LOONIX USERS BTFO

Not sure if retarded or just a desperate attempt at damage control.

>DAMANGE BUNGLE

oh yeah you're right, I even overestimated it when ridiculing
>Harm can be done when having access to someone's computer
Oh fuggggggggggggggggggg

BLOATWARE

Alpine with a hardened linux kernel doesn't have this problem.

Only works on enterprise distros like red hat, try again pajeet.

>The installation and persistence method of the malware is not described in detail in the document; an operator will have to rely on the available CIA exploits and backdoors to inject the kernel module into a target operating system.

>backdoors

And there is also this.......

fuck off phoner

>mfw Centos at work

lsmod | grep nf_table
returns nothing

Aww.... Does that make you mad?
Should I go turn my laptop back on instead?

I don't think the cia niggers care about your work. Unless you work for Russians or chinks.

>not realizing loonix is backdoored

Loonix has freedom, aka the freedom for CIA to sneak shit in there because despite the code being open nobody ever really checks it

Loonix is only safer because less people use it so it's targetted less

Exactly this!!
Plus, what normie is going to be able to decipher the source code anyway??

>OutlawCountry v1.0 contains one kernel module for 64-bit CentOS/RHEL 6.x; this module will only work with default kernels.
>CentOS/Rhel 6.X
>Curent version of CentOS=7.X
Wew.

A function that you can choose to add or not when you compile your kernel (i.e. something that you can only install while sitting in front of the computer). Fucking newfag. Get out of my board asshole.

CIA can't touch the people they want and only the really naive and reckless fall on their clutches. Paranoia means freedom for some people here and they don't want be arrested.

or host an irc network for anonymous

>The >malware consists of a kernel module

>the operator must already have shell access

top kek I always knew the CIA was a bunch of fags

>NAT table
>CentOS/RHEL gateway
ISHYGDDT

>Operator must have shell acess
kek

>requires local root access
>pwnd

I encrypt and sign all my sensitive messages on an airgapped low power sbc and broadcast them to my other PCs via headphone jack. HOW YOU GUYS DOIN?

echo -n FUCK OFF NSA NIGGERS | openssl aes-256-cbc -e | base32 | minimodem --tx 600

Loonex confirm as worst OS in history

Obviously a joke, you fucking spaz.

Linux is not an operating system.

>2.6.32
up2date

it references one

Ok. Don't use it. What's your problem with Linux?

dude looks like a faggit

Who cares, I will never call it ganoo leenoox.

Y-yy-eah it was obviously a-a-a j-jj-oke......

ˢᵖᵃᶻ

Autism

IT'S GNU SLASH LINUX

I'd just like to interject for a moment. What you’re referring to as Linux, is in fact, GNU/Linux, or as I’ve recently taken to calling it, GNU plus Linux. Linux is not an operating system unto itself, but rather another free component of a fully functioning GNU system made useful by the GNU corelibs, shell utilities and vital system components comprising a full OS as defined by POSIX.
Many computer users run a modified version of the GNU system every day, without realizing it. Through a peculiar turn of events, the version of GNU which is widely used today is often called “Linux”, and many of its users are not aware that it is basically the GNU system, developed by the GNU Project. There really is a Linux, and these people are using it, but it is just a part of the system they use.
Linux is the kernel: the program in the system that allocates the machine’s resources to the other programs that you run. The kernel is an essential part of an operating system, but useless by itself; it can only function in the context of a complete operating system. Linux is normally used in combination with the GNU operating system: the whole system is basically GNU with Linux added, or GNU/Linux. All the so-called “Linux” distributions are really distributions of GNU/Linux.

>CentOS/RHEL 6.x
>kernel version 2.6.32
>must have shell access
And it fucking nothing.

it's*

He warned us.

>uses iptables
>ditched iptables for nftables a year ago

Reassuring for Linuxfags that NSA has all sorts of gee-whiz end-to-end stuff for Windows but only a poorly maintained rootkit with limited portability for Linux.

Those guns aren't pointed at you.

>must have shell access

is this a fucking joke or what. I wouldn't even patch this low severity garbage if all it took was sudo apt-get update cmd

Protip: This is really just a data exfiltration package. you install it on a target machine (using an exploit perhaps, or by hand) and it'll work as a nice little package that takes data out of the target machine.

Probably includes keyloggers and directory navigation as well as way to access memory to get sensitive keys and such.

So can you show where in the code the backdoor is?

You know you need to give it Permission to run and then run it, right?

Damage control by who? Linux is literally opensource.

It's free software, not open source.

And you're gay, what's your point?

Sounds like a bizarre conspiracy to me, I'm sure someone will find such a thing. Why not just use the processor backdoor?

didn't know your mom is male

This is actually a fake. Basically GNU/Linux is very secure and it pisses the CIA and FBI off because they can't find any zero day exploits or backdoors and such so they decided to play it smart: If you can't hack an OS then trick people into not using that OS.
So they leaked fake news to wikileaks that linux is filled with holes which will scare people into switching to windows, which is filled with holes and backdoors in all editions and CIA/NSA can access it effortlessly.

>2.6.32
laughinggirls.jpg

> requires root access
> kernel version 2.6
Oh wow it's fucking nothing

>Linux-2.6
>netfilter
>needing an operator to get shell access first
>unironically mounting unsigned kernel modules
you have to be 16 degrees of retarded to fail victim to this

You didn't actually read it, did you?

...

Wonder how many actual real world systems that would cover.
Single digits?

I was going to joke about that old Linux version, but it seems it's still updated. Though the attacker needs shell access, this is relevant.

I hope Wikileaks really is sending the actual malware/exploits to upstream so they can patch it. I don't want insecure machines so the CIA/NSA can """"catch terrorists"""".

did you guys hear about the rm rf exploit?

This is a post exploitation module retards
They use this after they pop the box and are already running as root to monitor traffic afterwards

>OutlawCountry v1.0 contains one kernel module for 64-bit CentOS/RHEL 6.x

>using anything besides Ubuntu
AUTISTS BTFO

HOW WILL THEY EVER RECOVER?

Pretty sure there are still a ton of openvz boxes on old kernels

interesting

>-n
Non-standard

>base32
Retarded

>cbc mode
Lmao, are we in the 90s?

>AES
Enjoy your ancient shitty crypto algo

>no MAC
Good job you retard

To be frank linux is a bloated mess consisting of millions upon millions of lines of code. Proper OSes are based on a microkernel architecture and thus have small kernels.

Also, does not specify a KDF.

What do you suggest for symmetric crypto then?

> Kernel 2.6
lol? I think I was still using Windows 98 when that series came out, not joking...

Also, this is a fucking KERNEL MODULE that someone MUST install in the system, not a bug, you stupid micro$hill.

Sage and reported.

no, it hasn't had an official release in almost 7 years
linux-2.6.32.27.tar.bz2 09-Dec-2010 21:32 64445765

it might be maintained by other people, however (such as distro maintainers)

It's a rootkit you autistic fuck, are you trying to say rootkits aren't malware?

2.6 came out dec 2003
i was using ME up until 2004
a lot of people were still running win98 in 2003

It is maintained by Red Hat.
>6.9, also termed Update 9, March 21, 2017; 3 months ago (kernel 2.6.32-696)

The last update was 3 months ago.

can't blame linux devs for it's use, it's been out of their hands for some time

lkml.iu.edu/hypermail/linux/kernel/0312.2/0348.html
> 2003

that's 2.6.0, not 2.6.32.27
the version numbers sped up after 3.0, it was 2.6.x for quite a while

Do you know what a "Kernel series" mean? Oh you don't, because you work at Microsoft. FUCK OFF FAGGOT!

Wait wait wait

Shell access?

Does to be clear

Does that mean, the login screen?

Or that means they are logged into the terminal as a user (any user), and can issue shell commands?

>your kernel must be 10 years old AND your PC must already be infected
Wow. This is nothing. Only idiot corporations wouldn't have a more up to date kernel.

I'm not blaming them, just pointing that this malware targets a version of Linux (or, as it makes sense in this case, GNU/Linux) that still has commercial support.

Its different from malware targetting, let's say, Windows XP.

>2.6.x required
>shell access required

i'm not sure what you're trying to say
that 2.6.0 and 2.6.32.27 are basically the same thing?
no way, by the end of it things were so different that "2.6" might as well have been a single digit, being the series, and the "32" was essentially the major version
it's no wonder 2.6 was replaced simply with 3

>Or that means they are logged into the terminal as a user (any user), and can issue shell commands?
this

>Does that mean, the login screen?
that would be graphical console access, though it's not typical to provide access to this without authentication

>I don't understand exploitation or operations but I'm going to talk anyways!
Fuck off retard

>one linux exploit, with new windows exploits coming out every day
sage

Chacha20 or Keccak with a Carter-Wegman style MAC like poly1305
Or NORX/Keyak if you want a sponge-based thing that calculates the MAC in a single pass.

>I am a retard

Doing THIS much damage control.

>exploit
no

Sure.