Gentoo UnrealIRCd? Not really.... unreal's UnrealIRCd.
Gentoo have obviously pulled the package from the unreal servers which are the ones which actually shipped the backdoor to everyone else.
What is the big fuss over "Gentoo shipping backdoor". At the end of the day, ok, gentoo shipped the "source code" with the backdoor code. But i bet many other distributions shipped a compiled version of unrealircd with the backdoor too. Considering that the backdoor has only just been discovered, a lot of distributions which have an unrealircd package will have this.
We are going to have anti-linux users jumping up and down that linux has a virus now. At the end of the day.... this is nothing to do with linux.... Its the package that has the backdoor compiled in, and its unrealircd's fault for not noticing it. At the end of the day its a hidden feature really.
The only reason they targetted linux not windows is because all they had to do was replace one file in the tar.gz file for the linux version, whereas applying the same backdoor to the windows version would mean recompiling it with the backdoor in.
Also a qoute from the UnrealIRCd site:
Quote:
|
On an unrelated side note, I find the claims in various media that this security incident indicates that Linux and Open Source cannot be trusted and that Microsoft and closed-software is better really silly. It lacks any foundation. A hacker, once in, could just as easily have inserted the backdoor in Windows software. In fact, it is *THANKS* to it being Open Source that this backdoor got noticed, though - I fully agree - much too late.
|
Linear Mode
