Hacking status of Linux Mint mirror downloads

Questions about the project and the distribution - obviously no support questions here please
Post Reply
SLLA
Level 1
Level 1
Posts: 2
Joined: Mon Aug 21, 2017 7:47 am

Hacking status of Linux Mint mirror downloads

Post by SLLA » Mon Aug 21, 2017 8:32 am

I am seeking confirmation from the official Linux Mint Team that there is no outstanding unfixed hacking of the University of Canterbury (NZ) mirror download site for downloading the ISO for Linux Mint 18.2 Cinnamon 64 bit onto a Linux system. I created a link to the site on 18th August and actually downloaded it on 20th August. I am intending to run it from a USB stick to try it out. I have been informed of the incident on 20th February last year but have not been able to locate an official Linux Mint notification that the problem was fixed, and I am also not sure how to keep track of whether there have been any other hacking incidents affecting Linux Mint since then.
My sincere apologies if this has all been answered/covered elsewhere by your Team. I am a newbie.

User avatar
xenopeek
Level 24
Level 24
Posts: 22173
Joined: Wed Jul 06, 2011 3:58 am
Location: The Netherlands

Re: Hacking status of Linux Mint mirror downloads

Post by xenopeek » Mon Aug 21, 2017 9:11 am

Please read the following article for more information: http://blog.linuxmint.com/?p=3007. As detailed there, the attacker shortly changed some download links on the Linux Mint website to point to their own server, on which they had placed a compromised ISO file. The mirrors themselves and the ISO files on them were not affected.

You can verify your ISO with these steps https://linuxmint.com/verify.php. We recommend you at least confirm the SHA256 checksum of your ISO file matches before you use it. That also confirms you downloaded the file completely and without errors. You can optionally also check the signature on the SHA256 checksum file to confirm that file originates from Linux Mint.

To keep up to date with Linux Mint news you can follow the blog http://blog.linuxmint.com/.
Image

SLLA
Level 1
Level 1
Posts: 2
Joined: Mon Aug 21, 2017 7:47 am

Re: Hacking status of Linux Mint mirror downloads

Post by SLLA » Wed Sep 20, 2017 5:54 am

Thank you for your help Xenopeek. I have been trying to follow the instructions in the link you gave me for verifying a Linux Mint ISO at https://linuxmint.com/verify.php and have hit a problem: The terminal response to the given commands to find out the ISO's SHA256 sum is 'no such file or directory'. I have tried this both by opening a terminal within the created ISO folder/directory containing the ISO file and the two other files, and also by opening a terminal one level higher in the folder/directory nesting/pathway with the ISO folder selected. Same result in both cases.
The system I am using to do this verification is Ubuntu 16.04.1 64 bit. I am a novice with Linux and using terminals so may well have missed something vital that is assumed. I am intending to run the Linux Mint 18.2 from a USB stick. Can you advise me further??

User avatar
Pjotr
Level 20
Level 20
Posts: 10152
Joined: Mon Mar 07, 2011 10:18 am
Location: The Netherlands (Holland)
Contact:

Re: Hacking status of Linux Mint mirror downloads

Post by Pjotr » Wed Sep 20, 2017 6:09 am

Tip: 10 things to do after installing Linux Mint 18.3 Sylvia
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.

linux_rules
Level 3
Level 3
Posts: 153
Joined: Sun Apr 24, 2011 1:51 am
Contact:

Re: Hacking status of Linux Mint mirror downloads

Post by linux_rules » Sat Dec 23, 2017 6:09 am

I am using 18.1.

I have already burned the iso to a DVD. Can I check the DVD ?

Code: Select all

$ sha256sum /dev/sr0 
sha256sum: /dev/sr0: Input/output error
I am getting this ^^

According to this page https://blog.linuxmint.com/?p=2994

When the hacking happened only iso(s) for linuxmint-17.3 was available.

I mean the hacking happened before the release of 18 or am I missing something.
Mint 18.1
Intel(R) Core(TM) i3-6100 CPU
Ram 4GB
GeForce GTX 650

Cosmo.
Level 23
Level 23
Posts: 17830
Joined: Sat Dec 06, 2014 7:34 am

Re: Hacking status of Linux Mint mirror downloads

Post by Cosmo. » Sat Dec 23, 2017 7:22 am

You have to check the ISO download, not the burned dvd.

linux_rules
Level 3
Level 3
Posts: 153
Joined: Sun Apr 24, 2011 1:51 am
Contact:

Re: Hacking status of Linux Mint mirror downloads

Post by linux_rules » Sat Dec 23, 2017 7:24 am

Cosmo. wrote:You have to check the ISO download, not the burned dvd.
Unfortunately I have deleted the iso after installing from DVD.
Mint 18.1
Intel(R) Core(TM) i3-6100 CPU
Ram 4GB
GeForce GTX 650

Cosmo.
Level 23
Level 23
Posts: 17830
Joined: Sat Dec 06, 2014 7:34 am

Re: Hacking status of Linux Mint mirror downloads

Post by Cosmo. » Sat Dec 23, 2017 7:30 am

The idea is to check the authenticity before you install the system with the ISO (burned). Assumed the download has been compromised or "only" corrupted it is now to late; you would have installed in this case already a not reliable system. In case of a compromised download - and consequently system - you cannot even trust the check, which you from this system.

linux_rules
Level 3
Level 3
Posts: 153
Joined: Sun Apr 24, 2011 1:51 am
Contact:

Re: Hacking status of Linux Mint mirror downloads

Post by linux_rules » Sat Dec 23, 2017 7:33 am

Cosmo. wrote:The idea is to check the authenticity before you install the system with the ISO (burned). Assumed the download has been compromised or "only" corrupted it is now to late; you would have installed in this case already a not reliable system.
Is there a command I can run from the installed system to verify if I am running a compromised system ?
Mint 18.1
Intel(R) Core(TM) i3-6100 CPU
Ram 4GB
GeForce GTX 650

User avatar
Pjotr
Level 20
Level 20
Posts: 10152
Joined: Mon Mar 07, 2011 10:18 am
Location: The Netherlands (Holland)
Contact:

Re: Hacking status of Linux Mint mirror downloads

Post by Pjotr » Sat Dec 23, 2017 7:49 am

No worries, mate. The hack you refer to was long ago, for an older version, and lasted only one day anyway. No bearing at all on your Mint 18.1. You're fine. :mrgreen:
Tip: 10 things to do after installing Linux Mint 18.3 Sylvia
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.

linux_rules
Level 3
Level 3
Posts: 153
Joined: Sun Apr 24, 2011 1:51 am
Contact:

Re: Hacking status of Linux Mint mirror downloads

Post by linux_rules » Sat Dec 23, 2017 7:58 am

Pjotr wrote:No worries, mate. The hack you refer to was long ago, for an older version, and lasted only one day anyway. No bearing at all on your Mint 18.1. You're fine. :mrgreen:
Thanks a lot but then what is this about ?
SLLA wrote:I am seeking confirmation from the official Linux Mint Team that there is no outstanding unfixed hacking of the University of Canterbury (NZ) mirror download site for downloading the ISO for Linux Mint 18.2 Cinnamon 64 bit onto a Linux system. I created a link to the site on 18th August and actually downloaded it on 20th August. I am intending to run it from a
Mint 18.1
Intel(R) Core(TM) i3-6100 CPU
Ram 4GB
GeForce GTX 650

User avatar
Pjotr
Level 20
Level 20
Posts: 10152
Joined: Mon Mar 07, 2011 10:18 am
Location: The Netherlands (Holland)
Contact:

Re: Hacking status of Linux Mint mirror downloads

Post by Pjotr » Sat Dec 23, 2017 8:00 am

linux_rules wrote:
Pjotr wrote:No worries, mate. The hack you refer to was long ago, for an older version, and lasted only one day anyway. No bearing at all on your Mint 18.1. You're fine. :mrgreen:
Thanks a lot but then what is this about ?
SLLA wrote:I am seeking confirmation from the official Linux Mint Team that there is no outstanding unfixed hacking of the University of Canterbury (NZ) mirror download site for downloading the ISO for Linux Mint 18.2 Cinnamon 64 bit onto a Linux system. I created a link to the site on 18th August and actually downloaded it on 20th August. I am intending to run it from a
From the looks of it, that's someone with a lack of understanding. :mrgreen:

This was the one and only real hack:
https://blog.linuxmint.com/?p=2994
Tip: 10 things to do after installing Linux Mint 18.3 Sylvia
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.

linux_rules
Level 3
Level 3
Posts: 153
Joined: Sun Apr 24, 2011 1:51 am
Contact:

Re: Hacking status of Linux Mint mirror downloads

Post by linux_rules » Sat Dec 23, 2017 8:22 am

Pjotr wrote:
linux_rules wrote:
Pjotr wrote:No worries, mate. The hack you refer to was long ago, for an older version, and lasted only one day anyway. No bearing at all on your Mint 18.1. You're fine. :mrgreen:
Thanks a lot but then what is this about ?
SLLA wrote:I am seeking confirmation from the official Linux Mint Team that there is no outstanding unfixed hacking of the University of Canterbury (NZ) mirror download site for downloading the ISO for Linux Mint 18.2 Cinnamon 64 bit onto a Linux system. I created a link to the site on 18th August and actually downloaded it on 20th August. I am intending to run it from a
From the looks of it, that's someone with a lack of understanding. :mrgreen:

This was the one and only real hack:
https://blog.linuxmint.com/?p=2994
You just stopped me from installing a different distro. Thanks once again.
Mint 18.1
Intel(R) Core(TM) i3-6100 CPU
Ram 4GB
GeForce GTX 650

User avatar
Pepi
Level 5
Level 5
Posts: 591
Joined: Wed Nov 18, 2009 7:47 pm

Re: Hacking status of Linux Mint mirror downloads

Post by Pepi » Sat Dec 23, 2017 9:35 am

"What we don’t know is the motivation behind this attack"

Did anyone every find out what the bad install did?

Cosmo.
Level 23
Level 23
Posts: 17830
Joined: Sat Dec 06, 2014 7:34 am

Re: Hacking status of Linux Mint mirror downloads

Post by Cosmo. » Sat Dec 23, 2017 9:50 am

It implemented a backdoor. A backdoor can do several kind of things: Steal your data, steal your identity, control the system from outside. A backdoor gets created by a criminal or an insane (possibly both) minds.

It is correct t say, that the last hack was 2 years ago. I wrote a few days ago, that it is at now less easy to hack linuxmint.com. But it is not impossible and new attempts will happen with guarantee. This is an official statement by Clem (Mint's head). So the checks shall be done in every case (and of course before installing), as nobody can say beforehand, when it will happen again and with which effect. If this would not be so important, the checksums, authenticated with a digital key, and the instructions how to do the check would be only entertainment for bored people.

User avatar
Pepi
Level 5
Level 5
Posts: 591
Joined: Wed Nov 18, 2009 7:47 pm

Re: Hacking status of Linux Mint mirror downloads

Post by Pepi » Sat Dec 23, 2017 10:19 am

Thanks Cosmo. I will have to say I'm guilty not checking my ISOs :oops: I will start following Pjotr write-up from now on

Post Reply

Return to “Non-technical Questions”