The headline is a little misleading, this story is about the group Velvet Ant breaking into devices and replacing the login software in those devices with backdoored copies.
It is not them backdooring linux login software in the distro supply chain…
I’m so tired of news articles that hype up fairly mundane stuff, acting like it’s the next big bomshell.
In addition to that, by misrepresenting what is happening, it’s literally actively harmful to consume this kind of news, which is so common on the cybersecurity news cycle.
Yet another cyberslop article.
Thank you. I’m glad my instincts told me to read the comments on this one before following the link.
It’s also an ai written article.
LOL, here I am, too lazy to use any, but just the default CLI thing which autostarts Sway from bash, for like a decade.
what are we meant to do?
Nothing. The group in question attacked a specific system. The title is misleading.
Don’t let people steal your device to break into it and replace the login software with a compromised version…
Go to something immutable.
I don’t know that the current crop of immutable distros would be able to prevent something like this. rpm-ostree, at least, lets you install out-of-tree rpm packages to the base system, you just have to reboot for them to take effect.
Not really. Immutability can be overriden by root, who can then edit files.
And in addition to that, /etc/, system config files, including pam files mentioned here, are not immuable even in immutable distros.
TIL, TY.
