On Sun, 03 May 2015 12:33:43 -0600 jd1008 <jd1008@xxxxxxxxx> wrote: > Has anyone else seen this: Unnoticed for years, malware turned Linux > and BSD servers into spamming machines > > http://www.net-security.org/malware_news.php?id=3030 > freebsd-questions@freebsd.orgmailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions I've been thinking about this. The perfect place to implement an attack like this is in a proprietary driver. It is always binary, it isn't questioned that it is binary for proprietary reasons, and it is installed without blinking. Runs with very high priority and access to system resources. Imagine that the NVIDIA binary blob had a trojan like this installed. But instead of sending spam, it sent the private encryption keys of the system it was installed on. It would probably never be discovered. Developing it would take a cabal within nvidia, so it probably hasn't happened because secrecy would be difficult to maintain. But if it did? Wow. Jaws music, that video sequence where a great white eats a seal (It's in this video, https://vimeo.com/98090068, at ~1:19). I think most drivers in linux are generic and open source, so I can't think of other vectors. But maybe the firmware of wifi modems? Has to be a binary blob, though. With access to the source, attacks like this are unlikely to be viable over time. Someone would question the zipped blob in the source, and why the program unzips it and executes it, rather that having it as part of the executable. i.e. why is there an obfuscated payload? -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
