partitions, even the Apple OS has been progressively targeted lately. While there are certainly Linux targeted Virus's, Rootkits, Keyloggers and Maleware they have been relatively few and far between. In the near future as I mentioned in the original article, those times will be gone. Best be ready and prepared which is being smart.

References:

[1] Clam AntiVirus http://www.clamav.net/lang/en/download/ ... ges-linux/
[2] ClamTk Virus Scanner, A GUI front-end for ClamAV http://clamtk.sourceforge.net/
[3] Linux Detecting/Checking Rootkits with Chkrootkit and rkhunter http://www.cyberciti.biz/faq/howto-chec ... -software/
[4] Security Checker - Tiger https://taufanlubis.wordpress.com/2008/ ... ker-tiger/
[5] 20 Linux System Monitoring Tools Every SysAdmin Should Know http://www.cyberciti.biz/tips/top-linux ... tools.html

Re: Huge Victory for Linux Ubuntu Distro and Kernel Users

Posted: Mon Mar 25, 2013 2:00 am
by skywolfblue
More people exposed to linux is a good thing I guess.

My paranoid side whispers something about the chinese government eventually buying out canonical so that they can totally control the OS. And thus build whatever spyware/censorship stuff they want into the OS itself. But maybe that's a little silly of me.

Re: Huge Victory for Linux Ubuntu Distro and Kernel Users

Posted: Mon Mar 25, 2013 2:34 am
by catweazel
ASmith wrote:A customized kernel and distro of Linux Ubuntu is slated to become the Standard Operating System for the Billions across China.
The first version will be released next month, and will be named Ubuntu Kylin. This first, initial version will already contain a number of China-specific tweaks, such as formatting the hard disk when phrases containing "democracy" 民主, "Tienanmen masacre" 天安门事件 , "human rights" 人权, "communist dictatorship" 独裁 专政, "oppression" 镇压, "Dongzhou protests" 汕尾, "Dalai Lama" 达赖, "Tibetan independence" 藏獨 and "Playboy" 花花公子 are detected.
Corrected in the name of truth.

Re: Huge Victory for Linux Ubuntu Distro and Kernel Users

Posted: Mon Mar 25, 2013 2:35 am
by anandrkris
Welcome news that Linux is going to gain a lot of user. :D
Yes, security is a valid and real concern. As Linux user base expands, more exploits will be found and vulnerability is an eventuality which Linux community should be prepared for. Hopefully when such exploits are discovered, open source community can deploy immediate patches and advise users to upgrade.

Re: Huge Victory for Linux Ubuntu Distro and Kernel Users

Posted: Mon Mar 25, 2013 4:16 pm
by OldManHook
anandrkris wrote:Welcome news that Linux is going to gain a lot of user. :D
Yes, security is a valid and real concern. As Linux user base expands, more exploits will be found and vulnerability is an eventuality which Linux community should be prepared for. Hopefully when such exploits are discovered, open source community can deploy immediate patches and advise users to upgrade.


:?: :?: A re You Sure :?: They Can Buy Windows 7 for about $1.50 US,P S is free All kinds of Free Software,DVD's Can be found ...What's the Victory :?: ...Can't remember the name but they (Govt.) have a custom Ubuntu...

Re: Huge Victory for Linux Ubuntu Distro and Kernel Users

Posted: Mon Mar 25, 2013 8:01 pm
by d00med
Be careful with Tiger. It install loads of stuff like sendmail that ads extra layers of vulnerability.

Re: Huge Victory for Linux Ubuntu Distro and Kernel Users

Posted: Mon Mar 25, 2013 8:42 pm
by d00med
deleted

Re: Huge Victory for Linux Ubuntu Distro and Kernel Users

Posted: Mon Mar 25, 2013 10:37 pm
by anandrkris
OldManHook wrote:
anandrkris wrote:Welcome news that Linux is going to gain a lot of user. :D
Yes, security is a valid and real concern. As Linux user base expands, more exploits will be found and vulnerability is an eventuality which Linux community should be prepared for. Hopefully when such exploits are discovered, open source community can deploy immediate patches and advise users to upgrade.


:?: :?: A re You Sure :?: They Can Buy Windows 7 for about $1.50 US,P S is free All kinds of Free Software,DVD's Can be found ...What's the Victory :?: ...Can't remember the name but they (Govt.) have a custom Ubuntu...
I just reacted. :) At least name Ubuntu came in news.... :wink:

Re: Huge Victory for Linux Ubuntu Distro and Kernel Users

Posted: Tue Mar 26, 2013 2:44 am
by ASmith
Symantec finds Linux wiper malware used in S. Korean attacks

The Maleware targeted Win-X master boot records and contained a payload designed to erase a linux and/or unix partition as well as corrupt various Win-X files. [1]

It appears the linux maleware payload consisted of a Bash script which should be helpful for AV and anti-maleware programmers to quickly check and spot.

The size of the attack on S.Korean computers, banks and servers shows this was likely a State Sponsored attack which crippled South Korean banks and business's to the tune of dropping the Seoul Stock Market index a full 5% which would translate into many 100's of Millions of dollars in losses.

On S.Korean websites that were altered into a infector, the unknown attackers placed a iframe hack into the website which exploited the Internet Explorer Browsers using a vulnerability since July 2012 [6] which supposedly has been patched by Microsoft. Those infected websites then also spread the maleware payload further across S.Korean computer platforms. [1][2][3][4][5]

Israel/USA has been fingered and allegedly have admitted to having State engineered Stuxnet,Duqu,Flame virus's to attack Iran. One component of the Flame/Flamer dozens of payloads was the Skywiper to remotely erase a infected computer's files. That payload was apparently decompiled and then used against the Saudi Arabia petrochemical terminals which hiked the fuel prices in the West and USA and now that 'borrowed' payload appears to have found a home in this attack on South Korea. While I doubt the same bad State sponsors committed all of these cyberattacks, it is likely some rogue actors took the developed payload (Skywiper) and simply redirected it against Saudi Arabia and now against South Korea.[4] I hope folks that applauded,laughed and patted one another on the shoulders over the State sponsored cyberattacks against Iran are no longer laughing but realising how quickly even a digital virus comes back on the nation sponsoring them just as a biological virus would and often does.

References:

[1] Symantec finds Linux Wiper malware used in S.Korean attacks http://www.itworld.com/data-protection/ ... an-attacks
[2] Remote Linux Wiper Found in South Korean Cyber Attack http://www.symantec.com/connect/blogs/r ... ber-attack
[3] South Korean Banks, Media Companies Targeted by Destructive Malware https://blogs.mcafee.com/mcafee-labs/so ... ve-malware
[4] Guilherme Venere https://blogs.mcafee.com/author/guilherme-venere
[5] Analysis of Chinese attack against Korean banks https://blog.avast.com/2013/03/19/analy ... ean-banks/
[6] Microsoft Security Bulletin MS12-043 - Critical Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (2722479) https://technet.microsoft.com/en-us/sec ... n/ms12-043