Educating Ourselves on Security Tools and Concepts

For discussions about security.
Post Reply
Message
Author
musher0
Posts: 14629
Joined: Mon 05 Jan 2009, 00:54
Location: Gatineau (Qc), Canada

#16 Post by musher0 »

Hello, Sky Aisling.

If I understood the article correctly, it uses GStreamer as a vector. If you
have "Secrets of State" stored somewhere on your computer :) , for the
time being avoid any program that's GStreamer-based?

Very few Puppies if any come with the GSTreamer suite by default. If that
news makes you nervous, use Sound-Exchange (aka SoX), mplayer or
vlc instead of a Gstreamer-based app to play your music or media?

I'm sure the GStreamer programmers will come up with a corrective
shortly. Why not go check on their site now?

I also noticed in the article that this malware has recently been
"published"? It's unclear to me if that means it's a proof-of-concept thing,
a lab experiment or a real "out there" bug -- or if some kiddo just wants
his / her 10 minutes of fame.

If it was a POC thing or an experiment, I wouldn't worry about it.

As you no doubt already know any code of any OS can be deflected for
evil purposes.

That said, I'm quite sure that 01micko and the other programmers at the
top of the Puppy-building chain take extreme care NOT to include
malware of any kind in Puppies.

If you need extra reassurance, install the real lsof utility (please see
above), and check every now and then if there is outgoing activity on
your line while you are running a GStreamer-based app.

If nothing abnormal shows in the lsof report after using it 2-3 times,
again, I wouldn't worry about this.

IHTH.
musher0
~~~~~~~~~~
"You want it darker? We kill the flame." (L. Cohen)

Post Reply