November 13th, 2002, 05:54 PM
What's up with all these trojans?
At the risk of sounding like a broken record, we have YET ANOTHER trojan in the source code of an open-source project. This time it struck close to home for me, as the trojan was in the Gentoo portage sources of libpcap and tpcdump. Details are here.
Man, WTF is up with all these source trojans in the last 6 months? I've been busy with other things for the last month or so and haven't had much time for AO and computer stuff. Are these trojans believed to be by the same person or group, or are they just copycat incidents?
More importantly, is the source code that we have prided ourselves on for so long now turning into an Achilles heel for the *nix world with all these trojans?
Do what you want with the girl, but leave me alone!
November 13th, 2002, 06:34 PM
I just read the same article, on slashdot and I was wondering, do they even check the source before they compile and release it? The mere fact that its open source means anyone can do anything to do, so it would seem wise to check it to make sure no one stuck some extra code in there to give them a backdoor?
You're not your post count, You're not your avatar or sig, You're not how fast your internet connection is, You are not your processor, hard drive, or graphics card. You're the all-singing, all-dancing crap of AO
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0