Announcement

Collapse
No announcement yet.

SphinUX OS Claims To Be ~150% Faster Than GNU/Linux

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • #41
    I'll try too what this thing is.

    First impressions:

    Comment


    • #42
      Originally posted by Decatf View Post
      The Sourceforge project has suspiciously high user ratings.



      Does this even mean anything or is it just technobabble?
      It seems like technobabble (:P) to me considering that these "developers" have no idea how to even make a distro.

      The distro is created using Remastersys, which just creates a bootable backup of a running system. It contains tons of outdated libraries installed (libopencv-core2.3 and libopencv-core2.4), which usually only happens during distro upgrades. This KDE distro also has java, GNOME libraries, E17 libraries, OpenCV computer vision libraries, and a whole bunch of development files installed.

      Anyway, the high ratings do seem suspicious. The review listed as "Most Helpful Positive Review" is written by an account that's now deleted and another reviewer said that the distro is "very small" (2.6 - 3.8 GB is small?)

      Comment


      • #43
        Originally posted by Grogan View Post
        Thanks for doing that, Chenxiaolong. I suspected it was going to be smoke and mirrors, with a rebranded Linux kernel, but decided against wasting the time time and bandwidth to find out. (Their claim of "99% hardware support" was the first clue that they didn't just pull a new OS kernel out of their arses)

        So they are outright lying and "relicensing" the Linux Kernel as GPL V3. That ought to go over well, now that this project is going to get publicity.

        I also didn't believe the bollocks about using three OS kernels to "multiplex resources" through a hypervisor. I very much doubt that's practical and could only incur more overhead, not less.
        No problem

        From their Facebook page, it seems like quite a few people have already installed the distro. I'm not a security professional by any means, but I'll check to see if the distro is doing anything malicious.

        The project should be reported and removed the SourceForge, but the inner "me" wants to see these lying developers publicly ridiculed :P

        Comment


        • #44
          Still first impression: I made my image for the install too little. No warning whatsoever, installer just gets stuck.

          Also, the installer is hardcoded to use swap. What if I don't want to use swap?

          Comment


          • #45
            Originally posted by ChrisXY View Post
            Still first impression: I made my image for the install too little. No warning whatsoever, installer just gets stuck.

            Also, the installer is hardcoded to use swap. What if I don't want to use swap?
            You'll need to have at least 10GB of space (excluding swap).

            Comment


            • #46
              Yes. Still very unprofessional.

              I have looked around a bit but I have not found anything that indicates it is not linux. All the loaded modules (lsmod) seem to be vanilla linux modules (modinfo). Only in /proc/sys/kernel/version it says "#1 SMP LX-arch 1.0.12-1". That's not really enough to convince me. dmesg and /var/log/syslog look pretty much like linux. There is something in /dist/boot/ltspdk/.temp/. Is it different from a linux kernel? If so, is it actually loaded?

              Comment


              • #47
                Originally posted by ChrisXY View Post
                Yes. Still very unprofessional.

                I have looked around a bit but I have not found anything that indicates it is not linux. All the loaded modules (lsmod) seem to be vanilla linux modules (modinfo). Only in /proc/sys/kernel/version it says "#1 SMP LX-arch 1.0.12-1". That's not really enough to convince me. dmesg and /var/log/syslog look pretty much like linux. There is something in /dist/boot/ltspdk/.temp/. Is it different from a linux kernel? If so, is it actually loaded?
                As far as I can see /dist is a whole lot of nothing. All the binaries segfault if you run them and the system boots perfectly fine if the whole directory is removed.

                Comment


                • #48
                  The distro ships with quite a few penetration tools. Not sure what they are for...

                  EDIT: bkhive and samdump2 are included. Those tools dump the password hashes from the SAM registry hive on Windows partitions.

                  Comment


                  • #49
                    TL;DR: There's a script that sends logs, hardware information, and takes a screenshot of the active Xorg session to http://www.sphinux.org/bug_report.php
                    • /sbin/au
                      • Grabs MAC addresses of all network interfaces
                    • /sbin/auther
                      • Segfaults
                    • /sbin/besbes-otta
                      • Fake tool that benchmarks the time it takes to allocate a certain amount of memory
                    • /sbin/getarch
                      • Prints 'x86_64' or 'i686'
                    • /sbin/koko-wawa
                      • (Removed boost, so can't test right now)
                    • /sbin/lsx
                      • Symlink to /dist/sbin/
                    • /sbin/sau
                    • /sbin/sendstat
                      • Downloads http://www.sphinux.org/56734 and does a string comparison with "SphinUS rocks other suck". The downloaded output is never used in an exec statement so command execution is not possible.

                    • /bin/autodriver
                      • Detects graphics card and installs proprietary drivers
                    • /bin/lsx
                      • Symlink to /dist/bin/
                    • /bin/oba
                      • Also downloads http://www.sphinux.org/56734 and does the same string comparison
                      • Sends the following to http://www.sphinux.org/bug_report.php
                        • date
                        • lspci
                        • lsusb
                        • lscpu
                        • lshw
                        • lshal
                        • lsmod
                        • dmesg
                        • lsblk
                        • /var/log/boot.log
                        • whoami
                        • xwd -root ***WARNING: This takes a screenshot of the current Xorg session***
                      • This script presents a fake "# Authenticating ..." text when sending the data
                    • /bin/readme
                      • Prints out /usr/share/horus/scripts/readme and pipes it to less
                    • /bin/xhost
                      • ***WARNING: Potentially dangerous: Calls "xhost +"***
                      • Runs "/etc/init.d/autofs start"

                    • /opt/Synaptics/HKLM_Kernel
                      • Dump of Synaptics registry entries from Windows (includes some device IDs unrelated to touchpads)
                    • /opt/Synaptics/HKLM_User
                      • Some more Synaptics registry entries
                    • /opt/Synaptics/**/*.so
                      • Lots of libraries here. I have no idea what they are for


                    • /usr/bin/4L-cli
                      • Broken symlink
                    • /usr/bin/4L-gui
                      • Broken symlink
                    • /usr/bin/au
                      • Same as /sbin/au
                    • /usr/bin/auther
                      • Same as /sbin/auther
                    • /usr/bin/disoff
                      • Calls some ACPI methods to supposedly turn of the discrete graphics card
                    • /usr/bin/dison
                      • Opposite of above
                    • /usr/bin/edu
                      • echos a short description of readme, rkhunter, nmap, ip, nbtscan, besbes-otta
                    • /usr/bin/getarch
                      • Same as /sbin/getarch, except last line has "&>/dev/null 2>&1"
                    • /usr/bin/mangui
                      • Shows /usr/share/horus/scripts/readme with kdialog
                    • /usr/bin/powercontrol
                      • Performs some power management tweaks (CPU freq, VM write back timeout, SATA ALPM, etc)
                    • /usr/bin/sau
                      • Same as /sbin/sau

                    • And yeah...I highly doubt these people could create a kernel since they can't create a distro properly:
                      • Their bluetooth devices address is 9C:B7:0D:69:E7:BF
                      • All of their prior DHCP leases are in /var/lib/dhcp/ and /var/lib/NetworkManager/
                      • All policykit actions are automatically allowed (even on installed system): /var/lib/polkit-1/localauthority/10-vendor.d/10-live-cd.pkla

                    Comment


                    • #50
                      Looking at base.squashfs:

                      Code:
                      $ cat etc/issue
                      Debian GNU/Linux 7.0 \n \l
                      
                      $ head etc/init.d/live
                      #!/bin/sh
                      
                      ## live-boot contains the scripts that configure a Debian Live system during
                      ## the boot process (early userspace).
                      ##
                      ## This is the sysvinit script for live-boot.
                      This is Debian Live GNU/Linux 7.0 i386 with some extra goodies, even non-free firmware blobs, and no source code.

                      Inside /dist is chroot of another system, of statically built i386 binaries. /usr/Makefile identifies a Minix3 release of pkgsrc that was probably used to build it all.

                      I don't notice anything malicious at first glance, but don't see anything remotely good about it either...

                      Comment

                      Working...
                      X