"Anonymous" Linux - a distro for hackers

MyWorld

Executive Member
Joined
Mar 24, 2004
Messages
5,001
http://www.h-online.com/security/news/item/Anonymous-Linux-sparks-concerns-1473534.html

Anonymous vs. anonymous: a new Linux distribution targeted at hackers showed up on SourceForge yesterday, appearing to be from the Anonymous activist group. Anonymous-OS 0.1 ships with a number of hacker tools, including the ParolaPass password generator, the Anonymous High Orbit Ion Cannon (HOIC), TorsHammer for DoS attacks, John the Ripper and Hash Identifier for password attacks, and much more. SourceForge subsequently took the project down.

Will be interesting to see how long this will last, caused quite a stir already.

http://anonymous-os.tumblr.com/download
 

MyWorld

Executive Member
Joined
Mar 24, 2004
Messages
5,001
Well, there is this:
In a statement released late last night, SourceForge explained that it had taken the distribution off its servers as significant concerns were raised concerning the software bundle's authenticity and possible maliciousness. SourceForge stated that while it tends to consider projects to be amoral and thus even host software that could be considered controversial, it decided to take Anonymous-OS down as soon as it became clear that it might include malicious software and did not appear to be officially connected with the Anonymous movement. Almost as soon as the release of Anonymous-OS was announced on a new Tumblr page, the activist group stated via its Twitter account that Anonymous-OS is a fake and contains trojans.

Indeed, this statement cannot easily be refuted, even though an initial analysis by The H's associates at heise Security did not reveal any modified binary programs in the basic system. It is possible that a well disguised malicious program is hiding in the initial ramdisk, the bootloader, or one of the additional firmware files. At the very least, however, Anonymous-OS uses the official Greek Ubuntu package sources and, besides the official keys for the Tor Project, the Mate Maintainer, and the I2P-PPA repository, has not put any of its own keys in the package database that would allow fake packages to start up after a delay and without warning. If anyone wants to risk running the Anonymous Live distribution on their computer, they should understand that it will have access to all the data on the hard drive and to any connected network.

Interesting!
 
Top