DuckDuckGo Ups Ante: Gives $300K to 'Raise the Standard of Trust'
For the seventh year in a row, the search engine that promises not to stalk your online moves puts its money where its mouth is, this year by donating $300,000 to organizations that
System76 Saying Goodbye to Bland Design
Considering that System76 chose to unveil its new design plans to The Linux Gamer -- no invite went to FOSS Force, BTW -- we can't help but wonder if a System76 Steam Machine isn't in the works.

The Screening
The Great Debian Iceweasel/Icedove Saga Comes to an End
Now that Thunderbird is back in the Debian repositories, the decade long dispute that led to all Mozilla products in Debian being rebranded has ended.

The hatchet is finally completely
Back Yard Linux
It's not as lonely being a Linux user as it once was. These days you're liable to find people throughout your neighborhood using Linux.

My how times have changed.

It wasn't long ago that Linux
No, Evil Hackers Aren't After You
Humankind has outgrown the need to have monsters hiding under our beds. Now we let them hide in our phones, computers and microwave ovens.

Roblimo's Hideaway

OMG! I think I see a giant camera lens on
Should the U.S. Army Have Its Own Open Source License?
Should the U.S. armed forces begin releasing software under an OSI approved open source license rather than as public domain?

Roblimo's Hideaway

This question has generated many pixels'
GitHub CEO Chris Wanstrath on Open Source
Did you know that the software Stephen Hawking uses to speak is open source and that it's available on GitHub? Neither did we.

The Screening Room

At the Computer History museum, GitHub CEO Chris
February 21st, 2016

Linux Mint Hacked: ISO for 17.3 Cinnamon Edition Modified

An intrusion of the Linux Mint server on Saturday makes downloads performed on Saturday of version 17.3 Cinnamon potentially vulnerable.

Linux Mint project leader Clem Lefebvre revealed in a blog post today that the popular Linux distribution’s servers were hacked on Saturday. During the “brief” intrusion, the hackers modified the ISO of the Cinnamon edition of Linux Mint 17.3 (Rosa) and also gained access to the distro’s forum database. Only this particular ISO is affected; other editions or releases are considered safe. Only ISO’s downloaded Saturday are potentially vulnerable.

Linux Mint LogoThe modification installs a backdoor into the operating system and any installations made from the affected ISO will need to be replaced. This includes live versions on USB sticks or DVDs. However, not all copies of the ISO downloaded on Saturday are vulnerable. Users who downloaded are urged to check MD5 signatures to make certain the downloaded file is an unmodified version or to boot into the live version (or to the hard drive if the download has already been installed) while offline — Lefebvre suggests disabling the system’s router if in doubt — and look for the file /var/lib/ If this file is present, the download is infected.

To check the MD5 signatures on a saved copy of the ISO, open a terminal and run the following command using the file name of the downloaded ISO:

md5sum filename.iso

If the query returns the correct signature from the list below, the download is clean and not infected.

6e7f7e03500747c6c3bfece2c9c8394f linuxmint-17.3-cinnamon-32bit.iso

e71a2aad8b58605e906dbea444dc4983 linuxmint-17.3-cinnamon-64bit.iso

30fef1aa1134c5f3778c77c4417f7238 linuxmint-17.3-cinnamon-nocodecs-32bit.iso

3406350a87c201cdca0927b1bc7c2ccd linuxmint-17.3-cinnamon-nocodecs-64bit.iso

df38af96e99726bb0a1ef3e5cd47563d linuxmint-17.3-cinnamon-oem-64bit.iso

Any affected image burned to an external medium should not be used (i.e. DVDs should be thrown away and USB drives reformatted). If the affected download has already been installed on a computer, users will need to backup any personal data and reinstall the operating system from a clean download.

Lefebvre says that the Linux Mint forum database, which was also accessed during the intrusion, contained the following information:

  • Your forums username
  • An encrypted copy of your forums password
  • Your email address
  • Any personal information you might have put in your signature/profile/etc…
  • Any personal information you might written on the forums (including private topics and private messages)

Users of the forum are urged to change their passwords, as well as to change passwords on any website using the same password.

We’re currently in the midst of our 2016 Indiegogo fundraising drive. Your support is crucial. Won’t you please visit our fundraising page and make a contribution to support FOSS Force?

Comments are closed.