#RotaJakiro: A long live secret #backdoor with 0 VT detection

https://blog.netlab.360.com/stealth_rotajakiro_backdoor_en/

With the sample we have, we discovered the following 4 samples, all of which have 0 detections on VT, and the earliest First Seen time on VT is in 2018.
FileName MD5 Detection First Seen in VT
systemd-daemon 1d45cd2c1283f927940c099b8fab593b 0/61 2018-05-16 04:22:59
systemd-daemon 11ad1e9b74b144d564825d65d7fb37d6 0/58 2018-12-25 08:02:05
systemd-daemon 5c0f375e92f551e8f2321b141c15c48f 0/56 2020-05-08 05:50:06
gvfsd-helper 64f6cfe44ba08b0babdd3904233c4857 0/61 2021-01-18 13:13:19

Would it have been possible to insert it in a bash script?

#systemd, #malware, #backdoor, #virus, #linux, #KISS,

The Best Linux Distributions Without systemd

https://www.howtogeek.com/713847/the-best-linux-distributions-without-systemd/
#gnu #linux #gnulinux #systemd #debian #artix #PCLinuxOS

The Best Linux Distributions Without systemd

When the dominant Linux distributions adopted systemd, dissenters forked distributions and started new projects. So what are your options if you’re looking for a non-systemd distribution? Let’s take a look.

Firehol 3 not starting on Ubuntu

Debugged backported #firehol 3 not really starting on #Ubuntu (Xenial) due to missing path in environment variable.

#firehol #systemd #ubuntu

Originally posted at: https://beko.famkos.net/2020/11/27/firehol-3-not-starting-on-ubuntu/

Any #systemd folks here?

Seems like my LFS's network config is broken. Right after boot I can only access the machine via (hyper-v) terminal. Network card is detected but not configured:

3: ether0: <BROADCAST, MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether 00:15:5d:01:7d:15 brf ff:ff:ff:ff:ff:ff

If I set up networking manually via ip it works (pinging 8.8.8.8 and google.com works, local sshd is reachable from outside - only DNS is using the systemd default (google's dns) but that will be another problem).

ip addr add 192.168.123.45/24 dev ether0 broadcast 192.168.123/24
ip link set dev ether0 up
ip route add default via 192.168.123.1 dev ether0


As you may have guessed, what I really want is operational networking right after booting. My current config looks like this:

bash-5.0# cat /etc/systemd/network/10-ether0.link
[Match]
MACAddress=00:15:5d:01:7d:15
[Link]
Name=ether0

bash-5.0# cat /etc/systemd/network/20-ether0-static.network
[Match]
Name=[ether0]
[Network]
Address=192.168.123.45/24
Gateway=192.168.123.1
DNS=192.168.123.2
Domains=family.home

As I mentioned, the machine runs in Hyper-V and (now that I have built a kernel with Hyper-V support) has it's network adapter detected. If I'm lucky, the DNS problem will be solved once the .link/.network configuration is fixed.

The Tragedy of systemd

https://youtu.be/o_AIw9bGogo

credit: https://mastodon.social/@jpmens/101476107344881077
#Linux #BSD #systemd #embeddedlinux #init

After I found out it is possible to use #Debian Jessie without #systemd I decided it was time to upgrade my old Wheezy (oldstable) system to the latest stable release. As always, the upgrade had been a huge pain in the ass and it's really hard to get the computer to a useful, working state.

First it was difficult to figure out how to get the Grub boot loader to update its config. After that problem was finally solved, it turns out that #tor is not functional and no amount of searching seems to tell me why it is so or how to fix it. Also, for some reason the mouse cursor in X turns invisible after logging in.

I probably should just move to some more functional #GNU -based #free-software operating system. I feel like I've gotten too old to spend days, weeks of even months trying to get my computer working after a system upgrade.

#freesw #freesoftware

A great rant about #systemd and how Linux distros lost their way: https://lkml.org/lkml/2014/8/12/459

So, what is systemd? Well, meet your new God. You may have been praying
at the alter of simplicity, but your religion is being deprecated. It
likely already happened without your knowledge during an upgrade of
your Linux box. systemd is the all knowing, all controlling meta-deity
that sees all and supervises all. It's the new One Master Process that
aspires to control everything it can - and it's already doing a lot.
It's what init would look like if it were a transformer on steroids.
It's complicated, multi-faceted, opaque, and supremely powerful.

thanks to @GDR! for a nudge to post it here

Ted Ts'o: For those who believe the systemd developers are reasonable and will listen to constructive criticism.....

Systemd intercepts kernel 'debug' boot parameter, floods dmesg, makes system unbootable. Or as Linus puts it in his summary:

Linus Torvalds

+Paul Morgan I think what you (and others) seem to miss is that the systemd people made the "debug" option that we introduced not just do something - but do something useless that actively broke other peoples use of that option.

It doesn't matter who "owns" it, the fact is, they broke it.

Ok, fine. Bugs happen, and that's not what makes people upset.

What makes me (and others) upset is that when the bug is reported, with explanations and a suggestion for how to fix it, Kay just closed the bug-report, claiming it wasn't a bug.

From the Plus

Also submitted to Hacker News.

#linux #systemd #TedTso #LinusTorvalds