LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 01-22-2019, 03:01 AM   #1
nihilnovi
LQ Newbie
 
Registered: Jan 2019
Posts: 3

Rep: Reputation: Disabled
Backdoor?


This is about a security problem I have encountered using either Linux Mint 19.1 or Ubuntu 18.04 LTS. Long story, short I ended up tracking newly created processes in my system. One day I discovered unexpected uses of screenshot every 10 minutes (process name: gnome-screenshot, parent pid=1). At the exact same time, wireshark showed me packet transfers to either 104.198.143.177 or 104.197.3.80 (connectivity-check.ubuntu.com). NetworkManager was the process which sent the packets and this functionality was enabled by a package called network-manager-config-connectivity-ubuntu.
Can we conclude this functionality is an issue?
The good news is Network Connectivity Checking can be turn off in Ubuntu 18.04 LTS omgubuntu.
 
Old 01-22-2019, 07:53 AM   #2
JWJones
Senior Member
 
Registered: Jun 2009
Location: Cascadia
Posts: 1,226

Rep: Reputation: 519Reputation: 519Reputation: 519Reputation: 519Reputation: 519Reputation: 519
Damn, that's frightening. Network connectivity checking I get, but why the need for a screenshot? I'd be searching for a new distro, posthaste. Oh wait, I no longer use Linux.
 
Old 01-22-2019, 08:12 AM   #3
TenTenths
Senior Member
 
Registered: Aug 2011
Location: Dublin
Distribution: Centos 5 / 6 / 7
Posts: 2,987

Rep: Reputation: 1239Reputation: 1239Reputation: 1239Reputation: 1239Reputation: 1239Reputation: 1239Reputation: 1239Reputation: 1239Reputation: 1239
And people complain about Windows phoning-home......
 
Old 01-22-2019, 08:15 AM   #4
wpeckham
Senior Member
 
Registered: Apr 2010
Location: Continental USA
Distribution: Debian, Ubuntu, Fedora, RedHat, DSL, Puppy, CentOS, Knoppix, Mint-DE, Sparky, Vsido, tinycore, Q4OS
Posts: 3,152

Rep: Reputation: 1368Reputation: 1368Reputation: 1368Reputation: 1368Reputation: 1368Reputation: 1368Reputation: 1368Reputation: 1368Reputation: 1368Reputation: 1368
I use Linux everywhere, but I stopped using anything Ubuntu based LONG ago. I do not trust them.
 
4 members found this post helpful.
Old 01-22-2019, 08:38 AM   #5
jsbjsb001
Senior Member
 
Registered: Mar 2009
Location: Earth? I would say I hope so but I'm not so sure about that... I could just be a figment of your imagination too.
Distribution: Currently OpenMandriva. Previously openSUSE, PCLinuxOS, CentOS, among others over the years.
Posts: 3,417

Rep: Reputation: 1762Reputation: 1762Reputation: 1762Reputation: 1762Reputation: 1762Reputation: 1762Reputation: 1762Reputation: 1762Reputation: 1762Reputation: 1762Reputation: 1762
Quote:
Originally Posted by wpeckham View Post
I use Linux everywhere, but I stopped using anything Ubuntu based LONG ago. I do not trust them.
Totally agree. The problem is that Canonical Ltd wants to be just like Microsoft, they are Microsoft wannabe's.
 
3 members found this post helpful.
Old 01-22-2019, 08:41 AM   #6
BW-userx
LQ Guru
 
Registered: Sep 2013
Location: Somewhere in my head.
Distribution: FreeBSD/Slackware-14.2+/ Win10
Posts: 9,493

Rep: Reputation: 2024Reputation: 2024Reputation: 2024Reputation: 2024Reputation: 2024Reputation: 2024Reputation: 2024Reputation: 2024Reputation: 2024Reputation: 2024Reputation: 2024
Quote:
Originally Posted by jsbjsb001 View Post
Totally agree. The problem is that Canonical Ltd wants to be just like Microsoft, they are Microsoft wannabe's.
finally I see someone that thinks this way too, I've been saying Ubunututu is Lindows and I didn't think any one else seen that.
 
2 members found this post helpful.
Old 01-22-2019, 08:46 AM   #7
jsbjsb001
Senior Member
 
Registered: Mar 2009
Location: Earth? I would say I hope so but I'm not so sure about that... I could just be a figment of your imagination too.
Distribution: Currently OpenMandriva. Previously openSUSE, PCLinuxOS, CentOS, among others over the years.
Posts: 3,417

Rep: Reputation: 1762Reputation: 1762Reputation: 1762Reputation: 1762Reputation: 1762Reputation: 1762Reputation: 1762Reputation: 1762Reputation: 1762Reputation: 1762Reputation: 1762
Quote:
Originally Posted by BW-userx View Post
finally I see someone that thinks this way too, I've been saying Ubunututu is Lindows and I didn't think any one else seen that.
While it's a good beginners system I give them that, it's wayyyyyyyy too bloated for my personal liking, but each to their own...
 
1 members found this post helpful.
Old 01-22-2019, 09:42 AM   #8
Slackware_fan_Fred
Member
 
Registered: Oct 2018
Distribution: Slackware64-14.2 Multilib
Posts: 112

Rep: Reputation: 34
Quote:
Originally Posted by jsbjsb001 View Post
Totally agree. The problem is that Canonical Ltd wants to be just like Microsoft, they are Microsoft wannabe's.
Richard Stallman warned people about Canonical.
as for the backdoor could it be systemd that is the problem?
 
Old 01-22-2019, 09:51 AM   #9
BW-userx
LQ Guru
 
Registered: Sep 2013
Location: Somewhere in my head.
Distribution: FreeBSD/Slackware-14.2+/ Win10
Posts: 9,493

Rep: Reputation: 2024Reputation: 2024Reputation: 2024Reputation: 2024Reputation: 2024Reputation: 2024Reputation: 2024Reputation: 2024Reputation: 2024Reputation: 2024Reputation: 2024
Quote:
Originally Posted by jsbjsb001 View Post
While it's a good beginners system I give them that, it's wayyyyyyyy too bloated for my personal liking, but each to their own...
that is exactly why I got away for it, having took it for a spin. I find to way too windowy to where it even interfears with other desktop / window managers one might add to it and use. Like I did.
 
1 members found this post helpful.
Old 01-22-2019, 09:45 PM   #10
Captain Brillo
Member
 
Registered: Jul 2018
Location: Capital of Raccoon Nation
Distribution: Manjaro Cinnamon
Posts: 183

Rep: Reputation: 25
Sending screenshots from your PC to some one "out there somewhere" ??
That sounds like Panic Button to me...
 
Old 01-23-2019, 04:05 PM   #11
DragoonJ
LQ Newbie
 
Registered: Aug 2018
Posts: 21

Rep: Reputation: Disabled
Oh my, this seems to be a rather frightful behavior. Do we know anything about how it works or how it sends the screenshots for once? There are many here who use Ubuntu and Ubuntu-based distros, and although I personally don't use it, I don't speak for the others, should they know about this too?

(I wonder if distros like Trisquel would even be affected, considering that their first policy is to make everything free as in freedom)
 
Old 01-24-2019, 07:03 PM   #12
greencedar
Member
 
Registered: Sep 2018
Location: Missouri
Distribution: Ubuntu 18.04 Bionic Beaver & Linux Mint 19.1 Tessa
Posts: 782
Blog Entries: 1

Rep: Reputation: 77
Thumbs up

Quote:
Originally Posted by nihilnovi View Post
This is about a security problem I have encountered using either Linux Mint 19.1 or Ubuntu 18.04 LTS. Long story, short I ended up tracking newly created processes in my system. One day I discovered unexpected uses of screenshot every 10 minutes (process name: gnome-screenshot, parent pid=1). At the exact same time, wireshark showed me packet transfers to either 104.198.143.177 or 104.197.3.80 (connectivity-check.ubuntu.com). NetworkManager was the process which sent the packets and this functionality was enabled by a package called network-manager-config-connectivity-ubuntu.
Can we conclude this functionality is an issue?
The good news is Network Connectivity Checking can be turn off in Ubuntu 18.04 LTS omgubuntu.
nihilnovi,

I did not find a, "Did you find this post helpful? section that I could click.

So, I just wanted you to know that your post was very helpful to me. I am starting to use Ubuntu and I do want to know what security issues, and other issues related to Ubuntu, in order to know the downside, and benefits, of Ubuntu and how to correct the issues that need corrected.

Keep us informed of any other issues that we need to be concerned about.
 
Old 01-24-2019, 07:27 PM   #13
2damncommon
Senior Member
 
Registered: Feb 2003
Location: Calif, USA
Distribution: PCLINUXOS
Posts: 2,906

Rep: Reputation: 91
whois says:
NetRange: 104.196.0.0 - 104.199.255.255
NetName: GOOGLE-CLOUD
Comment: ** The IP addresses under this netblock are in use by Google Cloud customers **
 
Old 01-25-2019, 02:45 AM   #14
wkr
LQ Newbie
 
Registered: Jan 2010
Distribution: MX linux 18 (primary)- Xubuntu 18.04
Posts: 2

Rep: Reputation: 9
A source code analysis in this post : https://forum.mxlinux.org/viewtopic....481509#p481509
 
Old 01-25-2019, 09:55 AM   #15
Lysander666
Senior Member
 
Registered: Apr 2017
Location: The Underearth
Distribution: Slackware, Debian
Posts: 2,098
Blog Entries: 6

Rep: Reputation: 2304Reputation: 2304Reputation: 2304Reputation: 2304Reputation: 2304Reputation: 2304Reputation: 2304Reputation: 2304Reputation: 2304Reputation: 2304Reputation: 2304
Quote:
Originally Posted by wpeckham View Post
I use Linux everywhere, but I stopped using anything Ubuntu based LONG ago. I do not trust them.
You might appreciate this quote then:

Quote:
While I understand your point of view, let me be a bit more verbose about mine.

Ubuntu is a corporation driven distribution and does not care about the free software or open source community (Greg K-H: “Ubuntu does not give back to the community“ on a kernel talk at google). While that alone is not a bad thing it completes the picture of Ubuntus goals (see bug #1 on ubuntu launchpad).

IMO, over the last few years Canonical has followed the exact same strategy of Microsoft: EEE (Embrace, Extend, Extinguish). That has shown in various ways where ubuntu has pushed technologies or created extensions (such as unity). The next step will be things like API war and might already start with the deal they have made with Valve.
Well, of course that is only guessing and I might be completely wrong.

But what is a fact is this: ubuntu has already betrayed it‘s users through their spying features and is clearly not aiming at full transparency and freedom as in free.
Because of this fact people should really think if this will remain the only occurence of nastyness. History has taught us and is telling us again right now that companies with that power and attitude will not stop at such a point, but just become more subtle. Free software for them is merely a utilty to build up to their own goals.

How can you trust someone who has already lied to you? What happened in Ubuntu is a very good reason to never trust them again as a whole, not just disregard a few features they provide. That would be inconsistent for people who appreciate free software and want control over what‘s happening on their computer.
https://github.com/prism-break/prism...mment-21511190
 
5 members found this post helpful.
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: What The Intelligence Community Doesn't Get: Backdoor For 'The Good Guys' Is Always A Backdoor LXer Syndicated Linux News 0 01-11-2014 07:50 AM
My Backdoor Debian Install ClayOgre Debian 9 06-20-2003 09:38 AM
/home/backdoor glyn_walters Linux - Security 6 05-15-2003 12:29 PM
backdoor im1crazyassmofo Linux - General 3 01-16-2003 07:54 PM
SSH 2 as a backdoor? help me fenris@bu Linux - Security 3 05-24-2001 01:12 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 03:24 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration