FOSS Week in Review
Larry’s away today, hiding beneath his tinfoil hat and hoping to escape the ravishes of Friday the thirteenth, so I was volunteered to write this week’s review. Sorry. Larry will return next week.
G’bye Debian Live: By now you’ve probably heard the news that evidently the Debian Live project is no more. This according to the project’s leader, Daniel Baumann, who posted An Abrupt End to Debian Live on the Debian website on Monday. According to him, the project was “hijacked by the Debian-cd and the Debian-installer teams.”
Reading the post, you might be excused for thinking it’s not all wine and roses over in Debian-land. “Debian can be great,” Baumann wrote. “But depending on who you are, where you come from, and who your friends are, Debian can also be hateful and full of deceit.”
He went on to say that the live.debian.net server will be shut down at the end of the month and that the Git repositories have already been made read-only.
Back up your web server: We learned this week from Lucian Constantin on ITworld about new ransomware that’s targeting Linux servers. The malware program, discovered by Russian antivirus vendor Doctor Web who call it Linux.Encoder.1, seems to be a bit of nasty work, according to Constantin.
“Once run on a system with administrator privileges it starts traversing the whole file system and encrypting files in specific directories,” he wrote, “including the user’s home directory, the MySQL server directory, the logs directory and the Web directories of the Apache and Nginx Web servers.” After that, it leaves a ransom note in every directory in which it has encrypted files.
Backups stored on the server aren’t safe, either. as the malware “also encrypts archives and directories that contain the word backup,” meaning that backups need to be stored on another server.
Although Bitdefender Labs has published a decryption tool for this, it won’t necessarily work in all cases.
“It was brought to our attention that the decryption tool was not working on particular cases,” the company said on its website. “Upon investigation we were surprised to find out that some victims were infected more than one time….
“This means that some files were encrypted using a key, and others using another set of keys. However, in so doing, the race condition generated leads to some files getting irreparably damaged (their content is truncated to zero). And in some cases even the ransom notes became encrypted!”
Forewarned is forearmed and all that…
See ya next time. Until then, may the FOSS be with you…
Help keep FOSS Force strong. If you like this article, become a subscriber.