[208] in linux-security and linux-alert archive
Re: Trojan in Linux Satan Binaries
daemon@ATHENA.MIT.EDU (Al Longyear)
Fri Apr 14 13:28:27 1995
From: longyear@netcom.com (Al Longyear)
To: stimpson@panix.com (S. Joel Katz)
Date: Sat, 8 Apr 1995 11:34:45 -0700 (PDT)
Cc: linux-security@tarsier.cv.nrao.edu
In-Reply-To: <Pine.SUN.3.91.950408094014.8785A-100000@panix3.panix.com> from "S. Joel Katz" at Apr 8, 95 09:41:03 am
Joel Katz writes:
> SECURITY ALERT -- Trojan in Linux Satan Binaries
>
> ----------------------------------------------------------------------------
>
> It appears that someone with physical access to my computer inserted
> a Trojan into my release of the Linux Satan binaries. This definitely
> affects the versions downloaded from ftp.epinet.com and may affect those
> from other sites. At least 400 sites have ftp'd the trojan.
Perhaps it is time to recommend that the MD5 checksum be published by the
person making the announcement for a file that they wish to publish. It would
remove doubt that a person who obtains the binary archive indeed has the true
code.
1. There are no trojan programs in the archive.
and
2. The person obtained the file without it being corrupted. The most common
corruption is that the person has used 'ascii' to transfer binary files.
--
Al Longyear longyear@netcom.com
Finger for PGP key
[Mod: Though this isn't Linux-specific, I thought I'd forward it as it
is probably a good idea to start some pressure out there in the Linux
community for people to use MD5 checksums, PGP signatures, etc., to
prove that binary (and other) distributions of their work are unaltered.
Let's not start a long debate on this though--it's just a good idea
whose time has unfortunately come it seems (IMHO). Perhaps we might
also set up a PGP key repository specifically for Linux activists' keys,
much like the general public key servers that exist at sites like MIT?
It could be FTP'able, WWWebbable (is that a word?), etc., so that you
could grab all the registered Linux public keys and updates in one sweep
every now and then for use in verifications. --Jeff.]
