Originally posted by ptr1337
View Post
Announcement
Collapse
No announcement yet.
CachyOS Making Use Of Plymouth For Better Boot Experience, Mitigates For XZ Fiasco
Collapse
X
-
Originally posted by EphemeralEft View Post
Why not ship an older version instead of trying to patch out the malware? If you or the researchers missed anything, it might still have serious vulnerabilities.
- Likes 2
Comment
-
Originally posted by ptr1337 View Post
We already support encrypted ZFS installs via LUKS since around 9 months.
We found an issue together with plymouth, when used with zfs encryption and will provide in the next hour a fix (this gets ondemand applied at the users online installation).
Currently via Calamares there is only a direct on root install possible, like with own disk/partition. We are planning to provide zfsbootmenu support in the CLI Installer.
Comment
-
the XZ fiasco show that rolling distros like arch are really really dangerous.
the only people who can savely handle this is valve because they establish their own version system with their steam deck images.
(edit) i know Arch was not affected by the XZ fiasco but still i think rolling distros are dangerous.Last edited by qarium; 02 April 2024, 01:06 PM.Phantom circuit Sequence Reducer Dyslexia
Comment
-
Originally posted by qarium View Postthe XZ fiasco show that rolling distros like arch are really really dangerous.
the only people who can savely handle this is valve because they establish their own version system with their steam deck images.
(edit) i know Arch was not affected by the XZ fiasco but still i think rolling distros are dangerous.
Comment
-
Originally posted by pWe00Iri3e7Z9lHOX2Qx View Post
Ahh, sorry I should have been more clear. I meant native ZFS encryption. I poked around with the Calamares installer a few weeks ago and noticed ZFS on root but no native encryption there. Super cool about ZFSBootMenu support in the CLI installer.
Code:2024-04-02 - 19:04:49 [6]: .. Running QList("zpool", "create", "-f", "-o", "ashift=12", "-o", "autotrim=on", "-O", "mountpoint=none", "-O", "acltype=posixacl", "-O", "atime=off", "-O", "relatime=off", "-O", "xattr=sa", "-O", "normalization=formD", "-O", "dnodesize=auto", "-O", "encryption=aes-256-gcm", "-O", "keyformat=passphrase", "zpcachyos", "/dev/disk/by-partuuid/8cee85ba-2bef-489a-9b30-63d20da38b76")
- Likes 1
Comment
-
Originally posted by pWe00Iri3e7Z9lHOX2Qx View PostI wouldn't say "very specific" in this case. The fact that they only cared about RPM and DEB build targets basically tells you they cared about all the enterprise distros (RHEL / SUSE / Ubuntu / Debian). It was a combination of timing / luck / one curious mind that avoided a total farking disaster several months down the line. One dude (employed by Microsoft) doing some micro-benchmarking.
Whoever these shitheads were, they even had Google's OSS-Fuzz project disabled ahead of time for XZ to try and make sure the fuzzer wouldn't pick up their changes.
these people are the hacker group with the specification name "Magnet Goblin"
A financially motivated hacking group named Magnet Goblin uses various 1-day vulnerabilities to breach public-facing servers and deploy custom malware on Windows and Linux systems.
month before the xz case these people attacked me and other people here at the phoronix.com forum the forum user sophisticles places
links to injected webservers who then used CVEs on Firefox 119 and then a glibc CVE was used to get root access and then a logofail virus was installed in /boot/efi/logo.jpg
this "Magnet Goblin" Hacker group used a CVE in the Apache ActiveMQ to infect the webserver.
"CVE-2023-46805, CVE-2024-21887, CVE-2024-21888, CVE-2024-21893., Apache ActiveMQ"
to my information these people are connected to the Indymedia left-wing extremists means they are ADL's connected to Mossad in israel and ADL's in Ukraine. https://en.wikipedia.org/wiki/Anti-Defamation_League
these ADL's are connected to Bill Gates and other ADL's like him.Phantom circuit Sequence Reducer Dyslexia
Comment
-
Originally posted by andyprough View PostIf XZ's backdoor is a fiasco, what should we call Chrome/chromium's 53 known zero-day exploited vulnerabilities that have been added to cisa.gov's catalog over the past 28 months since November 2021? What word is worse than 'fiasco'? A 'tragedy'?
if the usa and any us based company like google build in a backdoor in google chrome then well of course its not a fiasco its business as usual...
XZ's is only a fiasco because it is the hacker group "Magnet Goblin" connected to ADL's in israel and ukraine. (Bill-Gates)Phantom circuit Sequence Reducer Dyslexia
- Likes 1
Comment
-
Originally posted by Quackdoc View Postand yet without them, rolling/testing distros, it would not have been discovered
experts can do whatever they want of course.Phantom circuit Sequence Reducer Dyslexia
Comment
-
Originally posted by qarium View Postthe XZ fiasco show that rolling distros like arch are really really dangerous.
the only people who can savely handle this is valve because they establish their own version system with their steam deck images.
(edit) i know Arch was not affected by the XZ fiasco but still i think rolling distros are dangerous.
- Likes 1
Comment
Comment