Spyware poses as Firefox

Think this is something that could sneak into the Build Service?

Spyware used by governments poses as Firefox, and Mozilla is angry](http://arstechnica.com/information-technology/2013/05/spyware-used-by-governments-poses-as-firefox-and-mozilla-is-angry/)

On 2013-05-02 04:16, chief sealth wrote:
>
> Think this is something that could sneak into the Build
> Service?
> ’
> Spyware used by governments poses as Firefox, and Mozilla is
> angry’ (http://tinyurl.com/c6tnxn2)

That link goes to


> http://http://arstechnica.com/information-technology/2013/05/spyware-used-by-governments-poses-as-firefox-and-mozilla-is-angry/

but does not exist. The correct place is:


> http://arstechnica.com/information-technology/2013/05/spyware-used-by-governments-poses-as-firefox-and-mozilla-is-angry/

Notice the double “http” on your link.

Well, if what the page says is true, it is horrible. I understand that
the imposter company is in Britain of all places. I hope they go to jail.


Cheers / Saludos,

Carlos E. R.
(from 12.1 x86_64 “Asparagus” at Telcontar)

Thanks. I was relying on the link button but it seems to be broken.

Well, if what the page says is true, it is horrible. I understand that
the imposter company is in Britain of all places. I hope they go to jail.

We’ll see. They have some pretty powerful clients.

I thought we built everything from source in OBS. There is a very less chance of it getting into OBS.

You can probably build a rpm just having it slap a binary into /opt/ and symlink to /usr/bin. I am new to making rpms but my web browser program is python and I just copy it manually as an install step.

%prep
%setup -q

%build

%clean
rm -rf %{buildroot}

%install
mkdir %{buildroot}/usr
mkdir %{buildroot}/usr/bin
mkdir %{buildroot}/usr/share
mkdir %{buildroot}/usr/share/applications
cp -t %{buildroot}/usr/bin virgil-browser.py
cp -t %{buildroot}/usr/share/applications virgil-browser.desktop 

On Thu 02 May 2013 03:36:02 AM CDT, nightwishfan wrote:

vazhavandan;2553064 Wrote:
> I thought we built everything from source in OBS. There is a very less
> chance of it getting into OBS.

You can probably build a rpm just having it slap a binary into /opt/
and symlink to /usr/bin. I am new to making rpms but my web browser
program is python and I just copy it manually as an install step.

Code:

%prep
%setup -q

%build

%clean
rm -rf %{buildroot}

%install
mkdir %{buildroot}/usr
mkdir %{buildroot}/usr/bin
mkdir %{buildroot}/usr/share
mkdir %{buildroot}/usr/share/applications
cp -t %{buildroot}/usr/bin virgil-browser.py
cp -t %{buildroot}/usr/share/applications virgil-browser.desktop

Hi
You should use install and also run the desktop macros…


BuildRequires: update-desktop-files

%install
install -Dm0755 virgil-browser.py %{buildroot}/usr/bin/
%update-desktop-file -i virgil-browser.desktop

%post
%desktop_database_post

%postun
%desktop_database_postun

You don’t need %clean anymore…

Binary blobs on OBS are frowned upon…


Cheers Malcolm °¿° (Linux Counter #276890)
openSUSE 12.3 (x86_64) Kernel 3.7.10-1.1-desktop
up 5:06, 3 users, load average: 0.17, 0.11, 0.14
CPU Intel® i5 CPU M520@2.40GHz | GPU Intel® Arrandale

Nobody has the time to examine everything that gets submitted. Hopefully it would get caught quickly, but there aren’t really any safeguards against malware getting into OBS.

On Thu 02 May 2013 04:06:02 AM CDT, chief sealth wrote:

vazhavandan;2553064 Wrote:
> I thought we built everything from source in OBS. There is a very less
> chance of it getting into OBS.

Nobody has the time to examine everything that gets submitted.
Hopefully it would get caught quickly, but there aren’t really any
safeguards against malware getting into OBS.

Hi
How so, do you have references to the lack of time on submissions? Sure
on user home builds you should review before installing…

For Factory submissions there are many reviews and tools inspecting the
code as well as legal reviews, many eyes… the review process diffs
show all the code changes which certainly helps.


Cheers Malcolm °¿° (Linux Counter #276890)
openSUSE 12.3 (x86_64) Kernel 3.7.10-1.1-desktop
up 5:42, 3 users, load average: 0.04, 0.03, 0.06
CPU Intel® i5 CPU M520@2.40GHz | GPU Intel® Arrandale

On 2013-05-02 05:16, chief sealth wrote:

> We’ll see. They have some pretty powerful clients.

I hope they at least get worldwide publicity of what they are doing. :-/


Cheers / Saludos,

Carlos E. R.
(from 12.1 x86_64 “Asparagus” at Telcontar)

On 05/02/2013 04:16 AM, chief sealth wrote:
>
> Think this is something that could sneak into the Build
> Service?

not likely, the build service builds from source and not from the
‘Firefox.exe’ which Gamma is providing…


dd

On 2013-05-02 14:05, dd wrote:
> On 05/02/2013 04:16 AM, chief sealth wrote:
>>
>> Think this is something that could sneak into the Build
>> Service?
>
> not likely, the build service builds from source and not from the
> ‘Firefox.exe’ which Gamma is providing…

The damage to us, Linux users, is not running the fake (I hope), but the
damage to the Firefox public value. If users (Windows users, which are a
majority) start distrusting FF and using something else instead, the
market share decreases. If it goes down too much, then webs stop
checking their pages with FF and then we have problems using it.

And it is of course disgusting, to say the least, that such a fake
exists and is used by governments. I would understand that such a fake
would be designed and sold by one of those antidemocratic countries, but
not that a British company does it.


Cheers / Saludos,

Carlos E. R.
(from 12.1 x86_64 “Asparagus” at Telcontar)

This seems very similar to the thread I started in Soapbox about the fake OpenOffice suite, seems like a trend.

It seems like the issue has been running for over a month so far, some background reading from The A Register: FinFisher spyware goes global, mobile and undercover

On 2013-05-02 16:46, anika200 wrote:

> This seems very similar to the thread I started in Soapbox about the
> fake OpenOffice suite, seems like a trend.

No, no, that was plain malware. If you had installed this fake firefox
you would not have noticed anything at all, not during installation nor
while using it.

It “simply” spies on you, silently and unnoticed, even by antiviruses.


Cheers / Saludos,

Carlos E. R.
(from 12.1 x86_64 “Asparagus” at Telcontar)