The headline is a little misleading, this story is about the group Velvet Ant breaking into devices and replacing the login software in those devices with backdoored copies.
It is not them backdooring linux login software in the distro supply chain…
Thank you. I’m glad my instincts told me to read the comments on this one before following the link.
It’s also an ai written article.
I’m so tired of news articles that hype up fairly mundane stuff, acting like it’s the next big bomshell.
In addition to that, by misrepresenting what is happening, it’s literally actively harmful to consume this kind of news, which is so common on the cybersecurity news cycle.
Yet another cyberslop article.
It also makes the impression that linux are insecure and prone to malware, backdoor, and all sort of nasty stuff. Things that are relevant in the current time of people moving away from windows. The AUR news too is making it seems like AUR is a primary repo for many of arch packages
LOL, here I am, too lazy to use any, but just the default CLI thing which autostarts Sway from bash, for like a decade.
what are we meant to do?
Nothing. The group in question attacked a specific system. The title is misleading.
Don’t let people steal your device to break into it and replace the login software with a compromised version…
Go to something immutable.Apparently this is not as strong a solution as I thought. Apologies.
I don’t know that the current crop of immutable distros would be able to prevent something like this. rpm-ostree, at least, lets you install out-of-tree rpm packages to the base system, you just have to reboot for them to take effect.
Not really. Immutability can be overriden by root, who can then edit files.
And in addition to that, /etc/, system config files, including pam files mentioned here, are not immuable even in immutable distros.
TIL, TY.
