Watch out, the Linux Mint website was hacked and backdoored ISOs where uploaded on the servers.
http://blog.linuxmint.com/?p=2994&_utm_source=1-2-2
>the site's been hacked and it's probably serving malware
>here, look!
look OP, if someone is intelligent enough to check the site from a sandboxed machine, they don't need you linking to the compromised server. If they're not, then you're just linking idiots to get malware.
Don't be a fucking retarded faggot. Your thread is going to get deleted by mods because you were too stupid to omit a link to probable malware.
minters btfo
no but seriously, start verifying if you weren't before.
This is why I never recommended Linux Mint to anyone. The whole project always struck me as amateur, and I figured it was only a matter of time before they fucked up big time. Would have guessed something in the distro rather than the server getting hacked, but it makes sense.
>>53091548
They fixed the site you fucking moron, it WAS serving backdoored ISOs.
>>53091548
Dunno about you, but I'd guess BLOG.linuxmint.com wouldn't be where they host their ISOs
>>53091806
It should go without saying not to download the ISOs until someone can confirm credibility. the problem here is multifold:
1) The site has been hacked and somehow we're supposed to believe that the blog isn't just a mouthpiece for the hackers now
2) The site has been hacked and somehow we're supposed to trust that it's not serving tracking malware or any number of other things surreptitiously
3) The site has been hacked and, in the supposedly authoritative place to read about that hack (their blog), they've decided to go with no SSL to verify that the content is coming from them and not getting MITM'd.
This isn't rocket science. On the scale from "basic retard shit" to "rocket science", this is closer to "basic retard shit" than developing an operating system is, so it's pretty worrying that they can't handle this trivial crap.
>>53091867
Well, there's that. And using Wordpress. Or anything PHP-related instead of Common Lisp and Caveman2.
this is what you get for not running arch
>>53092014
they should have installed gentoo
it just works
FUCK. RECOMMEND ANOTHER DITRO GUISE
>>53092444
Windows 10
>>53091867
except today we have twitter
forums.linuxmint.com pwd
/root/hacked_distros/mint/var/www/forums.linuxmint.com
forums.linuxmint.com cat config.php
<?php
// phpBB 3.0.x auto-generated configuration file
// Do not change anything in this file!
$dbms = 'mysql';
$dbhost = 'localhost';
$dbport = '';
$dbname = 'lms14';
$dbuser = 'lms14';
$dbpasswd = 'upMint';
>>53091524
HAHAHAHAHA
>linux
>secure
>>53092444
Debian.
>>53091806
>what is a vhost
>>53092444
Xubuntu.
Why the hell would you use Mint anyway when there's Xubuntu?
>>53092842
>currynigger pretending to know about security
topmostkek
>>53092930
Because we want a good DE
>>53092983
why the hell would you use linux when you are so intimidated by something as simple as switching DE's that the packaged one is a major determinant of which distro you choose?
>>53092983
Then wait until cubuntu is officially out
>>53093003
if installing a DE is easy, why the hell would you install xubuntu?
>>53092930
Cinnamon
I downloaded an ISO 2 weeks ago. YOU FUCKERS TOLD ME LINUX WAS SECURE
>Edit by Clem: Yes, the breach was made via wordpress. From there they got a www-data shell.
>>53093008
i wouldn't, and didn't.
>>53093031
"2 weeks ago" is way before the breach, calm your tits
Also, >>53093055
>>53093031
>taking computer advice form an anonymous image board invested with weaboos and autism(the bad kind)
Well I guess this is the push I need to switch to Fedora.
>>53092705
honestly more projects should just make a twitter account, get it verified, enable the highest level security possible (in this case fully randomly generated passwords and 2FA), and use that to post current status reports. Or at least links to those things.
If my server is compromised, at least that's generally sandboxed from the credentials/credibility of the account on another site, which has totally different auth, etc...
>>53093091
There's a good kind?
>>53091524
>Linux Mint website was hacked and backdoored ISOs where uploaded on the servers.
Impossible. GNU/Linux is 100% secure.
>>53093202
hey senpai
>>53093005
terrible name
>>53092444
The answer is always Debian, then Arch, and finally Gentoo.
That's why I use ubuntu
This never would have happened to official Microsoft servers with Windows 10 ISOs.
Just sayin
>>53092444
Debian XFCE
Xubuntu
>>53093312
It also never would've happened to any distro worth two shits
This is why you shouldn't use Linux Mint.
>>53093202
>>53093225
basically this. theres the type of autists that are social rejects but have an iq the better part of 200 and they literally do not give a fuck about anything but their few obsessive subjects of interests. In those 1 or 2 things they obsess over they will know anything there possibly is to know about it. these types of autists literally will have taken us out of the caves and into the stars.
>>53093419
>>53093364
this sequence of posts is /g/ in a nutshell
>>53092836
/facepalm
>>53093558
other post is deleted, what did it say?
I thought Linux was good...
>>53093681
Linux maintained by professionals is good
So much for Linux security
>>53093701
Linux was never secure
>>53093971
Linux is still secure, you only have to worry about it if you installed Mint at that specific time which you probably didn't. People who already have Mint or use some other distro are fine.
>>53091524
Well, between this and being stuck with a 3 year old version of GPG that can't be upgraded because it's a core system package and that I get warnings about it every time I open Thunderbird, it looks like it's time for me to try a different distro from people who actually take security seriously.
>mfw i decided to download mint fucking TODAY
>mfw i checked the md5 hash and i have the infected iso
good thing i spent all day studying and didn't install it
I installed Linux mint about 35 days ago. Does this affect me?
>>53094311
read the link you stupid cunt
>>53094311
never mind, I'm a stoopkid. I didn't realize it said it was done today.
>>53091524
>If you downloaded via torrents or via a direct HTTP link, this doesn’t affect you either.
Doesn't everyone get their Linux from torrents? I haven't direct downloaded an ISO in years
>>53094326
sometimes direct download net install isos.
but with netboot, it's bretty cool to just choose whatever distro i want from the menu.
>Linux
ITT: Retards who think website hijacking and OS security are the same
A Wordpress vulnerability let hackers get into the site, where they replaced a download with a compromised version. You fucks are literally retarded
>>53091524
Holy shit.
>>53091693
This.
>>53093681
install arch senpai
>>53094362
Fuck you Maki poster
>>53094436
If what this poster >>53094249 said is true about not being able to update GPG, there are still other problems.
>>53094813
Mint holds back certain security updates depending on how risky it is to keep vs. risky it is to update. Basically, Firefox patches get pushed immediately, but a fix to a bug only exploitable with physical access might get delayed for an awful long time. Ubuntu, which Mint is based on, simply pushes security updates when available. So yea, Mint is less secure than Debian, Ubuntu, Arch, Gentoo, etc (which is why I've never even bothered with it). However, these asshats sit here with shit like "I thought Linux was good..." over a hack that has nothing to do with the security of the Linux family of OS's.
What people should take away from this is just don't use Wordpress (or isolate blogs from your dl host) and don't use Mint.
>Site database password has been available to hackers for at least 5 years
>Site has been distributing compromised downloads for an undetermined length of time
>Once it was exposed, hackers took down entire site and forums
What a clusterfuck. I hope this opens peoples eyes on how amateurish Mint is as a project. It's just Ubuntu/Debian with a Gnome 3-forked DE. It's no more of a "real" distro than Elementary, Papyros, or any other "customized DE = brand new OS" flavor.
>>53092836$dbpasswd = 'upMint'
>Idiots on /g/ trust these people enough to run Mint on their system
>>53095005
>yfw the fbi backdoor is username:FBI password:password
Didn't the creator of Mint denounce the Jews?
>>53092444
Debian minimal install or Ubuntu Server
>>53095308
>cloud storage
>cloud computing
>stream all you media
>BANDWITH CAPS OUT OF, BAM!
>>53092444
Deepin 15.1 or Arch with Deepin DE and utilities
>>53093654
>>53093312
Microsoft has pushed malware to users via Windows update more than once.
>>53095308
Woah, now that I remember correctly, he did denounce the jews
>>53093229
>>53093005
cuckbuntu
:^)
>>53093654
change boards.4chan.org to rbt.asia and it will take you directly to the archive
or you could not be a faggot and install a 4chan x addon that can do that for you
>>53092930
Mint doesnt screen tear on 660
>>53095918
huh I recall seeing that.
what the fuck is a pure bit me account
>>53096414
but anon, I dont have the time to read through he source for a 4chan addon account so that I know its safe to use :(
>Years ago
>Install Fedora in laptop
>laptop turns out to be shit: overheats, battery life was one hour
>Buy smaller, cheaper laptop
>Let's try Mint (I think it was Nadia) for a change
>Update it to Petra
>Realised I have broken packages last week
>Well, I must install some new packages because I need this laptop for work
>Fix it
>Well, now I can work because I was given a Windows XP desktop ("you can use ssh lol")
>This happens and people say I should remove Mint
I don't have the time to do a new install and I'm too lazy for that.
>>53096689
it's an invite to a private tracker obtained by selling your butthole to a member
