I guess the mileage may vary. At the end of the tutorial, you have already a distinction for Linux Mint users and for other Linux users.BigEasy wrote: What have to do WIndows users?
What did you use to burn your disc? Brasero?Farjohn wrote:Skaendo, Thank you for the post. I was beginning to suspect that, though not knowing why. Maybe a formatting issue when the disk is made bootable....
Rufus? If so you will never get a good checksum from that disc.Farjohn wrote:Skaendo, I "had" a Windows machine with Win7 and Win 10 installed but wiped them and did a clean install of 17.3. I'd had trouble making a bootable DVD using the Windows media utility, so I downloaded a freebie package that worked fine, though I looked at several and can't recall which one I used. You would likely recognize the name as it rang a bell with me, but damned if I can conjure it up right now. Oh well ... thanks again.
Once in the live session, if there is a file in /var/lib/man.cy, then this is an infected ISO. You need to reformat you hard drive and re-install Mint in this case.
The problem that happened is not about the security concept and the security of LM OS. This was about the forum, the web site, the servers.Icarus149 wrote:I wish the mint representatives also comment on what is currently written on the Debian-Forums regarding this issue and the security concept of Mint in general. This really unsettles me at the moment and I'm seriously considering to dump Mint and move to a different distro...
The *.* wildcard pattern is peculiar to Windows (it came from DOS). Don't use that in Linux - it doesn't mean the same thing. In Windows, it matches all files. In Linux, it only matches files with a dot in the filename. The Linux eqivalent to *.* is simply * - hope that helps.Farjohn wrote:So on a whim I added a /*.* to the end of the path and got the hash code for the only text file in the directory. Interesting result.
What people don't generally understand is that installing an update to correct a local security issue (like typing 8 times esc to log in something) can create a new security issue. And this new one may be accessed remotely.Drygar wrote: On Ubuntu or U-flavors , by default all available updates are "pushed" and pre-selected to the user including the new kernel versions. Personally, I don't like updating the kernel several times a month for non-security issues or too-low-risk issues.
Farjohn, I just did a review of this thread and noticed that in your original post detailing the problems you were having that you said that you had created a directory titled "linuxmint-17.3-cinnamon-64bit.iso" with the file you wanted to check inside that directory. I had not read that properly when I made my response to your post. On that basis the correct command to use would have been:Farjohn wrote:Radish, I keep blowing up my replies, so I'll be brief. You were right; bad case for Documents. Running it again I was told "that's a directory, stupid!" or some such. Again, I should have known better. So on a whim I added a /*.* to the end of the path and got the hash code for the only text file in the directory. Interesting result. Thank you for your help, once again. I think I'm going to assume my install is good and forge ahead. Cheers!
Code: Select all
md5sum /home/sig/Documents/Mint-17.3/linuxmint-17.3-cinnamon-64bit.iso/linuxmint-17.3-cinnamon-64bit.isoThey have always been safe. What wasn't safe on February 20th was the download link on the website; that pointed to the server of the attacker where he had placed an infected ISO. The ISOs themselves on Linux Mint servers, mirrors, and torrents have been unaffected and are verifiable safe.fredimac wrote:Are new iso images really save now?
Yes. Better yet, you've been able to use GPG signed SHA256 hashes since Linux Mint 17 so the ISOs can be verified to originate from Linux Mint. See https://community.linuxmint.com/tutorial/view/2266. Since Linux Mint 10 the SHA256 hashes have been available though before Linux Mint 17 not GPG signed.fredimac wrote:Are you md5 hashes really save?
Yes. Updates are verified to originate from Linux Mint (or Ubuntu/Debian) before they are installed. Again with GPG signed SHA256 hashes.fredimac wrote:Are updates for older Linuxmint Cinnamon installations save?
says https://scalibq.wordpress.com/2011/09/0 ... -org-hack/Security breach on kernel.org
Earlier this month, a number of servers in the kernel.org infrastructure were compromised. We discovered this August 28th. While we currently believe that the source code repositories were unaffected, we are in the process of verifying this and taking steps to enhance security across the kernel.org infrastructure.
