Linux Mint Forums Back After Double Attack

Releases and other announcements.
Please don't post support questions here
Forum rules
Section reserved for the team. You can reply to announcements here but not post new topics. Do not add support questions to threads here, use the appropriate support forum instead.
Cosmo.
Level 24
Level 24
Posts: 22968
Joined: Sat Dec 06, 2014 7:34 am

Re: Linux Mint Forums Back After Double Attack

Post by Cosmo. »

mdiemer wrote:True, but what if someone has a keystroke program and steals it that way? Then all they have to do is go to your manager and get everything they want.
In the case you cannot control what happens on your machine you should better not use a computer at all. And no smart tv or anything else which uses the Internet of Things.
User avatar
Spearmint2
Level 16
Level 16
Posts: 6900
Joined: Sat May 04, 2013 1:41 pm
Location: Maryland, USA

Re: Linux Mint Forums Back After Double Attack

Post by Spearmint2 »

Cosmo. wrote:
mdiemer wrote:True, but what if someone has a keystroke program and steals it that way? Then all they have to do is go to your manager and get everything they want.
In the case you cannot control what happens on your machine you should better not use a computer at all. And no smart tv or anything else which uses the Internet of Things.
to check for a keylogger, type a distinct line of text (xyzxyzxyzxyz) and save as a file. Run a FIND on the string of Text, or use the Search function the string of text and have it search the entire drive for that text string in every file. If you find it in more than one file, you probably discovered a keylogger file. If it doesn't even find the text file, then you did something wrong. Use unusual words in the text string you save to file.
All things go better with Mint. Mint julep, mint jelly, mint gum, candy mints, pillow mints, peppermint, chocolate mints, spearmint,....
mdiemer

Re: Linux Mint Forums Back After Double Attack

Post by mdiemer »

Cosmo. wrote:
mdiemer wrote:True, but what if someone has a keystroke program and steals it that way? Then all they have to do is go to your manager and get everything they want.
In the case you cannot control what happens on your machine you should better not use a computer at all. And no smart tv or anything else which uses the Internet of Things.
I intend to have nothing to do with the Internet of things. Technology is getting ridiculous. They try to convince us it's all meant to improve our loves. It's really meant to suck our wallets dry.
mdiemer

Re: Linux Mint Forums Back After Double Attack

Post by mdiemer »

Spearmint2 wrote:
Cosmo. wrote:
mdiemer wrote:True, but what if someone has a keystroke program and steals it that way? Then all they have to do is go to your manager and get everything they want.
In the case you cannot control what happens on your machine you should better not use a computer at all. And no smart tv or anything else which uses the Internet of Things.
to check for a keylogger, type a distinct line of text (xyzxyzxyzxyz) and save as a file. Run a FIND on the string of Text, or use the Search function the string of text and have it search the entire drive for that text string in every file. If you find it in more than one file, you probably discovered a keylogger file. If it doesn't even find the text file, then you did something wrong. Use unusual words in the text string you save to file.
Thank you, that's great information to know.
I spent time yesterday devising a better password, and came up with a 19 character sequence I am confident no one will crack. I can generate it out of my head, though it takes some thinking. So I won't have to write it down. I could use this with a password manager, or add characters for specific sites. Still considering the options. This whole hack thing has been a real wake up call.
1.618

Re: Linux Mint Forums Back After Double Attack

Post by 1.618 »

Spearmint2 wrote:
to check for a keylogger, type a distinct line of text (xyzxyzxyzxyz) and save as a file. Run a FIND on the string of Text, or use the Search function the string of text and have it search the entire drive for that text string in every file. If you find it in more than one file, you probably discovered a keylogger file. If it doesn't even find the text file, then you did something wrong. Use unusual words in the text string you save to file.
Handy little trick but it will be in more than one file,

you have the actual text file you created and you will have your sudo/bash history(if logged) which will show the command used to search for the string such as

sudo grep -r zibblydeeflippledeedooobarashnukah /

If it appears in any more then you most likely have a keylogger

Just thought i'd mention that in case any newbies do a scan and instantly panic over something innocent :)
acerimusdux
Level 5
Level 5
Posts: 635
Joined: Sat Dec 26, 2009 3:36 pm

Re: Linux Mint Forums Back After Double Attack

Post by acerimusdux »

mdiemer wrote:Rethinking password managers here. It seems to me that if you use a password manager, all a hacker needs to do is hack them. Supposedly they don't know your master password, but how do you really know that's true? You have to trust them.
1> Keepassx, which stores the encrypted passwords locally, is probably preferable
2> Lastpass encrypts locally before sending, so only stores encrypted info on the cloud.
3> Yes, to some extent you have to trust them, but they've been around awhile now, and if it didn't work the way they say, other security researchers would have figured that out by now.
4> If you write your passwords on a piece of paper, it's more likely that paper would get stolen than that an encrypted file would be stolen and decrypted (whether on the cloud or stored locally).

My biggest concern with the cloud storage is what happens if they shut down suddenly, without warning? As for example, encrypted e-mail provider Lavabit did a few years back. But LastPass does give you an option to back up your data locally to an encrypted file.

You can also use two-factor authentication, if you want extra security for your LastPass account.
UgoRipley

Re: Linux Mint Forums Back After Double Attack

Post by UgoRipley »

mdiemer wrote:...This whole hack thing has been a real wake up call.
Yeah, me too.
I'm actually looking for the "best" solution, trying Keepass (with Keepass2Android/Dropbox/Keyfile on USB stick) and Lastpass, though mostly in Windows.
I feel it's already many times better than "before", when I had a (password protected) simple Excel file...on Dropbox.
Maybe the best thing is to completely avoid the cloud, and use different USB sticks, one for keyfile and another for main Keepass DB (and a few redundant backups, just in case), and screw the Android-side-of-things.
roncraig
Level 1
Level 1
Posts: 44
Joined: Tue Jul 14, 2015 5:37 pm
Location: Ohio

Re: Linux Mint Forums Back After Double Attack

Post by roncraig »

I'll just drop this here in case it can be of use to anyone looking for a strong password:
https://www.grc.com/passwords.htm

In the meantime... we have this to worry about until it gets fixed:
https://code.google.com/p/google-Sucuri ... ail?id=758

Stay Frosty :)
OS: Linux Mint 20.3 Una
Kernel: 5.15.0-33
DE: Cinnamon
Mobo: ASRock model: X299 Taichi CLX
CPU: Intel Core i9-10900X
GPU: NVIDIA GeForce RTX 3080
Memory: 64GB
User avatar
RobertLM78
Level 3
Level 3
Posts: 183
Joined: Sat Apr 28, 2012 4:19 am
Location: US

Re: Linux Mint Forums Back After Double Attack

Post by RobertLM78 »

Glad to see the forums back and running. I changed my password as suggested. Are we going to get the minty green theme back? :D
Gateway DX4860, Sapphire Radeon HD 5450, 8 GB RAM, Mint 17.3 64-bit (Rosa), MATE
AMD Ryzen 3-3100, AMD Radeon RX 570, 16 GB RAM, Mint 21 (Vanessa), MATE
User avatar
Moem
Level 22
Level 22
Posts: 16226
Joined: Tue Nov 17, 2015 9:14 am
Location: The Netherlands
Contact:

Re: Linux Mint Forums Back After Double Attack

Post by Moem »

Some tweaking to the theme is most likely in the plans and I'd be surprised if there would not be a green theme among the options that will be added.
Image

If your issue is solved, kindly indicate that by editing the first post in the topic, and adding [SOLVED] to the title. Thanks!
hooked2u

Re: Linux Mint Forums Back After Double Attack

Post by hooked2u »

I abhor short, unique 'tlm123', easy to type-in passwords. Should I replace my 15+ character password or presume that I am okay now. Maybe change to a 25+ character password?

I never connect to the Internet using IoT devices because I think they are too easy to be exploited. I have 5 PC's, each having it's own user name and 15+ character password. If its been a while that I have used a particular PC and try to log on I may have to go through 4 passes of un/passwd until I get the right combination, but eventually I can log on. As I age, my recall of memorized things are becoming difficult. I may have to resort to carrying a pocket paper notebook with encrypted hints of my usernames and passwords, because writing the actual username/password would be too easy for someone to exploit if I ever lose my notebook.

I am running LM17.2 which was installed from Linux Format DVD so I am presumably safe. When I download an ISO I always compare the MD5 checksum. Since 17.3 seems to be the hacked version I will wait for a newer version before upgrading.

Glad to see the forum is back online.
UgoRipley

Re: Linux Mint Forums Back After Double Attack

Post by UgoRipley »

hooked2u wrote:Since 17.3 seems to be the hacked version I will wait for a newer version before upgrading.
You might have a hacked/corrupted ISO only if you downloaded it on February 20th (IIRC).
No problems in downloading it now (or directly upgrading from update manager)
noxcruor

Re: Linux Mint Forums Back After Double Attack

Post by noxcruor »

You could always download an older version and upgrade within the OS if you're that worried about it. I had an ISO of 17.2 x64 Cinnamon on my external HD that I was using to create VMs with. I found I wanted to really dive into Mint and use it more on a daily basis which meant installing it on my machine. Sadly, this was towards the end of February, and I didn't want to risk installing a hacked version. Not to mention that except for the blog, I couldn't access linuxmint.com at all to try and download the latest version.

So I installed 17.2 without issues, and when I went to the Update Manager, I saw I could upgrade that way. I didn't feel a pressing need to, so I waited to hear from the blog that everything was back up and running again, and that the hacks had been purged. I did upgrade at that time, but before then, I was happy to be working with Mint Cinnamon on a desktop - which led to me installing Mint MATE on my 6 year old laptop.
User avatar
Moem
Level 22
Level 22
Posts: 16226
Joined: Tue Nov 17, 2015 9:14 am
Location: The Netherlands
Contact:

Re: Linux Mint Forums Back After Double Attack

Post by Moem »

The cracked version was an ISO, it could not be obtained through an upgrade/update, only through a download, and that only lasted for one day. Upgrading is safe and has never been affected by this crack.

Let's not make things sound worse than they actually were.
Image

If your issue is solved, kindly indicate that by editing the first post in the topic, and adding [SOLVED] to the title. Thanks!
jeffreyC

Re: Linux Mint Forums Back After Double Attack

Post by jeffreyC »

This is incredibly stupid forum software:
How do I change my password when the forum software says my OLD password is not good enough?
And then rejects my attempt to change to a new one.

It’s a forum, not a banking site, why would I have a super password?
I use different strength passwords for different levels of needed security.
chritcu

Re: Linux Mint Forums Back After Double Attack

Post by chritcu »

For people who like me ended up endlessly searching for the change password option on this crappy forum software here's a screenshot
http://www.pc-freak.net/images/change_p ... screen.png

Or in words, it's in: "<your-user-name-in-upper-right-corner> -> User Control Panel -> Profile -> Edit Account Settings"
MtnDewManiac
Level 6
Level 6
Posts: 1491
Joined: Fri Feb 22, 2013 5:18 pm
Location: United States

Re: Linux Mint Forums Back After Double Attack

Post by MtnDewManiac »

Rambling...
Fred Barclay wrote:When discussing passwords, it never hurts to remember this...
Image
Not 100% reliable (even if your "workroom" is a surgical suite), but definitely quick. Somewhat difficult to perform 5,000 miles away, though. But I imagine that, in the situations in which it CAN be used... It's great stress relief :lol: .

What's the problem with writing passwords down? Okay, yeah, the location could burn down, get hit by an asteroid, etc. But such things are at least somewhat unlikely, lol. And while it's possible (I have my doubts) that someone could find every single hiding spot... They're not going to do so in a timely manner. Here's three, just off the top of my head:
Do you have pull-down blinds? Pull it down 1' past the bottom of your window, then simply place the sheet of paper containing your passwords at the top of the blind and roll it back up.
Do you use toilet paper? Pull the roller off and stick the sheet of paper inside. Place the roll back on the roller and reinstall the roller.
Do you have a refrigerator? Pull the drain pan out from underneath and tape the sheet of paper to the bottom of it.
Bonus: Do you have a cat? Tape the sheet of paper to the bottom of the litter box (underneath, unless you are willing to laminate it, lol).

Those took me a few seconds to think of. How long would it have taken you to find the sheet of paper in my home if I had used one of those locations and not mentioned them?

To be honest, I am not greatly concerned that the database got pinched. If someone got access to my account, they could... Read my PMs. Send PMs from my account. Post threads and reply to same from my account. And... That's no big deal.

More (far, far more) troubling is the fact that they were able to substitute their own file for the .ISO. Not so much that fact in and of itself (whilst being an issue for anyone who downloaded it, it doesn't affect me personally), but because it shows that they were able to do it... I have no way of knowing that they didn't also make other file substitutions (in our repositories!!!). They might not have - or you might just not have noticed. A good hacker would have covered his/her tracks. A great hacker... might have left you an easy "oh, so THAT'S what they did. Okay, they just switched the .ISO. No problem, we can fix that" that was easy to spot. If I kick your door down and trash your house, but your garage appears to be untouched... How likely are you to notice that I very carefully and neatly picked your garage door lock and stuck a tracker to the underside of your car? Especially if I took your silver and your wife's jewelery when I was trashing your house? Unless you happened to see the sack containing that stuff sticking out of the nearest dumpster, you'd probably (some of us are just a wee bit more paranoid :wink: ) think it was just a simple smash and grab and not even bother thoroughly investigating the place that I didn't obviously mess with - you'd probably open the door to your garage, glance inside, breathe a sigh of relief, and close the door. Now I cringe whenever I do an update. I hope the latest set of files that got installed were clean.

I was a member on another website (forum) for several years. It's pretty secure (not SECURE - don't bother asking how I know this - but pretty secure). I abruptly stopped visiting. Two years later, I got a wild hair and decided to revisit. But I forgot the (lengthy, random, non-repeating) password due to non-use (or getting older :roll: ). I figured I'd have to call the guy who owns/runs it, which would have been somewhat problematic because IDK if I still have his phone number, and sending snail mail across the country to his company office would have been a bit of a pain. So I used the "contact" form on his website to mention that I'd like to "return" and that neither my daily-use nor my private email address worked for the "lost password" routine and that I was sad/annoyed because I figured there was no way to prove my identity quickly/easily. I thought he'd reply with his phone number asking me to call (as he would recognize me on the phone, probably). Instead, he replied asking, "Do you still have access to the {email address} account?"

"Oh no!!!" I thought - I created that email account specifically to join the website (something I used to do routinely), and never used it again. Nor had I intended to, so I didn't keep the information and it wasn't linked to my permanent email addresses. Still, I decided to see if there was a lost password routine that was linked (and that I'd just forgotten) to one that I use. But it turns out that I did not have to:

I accessed the webpage of that email provider (webmail). I entered the email address that the admin asked me if I could still access. It... no longer existed, lol (terminated due to lack of activity). So I just recreated it, went back to that forum and used its lost password routine, then checked my new ("old") email account.

I know, the above is completely irrelevant. But I thought I'd share how I got back into that forum. Because someone else could have done the same thing and gotten access to my account. And that guy... Well, he's probably not as paranoid as ME, lol - but he's paranoid. However... He's also human. Often, the weak link in a thing.

BtW:
jeffreyC wrote:This is incredibly stupid forum software:
chritcu wrote:this crappy forum software
Careful. I recently made some honest, but critical comments about the forum software and some people seem to have taken offense. Honesty doesn't always win you any friends, lol, at least not here.

And: Just what is "the Internet of things?" And is it different than the Internet?

Also: That routine for checking for the presence of a keylogger application seemed like a great idea... at first. But if the keylogger merely echoes your input to a distant server instead of storing its data locally, is that routine still going to find it? (I know, I know, you'd notice that your computer is sending data to a server. Still... A lot of people have no idea whether or not their computer is talking to others and, if so, which ones and what data is being sent/received).

Regards,
MDM
Mint 18 Xfce 4.12.

If guns kill people, then pencils misspell words, cars make people drive drunk, and spoons made Rosie O'Donnell fat.
jeffreyC

Re: Linux Mint Forums Back After Double Attack

Post by jeffreyC »

A few years ago I saw a 'man on the street interview' article; over half the people asked would trade their work password for a chocolate bar.
MtnDewManiac
Level 6
Level 6
Posts: 1491
Joined: Fri Feb 22, 2013 5:18 pm
Location: United States

Re: Linux Mint Forums Back After Double Attack

Post by MtnDewManiac »

jeffreyC wrote:A few years ago I saw a 'man on the street interview' article; over half the people asked would trade their work password for a chocolate bar.
:lol: .

I don't know that I'd have expected those results, but I am not greatly surprised. People in my country (United States) have been trading privacy and other rights for (perceived) security for years. Ben Franklin would probably have lined them all up against the nearest wall and allowed their blood to nourish the tree of freedom, lol.

Actually, I'd have expected them to trade it for a cheeseburger (extra cheese - and can you supersize that? I'll throw in an email password :roll: ). Maybe it was some other country where the poll occurred?

DISCLAIMER: I like cheeseburgers. But I wouldn't trade anything - other than $1.49 - for one.

Regards,
MDM
Mint 18 Xfce 4.12.

If guns kill people, then pencils misspell words, cars make people drive drunk, and spoons made Rosie O'Donnell fat.
Seffis
Level 2
Level 2
Posts: 58
Joined: Tue Sep 02, 2014 3:06 am

Re: Linux Mint Forums Back After Double Attack

Post by Seffis »

Many of these discussions are assuming that unlimited attempts to 'crack' the password are allowed. Some accounts are locked for 24 hours after three wrong attempts. I would change this to two, in case cap locks were on.

There are 4422 possible combinations in a two character password using the 66 estimated usable characters from a previous post. (66*66) + 66 for one character passwords. How long would this take to crack with three attempts per day :)

All my accounts are bogus, even Facebook. I am currently in the process of deleting the one account that used my NickNameLastName@ as the address.

Wonder why (alt + number) codes above 126 aren't allowed to be used in passwords on most if not all sites :?: Can't print any today, guess the Firefox update messed it up.
Toshiba C655-S5549 Intel I3 dual core Intel Graphics 3000
Locked

Return to “Releases & Announcements”