(old)Puppy Linux Discussion Forum

http://www.securityweek.com/cia-tools-s ... -wikileaks

"....The other tool, Gyrfalcon 2.0, described in a document dated November 2013, is designed to steal SSH credentials from the OpenSSH client on Linux platforms.

Gyrfalcon is a library loaded into the OpenSSH client process address space. It collects OpenSSH session traffic, including usernames and passwords, compresses and encrypts the data, and stores it in a file. A third-party application is required to exfiltrate the file......"

Hi belham2.

The CIA would be interested in stealing your SSH credentials because... ???

Tell me:
why would the CIA be interested in Joe Bloe Belham2 or Joe Bloe Musher0 ?

What do they do with these credentials, anyway?

BFN.

if the NSA were in my machines I would be upset they spent the tax payers money on accessing some extremely boring stuff with no value for now or the future.

Hi rockedge.

Ask Agent Jones or Agent Smith to leave their business cards next time
they come snooping?

Meaning:
don't throw a fit, with that business card, you can get even.

Joke aside, I wonder how much of that is modern folklore. People love
spooky stories and spy stories, y'know.

~~~~~~~~~~~~~

In the case of a kernel module being added, there's a simple way to
check your system's integrity, by listing the modules right after install and
checking that the list is the same every once and a while.

Same for the watchamacallit-falcon added library for OpenSSH: if it wasn't
there at time of install and all of sudden it is.

If something's fishy, we re-install. It's as easy as 1-2-3 on Puppy Linux
-- PROVIDED YOU MAKE GOOD AND REGULAR BACK-UPS, FOLKS.

~~~~~~~~~~~~

Maybe it's the moon phase? We hadn't had a security scare in a while on
this forum...

BFN.

If one is playing at a kasino on-line, almost all kasinos use SSH to TX/RX game info.
Its not openssl as one might think.

Regards
8Geee

Maybe it's the moon phase? We hadn't had a security scare in a while on
this forum... Wink

A werepuppy!!???