Differences

This shows you the differences between two versions of the page.

--- project:htd [2012/03/15 13:58] – package manager vuln ideas ruza
+++ project:htd [2018/06/24 23:59] (current) – removed pinky
@@ Line 1: / Line 1: @@
-====== Hack the Distros ======
-===== Intro =====
-Aim of this work is to provide information about the difficulty and methods of getting a backdoor into various Linux distributions and other FOSS operating systems like BSD.
-It is a reaction to [[http://slashdot.org/submission/1902912/leaked-memo-says-apple-provides-backdoor-to-govern|this post]] about RIM, Nokia and Apple bundling backdoor into their phone operating systems. There is also a high chance that Apple and Microsoft have backdoors in their desktop operating systems (Mac OS X and Windows).
-We would like to investigate what are the options of getting such malicious code into open-source operating systems and compare the various methods like modifying tarballs in upstream and downstream, or taking advantage of unsigned packages on the mirrors.
-===== Common attack vectors =====
-Probably a good way how to start investigating is by the definition of common attack vectors.
-===== Current Status =====
-==== Arch Linux ====
-==== Debian ====
-==== Fedora ====
-==== Gentoo ====
-==== openSUSE ====
-==== Ubuntu ====
-==== FreeBSD ====
-==== NetBSD ====
-==== OpenBSD ====
-===== Exploits =====
-  * exploit A - via upstream
-  * exploit B - via downstream
-===== Report =====
-...
-===== Idea mix =====
-https://www.cs.arizona.edu/stork/packagemanagersecurity/