https://news.ycombinator.com/item?id=11142986
>>53094295
Is this where I post "FREETARDS BTFO" and the thread explodes into madness?
>>53094325
You missed that thread.
But as things are this one will turn like that soon.
Good thing my live version is from months ago, and the last one i created is from a week ago.
Linux is secure guys!
>>53094399
No one ever said this bullshit, Pajeet.
>>53094399
>problem was with wordpress
>blame linux kernel
>>53094443
was with fucktard dev, linux mint is run by a retard
>>53094295
>not checking the checksum and/or signature of the iso after downloading, preferably from a second source
learned nothing from Snowden?
>made a friend switch from win8 to mint very recently
>now have to check whether it was the hacked ISO or not
what a great way of ruining people's trust
>>53095709
The cunt that runs Linux Mint never posted the checksums over HTTPS
Even just posted MD5s.. to show how much of a faggot he is
>>53095922
I downloaded mint with xfce a week ago or something as well, to try linux...
Is checking the md5 checksum enough for this mess?
>>53094295
>logo resembles a paw
fucking furries i swear to god
leave my software alone
>>53096138
CRC32: D1B885F9
MD5: 729C92E3EF247BBC12104E6C14A2B95E
SHA-1: AC9DFDCC0A628C734E32DC6BC10AEA9F10FAF6A1
Those are my mesh values for mint 17.3 with xfce, downloaded on 15 feb.
>>53094325
>>53094399
This was a problem of not checking the hashes before burning the ISO, always check the hashes or you get what you deserve. I always had a strange feeling this was going to happen to mint sooner or later
>>53096138
MD5 has been deemed to be insecure since around 1995
FREETARDS BTFO FREETARDS BTFO FREETARDS BTFO FREETARDS BTFO FREETARDS BTFO FREETARDS BTFO FREETARDS BTFO FREETARDS BTFO FREETARDS BTFO FREETARDS BTFO FREETARDS BTFO FREETARDS BTFO FREETARDS BTFO FREETARDS BTFO FREETARDS BTFO FREETARDS BTFO FREETARDS BTFO FREETARDS BTFO FREETARDS BTFO FREETARDS BTFO
>>53094325
Prove it by finding a virgin Windoze ISO, you smug knob-gobbler.
>>53094295
Gentoo does not have that problem.
>>53098630
Fucking ignorant retards spouting non-sequitur to make themselves sound smart, as always.
/g/ - saying retarded shit like they're relevant since 2003.
>>53096138
Once in the live session, if there is a file in /var/lib/man.cy, then this is an infected ISO.
http://blog.linuxmint.com/?p=2994&_utm_source=1-2-2
>>53098630
in theory it might not be, but i guarantee you nobody would be able to somehow infect an iso file with malware and still manage to have file the originals MD5 hash
They can just change the checksums with the appropriate ones of their hacked isos.
Don't worry, there ain't viruses for linux.
>>53096154
>your hippocampus literally resembles two paws
Furries are literally in your head anon
>>53096138
This only affects cinnamon ISOs.
>>53098661
>clasping at straws
>>53100536
Jokes on you, I don't have an hippopotamus
>>53098737
Are you actually retarded?
Wow there are people out there who don't run a checksum on their downloads.
>>53094295
> implying people still use Linux.
>>53094295
Well fuck, downloaded it yesterday.
I didn't check checksum, did that so often that I thought "Why would there anything be wrong with it now.
>mfw
So realistically how much would this exploit sell for?
The guy asked for 85 bucks in buttcoins
>>53101198
Found the inbred.
>>53101139
it's grasping at straws
>>53094295
Well between this and the distro being depended on an outdated version of GPG, it looks like it's time to try a different distro.
Nobody gives a shit about security until something happens and then they slam the poor guys trying to clean up the mess with a ton of unrelated (and often times not that big a deal) things.
> md5 is insecure!
It sure is. Very difficult to distribute a modified iso that matches the same hash but it is possible. However, the hashes didnt match
> sites not over HTTPS!
Sure, it probably should be. This would not have helped you at all this time.
> x should be used in linux mint!
Im sure there are all sorts of extra security measures that could be taken. Its a balance between usability, features, security and time. Also, this attack has nothing to do with mint itself.
>Linux
>>53101180
I want a hippopotamus for Christmas. Only a hippopotamus will do.
>download xfce mint a few months ago
>create a bootable drive and attempt to load it up
>doesn't support some of my hardware or I fucked up the bootable
>completely disregard mint from then on
No worries for me!
>>53101629
The only way to get a matching md5 hash would be if you made a 10tb++ iso, which would obviously be fake.
>>53101863
Right. I dont know the exact numbers. Hashing collisions are possible but hard to do especially with something that size.
>>53101629
>> x should be used in linux mint!
>Im sure there are all sorts of extra security measures that could be taken. Its a balance between usability, features, security and time.
If you're referring to this poster's >>53101549 complaint about GPG. They force you to use a 2-3 year old version that other software depending on it will constantly throw up messages about being out of date and on the brink of no longer being supported by that software. That's completely unacceptable.
>Linux in charge of security
Why even bother? Just let the Chinese/NSA/CIA/FBI/MI5/FSB/etc into your computer.
>>53101787
Well that's clem the retard. He decided that sticking with Ubuntu 14.04 base is cool for home users and the end result is that half of your shit does not work on off the shelf laptops and peripherals. Seriously what the fuck. Mint was better when it tracked biyearly releases of Ubuntu. Now it's an unholy mess. All of your software is basically two years old. Why not give home users latest LibreOffice? Fuck knows why, ask clem the retard.
If you use Linux Mint you get what you deserve. I would call the security team incompetent but they don't even fucking have one. It's a joke of a distro.
>>53103223
What is the point of this when you pull directly from Ubuntu repo?
>>53103299
Mint is a cluster fuck. It does not have a dedicated security team to deal with said cluster fuck. They don't issue security advisories. By default Linux Mint disables all updates for the following packages, including all security updates: kernel, dbus, X.org, acpid, mountall, mesa, systemd, plymouth, upstart, *base-files, grub, grub2. You must manually enable updates and security updates for those.
The Linux mint team are completely incapable of maintaining a distribution, or keeping one secure. It's on them to do that for THEIR distro. Not Ubuntu, or Debian. Particularly when it's pulling packages from everywhere.
If you want a secure system, don't use Mint.
>>53102501
As expected from a terrorist sympathizer.
>>53102168
I wasnt. I was referring to some comments on the blog. It sounds like what you are talking about is a usability issue.
>>53101629
then don't run a linux distro
So if Mint is shit, what IS a good general use distro for a desktop/gaming OS?
>>53106606
Gentoo.
>>53094325
>implying Mint was ever relevant enough for anyone to care
>Mint
Literally who cares?
>>53107373
>most popular and widely used
Yeah, whatever
>>53106606
Ubuntu.
>>53107397
>most popular
Ahahahhahahhahahahhahaha
Protip, distrowatch is not a reliable source of popularity. The most popular distro is Ubuntu, by far.
>>53098685
Digital river still a thing?
>>53107580
This.
Mint doesn't even deserve to be it's own distro.
>>53094295
>Linux is ACTUAL botnet
freetards BTFO
>>53107397
When are you retarded, stupid, ignorant illiterate fanbois going to learn what distrowatch hits actually are and what they actually measure? Protip: It's not use or popularity.
>>53094295
>linux mint
your mistake..
>>53098785
Flame used MD5 collisions to hide from virus scanners.
