How often do linux distro repositories get compromised?

All Gurus once were Newbies
Forum rules
There are no such things as "stupid" questions. However if you think your question is a bit stupid, then this is the right place for you to post it. Please stick to easy to-the-point questions that you feel people can answer fast. For long and complicated questions prefer the other forums within the support section.
Before you post please read how to get help
Post Reply
ZetNanban1
Level 1
Level 1
Posts: 6
Joined: Sat Aug 29, 2015 1:40 pm

How often do linux distro repositories get compromised?

Post by ZetNanban1 » Fri Feb 05, 2016 2:08 pm

Seeing as how we are heavily dependent on the distro maintainters in the GNU/Linux world, I think that this is an important question for new users to know.

User avatar
Pjotr
Level 21
Level 21
Posts: 13713
Joined: Mon Mar 07, 2011 10:18 am
Location: The Netherlands (Holland)
Contact:

Re: How often do linux distro repositories get compromised?

Post by Pjotr » Fri Feb 05, 2016 2:20 pm

In a decade of fulltime Linux use (first the *buntu's, and lately Mint), I've never heard of malware in the official Debian, Ubuntu or Mint repo's. In that 10 year period, I think I remember hearing about one or two instances of such a thing in the repo's of other distro's, though.

No system is perfect, of course. But the Debian, Ubuntu and Mint repo maintainers do a pretty good job. In short: no worries. :mrgreen:
Tip: 10 things to do after installing Linux Mint 19.2 Tina
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.

Habitual
Level 13
Level 13
Posts: 4870
Joined: Sun Nov 21, 2010 8:31 pm
Location: 0.0.0.0

Re: How often do linux distro repositories get compromised?

Post by Habitual » Fri Feb 05, 2016 2:25 pm

Kernel.org was Hacked - Aug. 31, 2011

User avatar
Pjotr
Level 21
Level 21
Posts: 13713
Joined: Mon Mar 07, 2011 10:18 am
Location: The Netherlands (Holland)
Contact:

Re: How often do linux distro repositories get compromised?

Post by Pjotr » Fri Feb 05, 2016 2:31 pm

Right.... And I've also found the other one that I was remembering dimly: back in 2010, malware was found in the official Gentoo repo: https://bugs.gentoo.org/show_bug.cgi?id=323691

That makes two. My guess wasn't too inaccurate then. :mrgreen:
Tip: 10 things to do after installing Linux Mint 19.2 Tina
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.

Habitual
Level 13
Level 13
Posts: 4870
Joined: Sun Nov 21, 2010 8:31 pm
Location: 0.0.0.0

Re: How often do linux distro repositories get compromised?

Post by Habitual » Fri Feb 05, 2016 2:37 pm

Pjotr wrote:Right.... And I've also found the other one that I was remembering dimly: back in 2010, malware was found in the official Gentoo repo: https://bugs.gentoo.org/show_bug.cgi?id=323691

That makes two. My guess wasn't too inaccurate then. :mrgreen:
Not at all inaccurate.
We can count 'em on one hand in as many years.

It's rare (or rarely reported). And "compromised" is too subjective IMO.

ZetNanban1
Level 1
Level 1
Posts: 6
Joined: Sat Aug 29, 2015 1:40 pm

Re: How often do linux distro repositories get compromised?

Post by ZetNanban1 » Fri Feb 05, 2016 3:34 pm

Awesome. I feel like I never get a chance to tell Windows users that "Linux is also vulnerable" without feeling smug as **** every time. Should my biggest fear then be Linux gaining popularity? I've only used it for a couple of years, I don't know how far it's come in comparison to MacOS and Windows as far as quality and ease of use go. If the Debian-based distros gained in popularity (which I think is likely), attacks would increase as well, and I'm guessing that a lot of non-expert Linux users will have to contemplate how well they are doing to protect themselves to fight back.

To add to this, the fact that UEFI and some HDDs can now be rooted to keep re-installations of the OS from ridding the malware from the computer, minus the vendor support, it could get spooky.

User avatar
LinuxJim
Level 5
Level 5
Posts: 659
Joined: Tue Jan 26, 2016 8:01 pm
Location: Oregon, USA

Re: How often do linux distro repositories get compromised?

Post by LinuxJim » Fri Feb 05, 2016 3:40 pm

Servers get hacked. That's an unfortunate fact of life.

Consider this:

1. Packages are signed. Even if someone hacked into a repository and deposited something, it would need to be signed with the developer's key to propagate any further.

2. Repositories are distributed. There are mirrors all over the world. If one gets compromised, it doesn't affect any of the others.

3. Everything is under version control. If a bad package gets injected somewhere, even at the very top of the stream, it's a simple matter to roll back and repush.

4. Just because a server gets hacked doesn't mean you'll end up with malware a day later. Oftentimes it's done just for bragging rights.

The ultimate solution is not prevention, but early detection. The whole system is self-repairing, *if* someone notices the problem quickly.

Mute Ant
Level 14
Level 14
Posts: 5135
Joined: Tue Sep 03, 2013 7:45 pm
Location: Norfolk UK

Re: How often do linux distro repositories get compromised?

Post by Mute Ant » Fri Feb 05, 2016 7:36 pm

I suspect it will be the trusting habits of new users that compromises their system. It is amazingly easy to unpack a .deb, add your own code and repack it. Firefox even offers to install it for you straight from a web site. How many users will install something called firefox_45.0.0-beta_i386.deb in their desire to have the latest (non-repository) version?
While you're waiting, read the free novel we sent you. It's a Spanish story about a guy named "manual".

User avatar
LinuxJim
Level 5
Level 5
Posts: 659
Joined: Tue Jan 26, 2016 8:01 pm
Location: Oregon, USA

Re: How often do linux distro repositories get compromised?

Post by LinuxJim » Fri Feb 05, 2016 8:47 pm

Mute Ant wrote:How many users will install something called firefox_45.0.0-beta_i386.deb in their desire to have the latest (non-repository) version?
+1

Old Windows 'habits' are the biggest problem for new users. Over and over again.

Post Reply

Return to “Newbie Questions”