科技回声

7 条评论

upofadown超过 1 年前

The term "backdoor" in the title is misleading. What is described in the article are a series of what most here would describe as "rootkits". There is no evidence provided of any malicious modification of the Linux kernel or distributions before the user receives them. I don't think that anyone would think that Linux (or any other OS) would be safe after an attacker had obtained complete control of the system.

评论 #37545730 未加载

GartzenDeHaes超过 1 年前

For self proclaimed "security researchers", this article is lacking in specifics. For example, what are the CVE's for this backdoor, installation method, processes affected, anything at all?

评论 #37545634 未加载

l0new0lf-G超过 1 年前

It is striking that such a backdoor in seemingly safe OSs like Linux and FreeBSD, is nearly completely unknown one year after the revelation. No social media outcries, no mention on the TV, no debates, no comments from people like Torvalds and Stallman (though I by no means imply they were direcly involved).The reason why is remains a "secret" is that the whole matter is deeply, deeply political.We are amidst a new Cold War -this time between the US and China. The sole purpose of this backdoor could be exactly to spy on the Chinese government or corporations.Yet we all know that the NSA would not limit the use of the backdoor to that.

评论 #37545914 未加载

评论 #37545736 未加载

评论 #37545936 未加载

评论 #37545755 未加载

评论 #37545855 未加载

0daystock超过 1 年前

No, I don't think anything is safe from a determined adversary with near-infinite resources, especially if they are specifically targeting you. This is a basic tenet of infosec.

yellow_lead超过 1 年前

Don't editorialize titles. Original: The Bvp47 - a Top-tier Backdoor of US NSA Equation GroupAlso, (2022)

评论 #37545900 未加载

dariosalvi78超过 1 年前

there are some discussions online: <a href="https://www.reddit.com/r/linux/comments/umk24z/linux_backdoor/" rel="nofollow noreferrer">https://www.reddit.com/r/linux/comments/umk24z/linux_backdoo...</a>

oDot超过 1 年前

Aren't the popular Linux distros, with default configuration, much less secure than the other OS like macOS, Windows and surely Android and iOS?I thought this was the working assumption.

评论 #37545666 未加载

评论 #37546131 未加载

评论 #37545724 未加载

7 条评论

upofadown超过 1 年前

评论 #37545730 未加载

GartzenDeHaes超过 1 年前

For self proclaimed "security researchers", this article is lacking in specifics. For example, what are the CVE's for this backdoor, installation method, processes affected, anything at all?

评论 #37545634 未加载

l0new0lf-G超过 1 年前

评论 #37545914 未加载

评论 #37545736 未加载

评论 #37545936 未加载

评论 #37545755 未加载

评论 #37545855 未加载

0daystock超过 1 年前

No, I don't think anything is safe from a determined adversary with near-infinite resources, especially if they are specifically targeting you. This is a basic tenet of infosec.

yellow_lead超过 1 年前

Don't editorialize titles. Original: The Bvp47 - a Top-tier Backdoor of US NSA Equation GroupAlso, (2022)

评论 #37545900 未加载

dariosalvi78超过 1 年前

oDot超过 1 年前

Aren't the popular Linux distros, with default configuration, much less secure than the other OS like macOS, Windows and surely Android and iOS?I thought this was the working assumption.

评论 #37545666 未加载

评论 #37546131 未加载

评论 #37545724 未加载

The Bvp47 - a Top-tier Backdoor [sic] of US NSA Equation Group

7 条评论

The Bvp47 - a Top-tier Backdoor [sic] of US NSA Equation Group

7 条评论