A new extreme vulnerability has been discovered in Linux namely the
apt package that is used to update the system has been compromised.
The vulnerability is: CVE-2016-1252 discovered by Jann Horn
This is a huge vulnerability that affects most Linux operating systems, that are based on Debian, because the apt package is used by most of them. The danger is extreme, since this package is used to update the system itself, therefore the whole updating procedure is compromised.
This means that you can't trust any single update that you download, not even the patch that would supposedly fix this. You need to reinstall the OS from the scratch and change all passwords that have been exposed.
It's a big pain in the ass, that I why I have emphasized for people to not hold their money Online, because things like these could compromise your entire OS, and every single password or private key on it.
So treat your entire PC now as being compromised, and now you have to secure it from the scratch, it will be a long hassle work, but it has to be done to secure your PC. Next time you might want to keep your private keys Offline, because things like these do happen.
You know I have been criticizing Windows for being weak and vulnerable, like how Windows XP supposedly gets Malware infected after 5 minutes of Internet surfing. Of course I would not give up on Linux, I am just saying that every PC connected to the Internet is not safe, regardless of OS.
Re-Secure your PC
Now let's secure our PC again, and remember we can't trust any single update, since the updater itself is vulnerable, so we need to do this the hard way.
1) Buy some DVD's
2) Check the latest STABLE version of the Linux Distro that you are using, and check whether this bug has been updated there, by looking at what APT version it is using: https://security-tracker.debian.org/tracker/CVE-2016-1252
3) Download the ISO to a secure Offline PC, and verify the GPG signature
4) Burn the ISO to the DVD (make sure the ISO fits on the DVD otherwise you might need a Bluray)
5) Verify the burned image's SHA256 hash to the original ISO's SHA256 hash (preferably on other computers, multiple, if possible, that have been not exposed)
- Note that since the DVD stores the data in 32768 byte block sizes, the hash might not match, because there are empty bytes being burned to the last block to make the DVD full. Unless the number of bytes of the ISO image is divisible by 32768, the hash will not match!
- So you need to subtract the 2 size numbers and take the absolute value for example:
2,549,317,421 byte (DVD) - 2,549,301,390 byte (ISO) = 16031 bytes outstanding - Now create an empty file of the size of the difference, in this case 16031 bytes:
dd if=/dev/zero of=adding_empty_bytes bs=1 count=16031 - And concatenate it to the original ISO:
cat yourlinuxoperatingsystem.iso adding_empty_bytes > fixed - Now the
fixedfile should be equal to the DVD's image, and now you can compare the SHA256 sums of the two, it must be equal. If it is, then the operating system ISO, matches byte-by-byte the one burned to the DVD. So now you have an trusted DVD with the new fixed version of your OS.
6) Backup all your data, except the softwares, because they need to be downloaded again to be sure. So things like documents, password files, etc things that can't be downloaded from the Internet should be backed up. Everything else has to be deleted because theoretically your PC can be now full of Malware, and we cannot trust any software.
7) Format the Harddrive (this will delete everything that you haven't backed up!)
8) Reinstall the OS from the trusted DVD you created earlier
9) Download now all the softwares, now the APT command should be safe, and restore the backup files
10) Change all your passwords, including Steemit just to be safe. If you held Bitcoins on your Online PC (not recommended), then you might want to create a new wallet and sweep the Bitcoins from the previous one there.
11) You should be safe now, but as I said, things like this could happen again, so you might want to create an Offline cold storage for larger funds, because they are constantly at risk.
It is a very boring and miserable thing to do this all every single time when your PC gets insecure, so that is why most of your wealth and especially private keys should be kept in a cold storage, so that you can sleep good at night.
A lot of these steps might look to be unnecessary, but they actually are very necessary. Malwares and hacking is not a joke, and it does happen, it can happen to you, it can happen to anyone, just read my last article:
So you don't want your money to be stolen by things like these, better stay 5 steps ahead of the hackers, than to lose money. Good luck!
Disclaimer: The information provided on this page might be incorrect. I am not responsible if you lose money using the information on this page! This is not an investment advice, just my opinion and analysis for educational purposes.
Upvote, ReSteem & 
