Hacking status of Linux Mint mirror downloads

Questions about the project and the distribution - obviously no support questions here please
Forum rules
Do not post support questions here. Before you post read the forum rules. Topics in this forum are automatically closed 6 months after creation.
Locked
SLLA

Hacking status of Linux Mint mirror downloads

Post by SLLA »

I am seeking confirmation from the official Linux Mint Team that there is no outstanding unfixed hacking of the University of Canterbury (NZ) mirror download site for downloading the ISO for Linux Mint 18.2 Cinnamon 64 bit onto a Linux system. I created a link to the site on 18th August and actually downloaded it on 20th August. I am intending to run it from a USB stick to try it out. I have been informed of the incident on 20th February last year but have not been able to locate an official Linux Mint notification that the problem was fixed, and I am also not sure how to keep track of whether there have been any other hacking incidents affecting Linux Mint since then.
My sincere apologies if this has all been answered/covered elsewhere by your Team. I am a newbie.
Last edited by LockBot on Wed Dec 28, 2022 7:16 am, edited 1 time in total.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
User avatar
xenopeek
Level 25
Level 25
Posts: 29509
Joined: Wed Jul 06, 2011 3:58 am

Re: Hacking status of Linux Mint mirror downloads

Post by xenopeek »

Please read the following article for more information: http://blog.linuxmint.com/?p=3007. As detailed there, the attacker shortly changed some download links on the Linux Mint website to point to their own server, on which they had placed a compromised ISO file. The mirrors themselves and the ISO files on them were not affected.

You can verify your ISO with these steps https://linuxmint.com/verify.php. We recommend you at least confirm the SHA256 checksum of your ISO file matches before you use it. That also confirms you downloaded the file completely and without errors. You can optionally also check the signature on the SHA256 checksum file to confirm that file originates from Linux Mint.

To keep up to date with Linux Mint news you can follow the blog http://blog.linuxmint.com/.
Image
SLLA

Re: Hacking status of Linux Mint mirror downloads

Post by SLLA »

Thank you for your help Xenopeek. I have been trying to follow the instructions in the link you gave me for verifying a Linux Mint ISO at https://linuxmint.com/verify.php and have hit a problem: The terminal response to the given commands to find out the ISO's SHA256 sum is 'no such file or directory'. I have tried this both by opening a terminal within the created ISO folder/directory containing the ISO file and the two other files, and also by opening a terminal one level higher in the folder/directory nesting/pathway with the ISO folder selected. Same result in both cases.
The system I am using to do this verification is Ubuntu 16.04.1 64 bit. I am a novice with Linux and using terminals so may well have missed something vital that is assumed. I am intending to run the Linux Mint 18.2 from a USB stick. Can you advise me further??
User avatar
Pjotr
Level 23
Level 23
Posts: 19888
Joined: Mon Mar 07, 2011 10:18 am
Location: The Netherlands (Holland) 🇳🇱
Contact:

Re: Hacking status of Linux Mint mirror downloads

Post by Pjotr »

Tip: 10 things to do after installing Linux Mint 21.3 Virginia
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.
linux_rules
Level 4
Level 4
Posts: 277
Joined: Sun Apr 24, 2011 1:51 am

Re: Hacking status of Linux Mint mirror downloads

Post by linux_rules »

I am using 18.1.

I have already burned the iso to a DVD. Can I check the DVD ?

Code: Select all

$ sha256sum /dev/sr0 
sha256sum: /dev/sr0: Input/output error
I am getting this ^^

According to this page https://blog.linuxmint.com/?p=2994

When the hacking happened only iso(s) for linuxmint-17.3 was available.

I mean the hacking happened before the release of 18 or am I missing something.
Cosmo.
Level 24
Level 24
Posts: 22968
Joined: Sat Dec 06, 2014 7:34 am

Re: Hacking status of Linux Mint mirror downloads

Post by Cosmo. »

You have to check the ISO download, not the burned dvd.
linux_rules
Level 4
Level 4
Posts: 277
Joined: Sun Apr 24, 2011 1:51 am

Re: Hacking status of Linux Mint mirror downloads

Post by linux_rules »

Cosmo. wrote:You have to check the ISO download, not the burned dvd.
Unfortunately I have deleted the iso after installing from DVD.
Cosmo.
Level 24
Level 24
Posts: 22968
Joined: Sat Dec 06, 2014 7:34 am

Re: Hacking status of Linux Mint mirror downloads

Post by Cosmo. »

The idea is to check the authenticity before you install the system with the ISO (burned). Assumed the download has been compromised or "only" corrupted it is now to late; you would have installed in this case already a not reliable system. In case of a compromised download - and consequently system - you cannot even trust the check, which you from this system.
linux_rules
Level 4
Level 4
Posts: 277
Joined: Sun Apr 24, 2011 1:51 am

Re: Hacking status of Linux Mint mirror downloads

Post by linux_rules »

Cosmo. wrote:The idea is to check the authenticity before you install the system with the ISO (burned). Assumed the download has been compromised or "only" corrupted it is now to late; you would have installed in this case already a not reliable system.
Is there a command I can run from the installed system to verify if I am running a compromised system ?
User avatar
Pjotr
Level 23
Level 23
Posts: 19888
Joined: Mon Mar 07, 2011 10:18 am
Location: The Netherlands (Holland) 🇳🇱
Contact:

Re: Hacking status of Linux Mint mirror downloads

Post by Pjotr »

No worries, mate. The hack you refer to was long ago, for an older version, and lasted only one day anyway. No bearing at all on your Mint 18.1. You're fine. :mrgreen:
Tip: 10 things to do after installing Linux Mint 21.3 Virginia
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.
linux_rules
Level 4
Level 4
Posts: 277
Joined: Sun Apr 24, 2011 1:51 am

Re: Hacking status of Linux Mint mirror downloads

Post by linux_rules »

Pjotr wrote:No worries, mate. The hack you refer to was long ago, for an older version, and lasted only one day anyway. No bearing at all on your Mint 18.1. You're fine. :mrgreen:
Thanks a lot but then what is this about ?
SLLA wrote:I am seeking confirmation from the official Linux Mint Team that there is no outstanding unfixed hacking of the University of Canterbury (NZ) mirror download site for downloading the ISO for Linux Mint 18.2 Cinnamon 64 bit onto a Linux system. I created a link to the site on 18th August and actually downloaded it on 20th August. I am intending to run it from a
User avatar
Pjotr
Level 23
Level 23
Posts: 19888
Joined: Mon Mar 07, 2011 10:18 am
Location: The Netherlands (Holland) 🇳🇱
Contact:

Re: Hacking status of Linux Mint mirror downloads

Post by Pjotr »

linux_rules wrote:
Pjotr wrote:No worries, mate. The hack you refer to was long ago, for an older version, and lasted only one day anyway. No bearing at all on your Mint 18.1. You're fine. :mrgreen:
Thanks a lot but then what is this about ?
SLLA wrote:I am seeking confirmation from the official Linux Mint Team that there is no outstanding unfixed hacking of the University of Canterbury (NZ) mirror download site for downloading the ISO for Linux Mint 18.2 Cinnamon 64 bit onto a Linux system. I created a link to the site on 18th August and actually downloaded it on 20th August. I am intending to run it from a
From the looks of it, that's someone with a lack of understanding. :mrgreen:

This was the one and only real hack:
https://blog.linuxmint.com/?p=2994
Tip: 10 things to do after installing Linux Mint 21.3 Virginia
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.
linux_rules
Level 4
Level 4
Posts: 277
Joined: Sun Apr 24, 2011 1:51 am

Re: Hacking status of Linux Mint mirror downloads

Post by linux_rules »

Pjotr wrote:
linux_rules wrote:
Pjotr wrote:No worries, mate. The hack you refer to was long ago, for an older version, and lasted only one day anyway. No bearing at all on your Mint 18.1. You're fine. :mrgreen:
Thanks a lot but then what is this about ?
SLLA wrote:I am seeking confirmation from the official Linux Mint Team that there is no outstanding unfixed hacking of the University of Canterbury (NZ) mirror download site for downloading the ISO for Linux Mint 18.2 Cinnamon 64 bit onto a Linux system. I created a link to the site on 18th August and actually downloaded it on 20th August. I am intending to run it from a
From the looks of it, that's someone with a lack of understanding. :mrgreen:

This was the one and only real hack:
https://blog.linuxmint.com/?p=2994
You just stopped me from installing a different distro. Thanks once again.
User avatar
Pepi
Level 6
Level 6
Posts: 1308
Joined: Wed Nov 18, 2009 7:47 pm

Re: Hacking status of Linux Mint mirror downloads

Post by Pepi »

"What we don’t know is the motivation behind this attack"

Did anyone every find out what the bad install did?
Cosmo.
Level 24
Level 24
Posts: 22968
Joined: Sat Dec 06, 2014 7:34 am

Re: Hacking status of Linux Mint mirror downloads

Post by Cosmo. »

It implemented a backdoor. A backdoor can do several kind of things: Steal your data, steal your identity, control the system from outside. A backdoor gets created by a criminal or an insane (possibly both) minds.

It is correct t say, that the last hack was 2 years ago. I wrote a few days ago, that it is at now less easy to hack linuxmint.com. But it is not impossible and new attempts will happen with guarantee. This is an official statement by Clem (Mint's head). So the checks shall be done in every case (and of course before installing), as nobody can say beforehand, when it will happen again and with which effect. If this would not be so important, the checksums, authenticated with a digital key, and the instructions how to do the check would be only entertainment for bored people.
User avatar
Pepi
Level 6
Level 6
Posts: 1308
Joined: Wed Nov 18, 2009 7:47 pm

Re: Hacking status of Linux Mint mirror downloads

Post by Pepi »

Thanks Cosmo. I will have to say I'm guilty not checking my ISOs :oops: I will start following Pjotr write-up from now on
Locked

Return to “Non-technical Questions”