On this weeks episode we’re going to discuss malware that’s so ruthless it’s ready for a street fight. Welcome to Destination Linux, where we discuss the latest news, hot topics, gaming, mobile, and all things Open Source & Linux. Also this week, we’re going to discuss Pentesting distro tools and running full Linux on your Android. Plus we got some Linux Gaming, and our Software Spotlight, and more. Now let’s get this show on the road toward Destination Linux!
Support the show by becoming a patron at tuxdigital.com/membership or get some swag at tuxdigital.com/store
Hosted by:
Ryan (DasGeek) = dasgeek.net
Jill Bryant = jilllinuxgirl.com
Michael Tunnell = michaeltunnell.com
Chapters:
00:00:00 Intro
00:01:02 Community Feedback
00:06:08 Kali Linux
00:22:25 News: New Malware Street Fighter Style
00:31:28 Hackers Target Teens
00:35:25 Spying Cars
00:38:02 Mobile News: Apple Gives Up On Pegasus Lawsuit
00:46:07 Gaming: Sword and Shield Idle
00:48:39 Software Spotlight: CSI Linux
00:56:01 Tip of the Week: Lindroid
01:00:16 Support the Show
Links:
- Community Feedback
- Kali Linux
- News: New Malware Street Fighter Style
- Mobile News: Apple Gives Up On Pegasus Lawsuit
- Gaming: Sword and Shield Idle
- Software Spotlight: CSI Linux
- Tip of the Week: Lindroid
- Support the Show
Transcript
Michael:
[0:00] On this week’s episode, we’re going to discuss malware that’s so ruthless, it’s ready for a street fight. Welcome to Destination Linux, where we discuss the latest news, hot topics, gaming, mobile, and all things open source and Linux. My name is Michael.
Jill:
[0:16] I’m Jill.
Ryan:
[0:17] And I’m Ryan. Or Ryu.
Michael:
[0:20] Or Ryu. It’s pronounced Ryu.
Ryan:
[0:22] Is it? Wow. This whole time.
Michael:
[0:24] It is pronounced Ryu. I thought it was Ryu for like decades and then I watched a movie that had him say it multiple times like, really? So I looked it up, turns out, yeah, it’s Ryu.
Ryan:
[0:35] So is Ken really Ken? Or is it Kenny?
Michael:
[0:37] Yeah, Ken is Ken. Ken is Ken, for sure. Also, this week, we’re going to discuss pen testing distro tools and running full Linux on your Android. Plus, we got some Linux gaming, our software spotlight, and more. So let’s get this show on the road toward Destination Linux.
Ryan:
[1:01] Our feedback this week comes from squirrely dave they have this to say i wanted to throw another perspective on wsl here i’ve used it in anger as some people would say i.e for real in production it may be fine sometimes that has never been my experience using it in an environment where i was creating automation that interacted a lot with linux type devices or other services i used wsl as a number of years because things like Ansible on Windows are a joke or worthless. The only option is WSL because WSL exists. In an environment where the IT department maintains tight control of user workstations, a typical enterprise scenario, I found WSL to be a huge pain. In fact, most of my team spent a fair amount of time developing on Linux servers. That was a better user experience. WSL was difficult to set up and provided very little real advantage over a Linux server, Except for the information security group, they were able to enforce their own policies on the workstations. This effectively neuters the power of WSL, which isn’t great to begin with. My advice to anyone thinking about WSL, if you have a choice, don’t bother. Use a real virtual machine instead.
Ryan:
[2:11] So appreciate that feedback, Squirrely Dave, very much. I think that’s very insightful. Somebody who’s using it, tried to use it day in and day out for their job, did not have a great experience with it. However, we did get a lot of emails from people talking about in their environment for whatever pieces they’re doing in development. It was very useful. Well, so I think it’s really interesting that we have so many people passionate about the WSL discussion that we had like weeks ago and the feedback keeps pouring in about WSL, which is great. I mean, this is your section community. If you want to talk about WSL every week, we’ll talk about WSL every week. It really is something that either is accepted as a good tool or completely hated. And I would say I’m somewhere for sure. Yeah, I’m somewhere on the middle ground, though. I feel like I don’t hate it. I don’t care for it either.
Michael:
[3:02] I am one of those people who proudly states that I hate it, having never used it at all.
Ryan:
[3:09] That’s such a great position to take, Michael.
Michael:
[3:12] Thank you.
Jill:
[3:13] And I’m in the middle. I’ve used it. I don’t care for it. But I know a lot of people who use it at work and who need it for various reasons. Yeah. If it works for your needs, then use it.
Ryan:
[3:31] Yeah, absolutely. I think that’s the big thing to get take out of this. If WSL works for you, keep using it. If it doesn’t work for you, then don’t make yourself suffer through it. You don’t have to. You can use virtual machines or other things to get a similar job done. So, Squirrelly Dave, thank you for sending that in. And if you want to ask a question, if you want to give your take on WSL or something else entirely, you can send your comments or questions.
Michael:
[3:57] Feel free to leave anything else. We’ve got a lot of WSL comments recently.
Ryan:
[4:02] Not that we don’t appreciate them we do appreciate them we appreciate it yeah uh destination linux comments or destination linux.net forum out there i don’t know i feel like there’s so much wsl passion here i might have to go try to check out wsl just to unlike michael i want to test the theory of whether i should stay on the fence hate it or love it so i’m gonna have to wait okay first First of all.
Michael:
[4:27] Are you on the fence because you’ve never tried it before?
Ryan:
[4:31] No, I’ve played with WSL quite a bit, but it’s been a while. It’s been like a long while. I played with it back when WSL was first kind of getting popular.
Michael:
[4:39] Oh, like the version one thing.
Ryan:
[4:40] Yeah, yeah, yeah. I mean, and I’ve installed it recently to see if it gotten any better. And I was just like, I got bored with honestly within like five minutes. I was like, I don’t really care that much. And then I went and installed Linux instead.
Michael:
[4:53] Well, I have no access to a Windows machine. So that’s why I’ve never tried it.
Ryan:
[4:57] But I’m also purist.
Michael:
[4:59] But I’m also perfectly fine with saying that I hate it regardless because of what it stands for. Like it’s taking something that is taking a different ROS to trying to give it tools into windows that windows can’t do. And then the opposite is not done as well. So I feel like it’s just a principle thing, really.
Ryan:
[5:20] So if Microsoft gave us office, would you change your mind?
Michael:
[5:23] Sure. I would say I don’t care at that point.
Ryan:
[5:26] I don’t hate you anymore. I just don’t care.
Michael:
[5:28] I don’t like your stuff, but I like the fact that you support my platform. That’s what I would say. Yeah. That’s about it, I think.
Ryan:
[5:36] Well, interestingly, I was reading something. I wish I had the numbers in front of me, but I was reading an article, like just scrolling through news articles. And one of them was talking about the amount of users on Google Docs now. And it was like millions. It was a very impressive number. I don’t remember how much it was, but it was shockingly large and a lot of businesses moving. So maybe Office won’t even be such a big thing anymore because you’ve got some additional, not that Google’s that much better of an alternative, but at least slightly better use it in linux yeah because at least you can do
Ryan:
[6:05] that yeah yeah so there you go all right now michael i’ve been in some cyber security courses lately you know this because my time because you you you that.
Michael:
[6:17] You very rarely answer my messages.
Ryan:
[6:19] Uh almost.
Michael:
[6:20] Never answer my calls.
Ryan:
[6:21] Yeah and.
Michael:
[6:22] When you find when you finally do it’s all you’re talking about is cyber security.
Ryan:
[6:26] So that’s the only thing on my head right now i got i got all the cyber security courses that I’m doing to get my cybersecurity degree. And it’s been a ton of fun. And it’s made me even more enamored with Kali Linux. And every class I take, which has really impressed me, mentions, uses, or discusses Kali Linux in some way. Like it’s a powerful suite of tools.
Michael:
[6:50] I mean, I feel like that’s a requirement.
Jill:
[6:51] Yeah. Yeah.
Ryan:
[6:52] And I honestly expected these courses because sometimes college can be a little behind the times by the time they’re teaching things. They don’t update their education materials to keep up with the latest trends sometimes, depending on the school you’re going to, class you’re taking, that type of stuff. And I was just very surprised of how on it they were with Kali Linux. Not that Kali Linux is new, but their stuff that they were talking about was newer versions and installing it and all this. And I was just like, look at Linux getting all the popularity.
Jill:
[7:21] All the love.
Michael:
[7:22] Well, I mean, it’s a cybersecurity course. I feel like if you don’t cover Linux, then you’re not doing a very good cybersecurity course.
Ryan:
[7:30] Good point. That’s fair. That’s a very fair point. So it makes me very happy when I see that we have a new version of Kali Linux out there. And a lot of times when we cover distros and things, it’s kind of like, hey, you know, Kali Linux. You’ve got the new Qualcomm Snapdragon SoC supported. You’ve got some new bug fixes, all this stuff. And it’s interesting. It’s awesome if you’re in that world, but if you’re not using Kali Linux or something else, maybe not as interesting. But this one caught my attention because they have 11 new tools. And a lot of these are pen testing cybersecurity tools, which are really, really cool. So I wanted to cover these 11 tools so that if you’re thinking about using Kali Linux, this might just get you a little more excited to go check it out and And try it, although I have a warning for you. But I’ll do that after I go through how cool the tools are because I don’t want to, you know, I want to get you all pumped up and excited. Very excited. So you’ve got gosh.
Michael:
[8:26] I don’t want to give you a bummer before I give you the cool stuff.
Ryan:
[8:28] Yeah. We’re going to do the bummer after. Now, I’m going to mispronounce everything here and then Mike will come in and fix it. We’ve got goshes. Gosh.
Michael:
[8:35] Actually, okay. It’s just go SSH.
Jill:
[8:38] Go SSH. Yeah.
Michael:
[8:39] However. No, go SHS. Sorry. Go SHS. However, when you started, right before you started saying this and pronouncing it wrong, I thought to myself, he’s going to say goshes.
Jill:
[8:54] You knew it.
Michael:
[8:55] Because I wanted to say it.
Ryan:
[8:58] It’s just G-O-S-H-S. So it’s goshes. It’s goshes.
Michael:
[9:02] Actually, I feel like if they don’t call it goshes, they should. They should just adopt it now.
Ryan:
[9:07] You’re welcome. Goshes. it’s a simple HTTP server but written in Go and with more features in there you’ve got GR Audit which is a grep rough audit source code auditing I thought you were going to say grot it, Groddit, that would be good. Gsocket. No, Gsocket.
Jill:
[9:27] Gsocket.
Ryan:
[9:30] Gsocket allows two machines on different networks to communicate with each other. Yeah. You’ve got Hecatomb.
Michael:
[9:36] I think that’s right. I think that’s right.
Ryan:
[9:38] Hecatomb is great.
Jill:
[9:39] I got one.
Ryan:
[9:39] I’m one for one. Extract, or one for five. Whatever. Shut up. Extract and decrypt all credentials from all domain computers. That one sounds fun.
Michael:
[9:49] Mm-hmm.
Ryan:
[9:49] That sounds really fun.
Michael:
[9:51] Sounds like heck of fun.
Ryan:
[9:52] You got MX Check, Info and Security Scanner for email servers. You’ve got NetExec, Network Service Exploitation Tool that helps automate assessing the security of large networks.
Michael:
[10:06] I feel like both of those you got right. The next one is going to be super hard for you. Give it a shot.
Ryan:
[10:11] Next scanner. No, I’m kidding. Net Scanner. Network Scanner and Diagnostic Tool with Modern TUI. and we’ve got obsidian which is a private and flexible writing app that adapts to the way you think now is that.
Michael:
[10:25] Open source michael it is in fact not it is not interesting so uh but it is fantastic i it’s interesting because there’s the the four pillars of open source the or the free software movement or whatever and it applies to three of them but technically speaking the code is not accessible, but you can get plugins that are open source. There’s, uh, the, the data that you create is stored on your system and doesn’t, unless you want it to go anywhere, it doesn’t go anywhere. It’s also in Markdown, which is super awesome. And it’s not in like some weird gibberish database style Markdown. It’s just basic plain files that you put wherever you want on your system. It’s it’s, I’m a big fan of Obsidian. In fact, I’ve been using it for at least two or three years, maybe more. I don’t remember.
Ryan:
[11:16] Yeah. So what do you use for your note-taking, Jill? I use standard notes, Michael Obsidian, Jill…
Jill:
[11:23] Standard is one of the top ones, yeah. And honestly, Vi or Vim. I’m still old school.
Ryan:
[11:31] You know what, Gilda? She knows what our fans and the people listening want to hear, and she goes with that. Like, of course she’s going to say Vi or Vim.
Michael:
[11:41] I need to change my statement to Emacs.
Ryan:
[11:45] Yeah, Emacs.
Jill:
[11:46] Yeah, Emacs is a good choice, and I do like Netit. I like Joe. So I still use the old platform.
Ryan:
[11:52] NetIt and Joe are mine. Yeah, I don’t use NetIt and Joe.
Michael:
[11:55] Yeah, NetIt and Joe.
Ryan:
[11:56] That way we get all the fans. See, you got the EMAC. I don’t even know the Joe or the other one either.
Michael:
[12:02] Joe is a fork of another one like J-Edit or something.
Jill:
[12:07] Yeah, correct. Yeah, correct.
Ryan:
[12:09] Correct, Michael.
Michael:
[12:11] Yeah. You seem so aware of it.
Ryan:
[12:14] I use it every day, Michael. Of course I know that. Yeah. It’s named after G.I. Joe’s, by the way.
Jill:
[12:20] G.I. Joe’s.
Ryan:
[12:21] Of course yeah yeah well give you guys a little history lesson well i thought it was joe’s apartment.
Michael:
[12:26] But yeah it could be.
Ryan:
[12:27] Whatever yeah joe uh the next one’s sips come on sips sips correct that michael sip it’s i know i.
Michael:
[12:36] Have no idea.
Ryan:
[12:37] Uh i.
Michael:
[12:38] Feel like it should be sip it’s just because i want it to be.
Ryan:
[12:41] It’s a set of tools to audit sip based voip systems uh you’ve You’ve got SprayHound, password spraying tool, and Bloodhound integration. And then you’ve got SQLMC, check all URLs of a domain for SQL injections, which that’s a very useful tool. That’s a very common way of breaking into stuff.
Michael:
[13:00] That’s not what it’s for. SQL MC is a nerd core rapper.
Ryan:
[13:06] Oh, yes, that’s true.
Michael:
[13:10] Not really, but it should be.
Jill:
[13:12] I was happy they put NetScanner in there because I’ve used that a lot. And I remember the last time I ran Kali Linux, it wasn’t in there and I just installed it.
Ryan:
[13:22] So Kali Linux, it’s interesting you mentioned that one. Kali Linux is not a daily driver, right? It’s not really what it’s meant for. I mean, people I’m sure out there do use it for that, but that’s not its primary purpose. It’s a pen testing tool. And I was recently playing with some tools because I’m in college for cybersecurity. It’s kind of a requirement and ended up doing this entire network scan because I didn’t read the man pages. And so I didn’t like I saw a switch. He gave a suggestion as a switch that was kind of like an all. It was bigger than just / all, but it was like a lot. And I was like, I don’t know. They’re giving his recommendation. let me run it and just see what it does uh anyways the isp uh that i used got so mad they shut off my internet for 24 hours because it was scanning everything like not just my local network i mean it was going through the isp stuff it was hitting everything and it was like it had reached like 150 000 nodes before they shut me off so what you should do is.
Michael:
[14:23] This is this.
Ryan:
[14:24] Is an.
Michael:
[14:24] Information that That we now have to have a slogan that Callie does like Callie responsibly. That’s what they have. That should be their slogan.
Ryan:
[14:34] Pools can be very dangerous. They’re very powerful. You should read before you just run them. But that goes against everything. My entire life long of just run it. My team had that thing. They always make a joke like, what’s Ryan going to say about it? I’d be like, just run it because I’m just like, let’s see what happens. Let’s do it. I did that with Callie and it didn’t work out so well. So be careful.
Michael:
[14:59] You did find out some good information.
Jill:
[15:01] We found out that Ryan’s a noob.
Ryan:
[15:05] Whoa!
Jill:
[15:06] Isn’t he?
Ryan:
[15:07] No!
Jill:
[15:09] It’s true.
Michael:
[15:11] Got him.
Jill:
[15:12] I’m unhackable.
Ryan:
[15:15] Dang. Did you see Jill throwing the flames there, my friend?
Jill:
[15:18] So good.
Michael:
[15:19] So good. So good.
Jill:
[15:22] You called me a noob.
Michael:
[15:23] I mean, you are kind of a noob when it comes to Kali Linux.
Ryan:
[15:28] Script kitty, you know? Noob.
Michael:
[15:30] But that’s fantastic. So you said earlier that it shouldn’t be a daily driver. And that’s completely true. I commented, I said this on the previous episode of Twill where I covered Kali Linux release. and i got a comment just a couple days ago where someone’s yelling at me for daring i say that kali linux is not the daily driver type thing and it’s funny because their argument was that it’s based on debian therefore i’m like what does that mean okay yeah just because it’s based on something that you could doesn’t mean that it automatically inherits every value that the other thing has because that’s not how derivatives work yeah but it’s just funny because there’s going to be people who are going to completely disagree they’re wrong it’s okay they’d be wrong but they’re wrong and Kali Linux is 100% designed to not necessarily be a daily driver yes if you are a pen testing professional do whatever you want related to Kali Linux in the terms of, that doesn’t violate laws, then do whatever you want. But if you’re brand new to it, like Ryan, for example, you should not be daily driving it. You don’t want to be a noob with Kali. Yeah.
Ryan:
[16:48] I think there’s no purpose to use Kali as a daily driver unless you’re a pen tester or you’re into cybersecurity and things. There’s really nothing that it would be providing you. Or if you’re using it for education, you want to learn what the tools do, that type of stuff. but otherwise you would not use this as like your main stable system not that it’s not stable but it’s just all the tools and things that it’s already comes pre-installed don’t make sense for 99.9 of the population out there so it’s very cool you can do.
Michael:
[17:18] Amazing it’s funny the funny thing is is that like at least 90 of its history kali linux was always root by default root only by default. And only recently, like the past year or two, they changed that so you can actually have a user-based system. So people for like, it was even more so before. And the problem is, is that people think Kali Linux is a system that, you know, it can break into other things. So it must be good in security on its own. And that is not at all what it’s made for. It’s not made to be be hardened in terms of usability, it’s made to break into other things. And so that’s really what people are doing it wrong.
Ryan:
[18:02] You could make it very hardened if you wanted to.
Michael:
[18:04] If you’re going through the process of doing that, you might as well just use a distro that doesn’t make you do that for your daily driver. There’s also examples like other cybersecurity distros like Parrot OS. Parrot has a let’s a break stuff and then like a daily driver version. So, those kinds of things make more sense and if you’re gonna if you really must use a cyber security distro use the one that was made for it and if you want to but cali linux is fantastic, and is it’s been around for a very long time and i’m a i’m a big fan of what they do um but i still like every time we cover it it’s always like it’s not it’s not for everybody just use it with With caution.
Ryan:
[18:49] I think a lot of people use it just because it’s cool and you’re going to see it in the media. You’re going to see it talked about in colleges. You’re going to see it in TV shows. You’re going to see it in a lot of stuff because it’s a very cool, it’s amazing suite of tools that they put together. It’s an amazing team that works on Kali Linux. I use it on a non-daily driver on the Minis forum that they sent to us to test out from the Manjaro team. And I run Kali Linux on it. And that’s what I do a lot of my testing. And that’s how I shut down my ISP and got kicked off the internet for 24 hours with that little mini forum over there.
Michael:
[19:21] That’s how you got punished by your ISP, yeah. Yeah, got punished from there. So Jill, tell us about your days as a hacker.
Jill:
[19:28] Okay. So back in 2006, when in 2007, when Kali Linux was called Backtrack and then it was based on Nopic Linux, I used to use it for, well, things.
Ryan:
[19:45] Like what things, Jill? Like what?
Jill:
[19:47] War driving.
Ryan:
[19:49] I don’t know what that is. What is war driving?
Michael:
[19:51] War driving is when you’re in like a van or something, you send out a signal and you’re kind of like you’re breaking down Wi-Fi and then becoming a fake Wi-Fi.
Ryan:
[20:00] No, you wouldn’t war drive.
Jill:
[20:02] So Kismet and AircrackNG, all the things. And that was like one of the first distros I put on my netbook. So my EPC.
Ryan:
[20:14] Look how evil she is. She’s holding her hands in that little evil, like, Dr. Evil manner, you know?
Michael:
[20:19] It reminds me of The Simpsons. Excellent.
Jill:
[20:21] Yes. So, I still have it installed on one of my EPCs.
Ryan:
[20:28] Now, I’m guessing, Jill, when you were war driving, you were just going around searching for signals so that you could, you know, nothing nefarious. Jill would never do that.
Jill:
[20:36] No, no, no, no, no, no, no, no.
Michael:
[20:38] War driving, also, you could just collect the information rather than actually doing stuff.
Jill:
[20:41] Yeah, you don’t have to actually. You’re not necessarily having to hack into networks. you can just see that you have the ability to do so, but don’t harm anyone in the process.
Michael:
[20:51] Then choose not to.
Jill:
[20:51] Yeah.
Ryan:
[20:52] Jill, what did you do with Metasploit?
Jill:
[20:54] Oh i better not go.
Ryan:
[21:00] Jill so awesome she was hired by a company to test their security that’s what we’ll go with i did.
Jill:
[21:08] Do some security before for a company so.
Ryan:
[21:11] There you go that’s where she used metasploit in case anybody asked that’s the story i’m sticking to yes absolutely cali linux very Very awesome. Check it out if you are looking to check out pen testing or understand some of the tools, but be very careful. Be cautious. You’ve been warned. You may get kicked out from your ISP. Oh, by the way, when I did get kicked off by ISP, I didn’t realize that’s what it was. And I started searching because I was like, I ran that command and then my internet shuts down. And I saw a lot of people talking about getting kicked out of their ISP because of Kali Linux. So there was It was like a whole, and I knew immediately what had happened. So, yeah, it’s not a unique thing. So, just you’re one.
Michael:
[21:52] Not unique, but also it’s an interesting experience, I think. I think it’s good content for the show.
Ryan:
[21:58] Very good content for the show.
Michael:
[22:00] Indeed. And also, it’s funny because you recently got kicked out of your ISP, and I recently got mine connected. Yay!
Ryan:
[22:10] It kicked me out.
Jill:
[22:11] Finally, Michael. Over a month.
Michael:
[22:13] Yeah, I mean, today was a day over a month. Exactly. I should not be interrupting anybody anymore.
Ryan:
[22:24] Well, Michael, you know, you watch a lot of YouTube videos. Some people say that you are a bona fide street fighter. Is this true?
Michael:
[22:32] So back in my jujitsu days, which was yesterday. Wow. And in my Muay Thai days, which was a week ago. Man. And I was known to do some street fights here and there. Or some shoot fights. in fact with uh bjj brazilian jiu-jitsu and you know.
Ryan:
[22:56] All the terms you can’t fight with crap you.
Michael:
[22:59] Don’t know we’ve never fought what don’t know let’s see i am undefeated between ryan and me i’m undefeated so is ryan because we’ve never fought but still yeah.
Ryan:
[23:12] Verbally though verbally Verbally.
Michael:
[23:15] Verbally fighting constantly. Yeah. So, and one of the things that we say verbally in order to fight is the starting, of course, is you go, that’s…
Ryan:
[23:27] Hadouken.
Michael:
[23:28] That’s not Hadouken, bro.
Ryan:
[23:29] Oh, that’s not Hadouken? Which one’s Hadouken?
Michael:
[23:31] No, that’s like Sonic Uppercut.
Ryan:
[23:34] Which one’s Hadouken?
Michael:
[23:35] Hadouken is the fireball.
Jill:
[23:37] Yeah, it’s that.
Ryan:
[23:38] Hadouken.
Michael:
[23:39] There you go. How dare you?
Ryan:
[23:41] Man, darn it.
Michael:
[23:42] There’s also tiger uppercut and another uppercut from the game i don’t remember the other one but anyway hadouken no longer just a way to ward off someone trying to step to you in the street you know don’t.
Ryan:
[23:55] Mess with me bro i’ll fireball you uh.
Michael:
[23:59] You don’t want to get fireballed now it’s uh it’s not just uh you know it’s that’s a street fighter meme for those who are uh away not aware if you didn’t get it yeah so this hadouken actually packs more than a punch it packs malware.
Ryan:
[24:15] That was really good.
Michael:
[24:16] Because we’re talking about some new malware that has Linux as the target, both a crypto miner and a tsunami malware botnet that can perform a DDoS attack. Now, this is interesting, but it’s specifically targeting Oracle WebLogic servers, at least the version Aqua Security discovered in one of their honeypots. However, it can be modified to go after Windows servers as well. One of the things I love about this information is that we found this out because of these security companies who are purposely putting out systems to be attacked so they can scan it and see all of these things so that they can reveal the information about these. And that’s exactly what they did here because this honeypot had very weak credentials to break through, and therefore they collected all this information.
Ryan:
[25:02] Well, we don’t know. I mean, honeypot could look sophisticated. It could even be sophisticated. Honeypot could be a lot of different things, and that’s what I think is really cool.
Michael:
[25:10] That’s true, but I think, and they said in this case, It was weak credentials on purpose or something like that.
Ryan:
[25:14] Yeah. I mean, I think it’s so awesome that there are security companies out there that release these honeypots and then capture this data. And basically, you’re getting the hackers to expose themselves trying to get into the systems. And then they’re collecting that. And then we get more secure from it before they actually get to a target that can hurt us. Although we didn’t get in front of this target quick enough, unfortunately. So, what’s interesting is these Oracle WebLogic servers, Michael, are very popular with big banks and governments and financial institutions of all kinds. So, this is being run by an Akira ransomware group where they found it. And if you think this type of thing is like, well, I don’t have to worry about it or whatever, they’ve already netted $42 million in ransom. And that’s over 250 organizations that they’ve hit. with these ransomware hacks. So this is a big deal, right? And according to Cybersecurity and Infrastructure Security Agency.
Ryan:
[26:16] The FBI and Europol’s European Cyber Crime Center and the National Cyber Security Center in the Netherlands, it’s now got its sights heavily on Linux. So this hacking group is heavily targeting Linux to see what they can get. So if you have some Linux servers out there, you may want to have a honeypot of your own, right? To see if you can catch this stuff early and see if they’re using. Because what happens is we’ve got this version. There’s probably some patches and things have already happened, will happen. but then they’ll modify it slightly to kind of attack in a different vector. And so that’s where the dangers come in with these things.
Michael:
[26:51] So yeah, constantly have your stuff up to date. And, you know.
Ryan:
[26:56] One of the things that I think is interesting about this is that they download a shell script named C and a Python script named Y. And then, you know, obviously it can either do ransomware, it can do a DDoS, it can do these botnet things, but it always apparently searches for your SSH credentials while it’s at it. So that’s one of the plays that it gets. And imagine if you get those SSH credentials, now you can start spreading it across all of the servers in the company and things. So very sophisticated attacks. Yeah. We’re seeing a lot of these.
Michael:
[27:25] It also looks like this Dugan thing is something that can transition across networks. So it can affect more and more things as it’s going.
Jill:
[27:33] Scary.
Ryan:
[27:34] Linux to Windows, potentially, you know? Yeah.
Michael:
[27:37] And it’s a good name for an attack because, you know, it’s a… But other than that, it’s terrible. And first of all, so the people who are making this, just you’re awful, you should feel awful. Futurama reference. But also, if you are worried about being affected by this, it is directly for a particular type of server that you are probably not using. And that’s just something to say that we’re talking about this because they are now focusing on Linux. And there’s a lot of people who are talking about how Linux is more and more attacked because it’s getting more popular and therefore it’s a bigger target. But this is a terrible argument. And when people talk about Windows versus Linux and the security aspects, they’re usually referring to, oh, Linux is only not attacked because Windows is so big and Linux is so small. all this is an example of something on a server and linux servers are the dominant thing we have like 90 of the internet powered by linux so if that was the case then these wouldn’t be happening you know very uh often we’re gonna see a lot more.
Ryan:
[28:58] Of this too we.
Michael:
[28:59] Are gonna see more because people are just uh trying like because windows is technically getting better in security it used to be hot garbage. Now it’s just… slightly trash so it’s improved but it’s still in the trashy aspects of security but it has improved a lot it just means that they where they started was abysmal uh but uh linux does is still going to get some more attacks and that’s still going to happen but i there is this one of the articles that there’s a quote from somebody from keeper security which is like a password tool and that i started researching this company they have some real like they have a comparison section about like their password manager versus other password managers you could check it out for yourself but the way they word stuff is just so sketch because uh they have like oh our stuff is great their stuff is not so great but then the way they word it is like they’re purposefully ignoring certain aspects where one for example bitwarden they said um bitwarden does have a cloud service but the self-hosted version is super hard to get set it and keeper is so easy I’m like, well, so is the cloud version for people. Like, what are you talking about? So it made me look more closely to what he said in the article because they reached out to him apparently for, you know, some kind of take. And he says, Linux servers often host critical applications and data, making them attractive targets for extortion.
Michael:
[30:27] The open source nature of Linux lets threat actors analyze and exploit vulnerabilities more easily, potentially leading to large scale attacks with greater impact. It’s critical for organizations to implement robust cybersecurity measures, including timely patching, network segmentation, et cetera, et cetera, et cetera. So all the stuff about what they should do, that’s true. I mean, that’s kind of like basic cybersecurity, you know, patch your system, do tests on your system, all that sort of stuff. but the part where there’s like open source nature of linux lets it be and i’m like no no no yeah that’s not how it works no when you have a system that has tens of thousands of developers fixing things all the time that has new releases every six weeks that’s not that’s not it’s just annoying to see these kinds of takes because it’s clearly it’s misleading but also it’s like a it’s like a justification for themselves to be proprietary. Like, if you want to be proprietary, that’s fine. Just don’t make up other stuff about the things that you’re comparing to.
Ryan:
[31:27] Right. You know, what’s interesting to me is that there’s so many scams going on right now. And we’ve talked about in the show prior about how sophisticated these scams are getting. And there’s a lot of people out there still that are saying things like privacy doesn’t matter, although I hear it a lot less than I used to because I think people are starting to understand the real world implications that not having privacy is doing. Like there are people who are getting more expensive insurance bills because they found out that their cars were reporting their driving, that they signed in one of their documents when they bought their car, that they had no clue because they didn’t really read it. Just like the terms and conditions and privacy policy that that was happening. And so these are having real impacts on people. Your privacy does matter. It’s going to impact you if it hasn’t already. And the thing about these companies that are, you know, not being held accountable for all of the data they accumulate and then lose.
Ryan:
[32:24] To whatever hacks or just complete complacency when it comes to storing their data and things on open AWS servers and all this nonsense that’s gone on is that these hackers are becoming much, much more sophisticated when they calling you or they’re messaging you, they’re giving you real information on your actual bank that you use, your actual birth date information, even your actual social security number, because that’s been leaked everywhere too. And they’ve got all this information that makes them sound super legitimate.
Ryan:
[32:58] There’s one thing, though, that I want to talk to people about because there’s some very sad cases where hackers are compromising photos or other information.
Ryan:
[33:10] And these obviously are embarrassing photos or embarrassing situations. And then they are releasing it or threatening to release this information to these teenagers, kids, adults, families. So because you have social media, they can see who you’re all linked to, who all your family is and all these things. They get these pictures. One is a webcam footage potentially, and then they threatened to give it to the family if they don’t pay them a certain amount of money.
Ryan:
[33:38] First thing to remember is 99.9% of the time, these are just complete scams. They don’t actually have the pictures. One of them actually has like a fake picture of a room, a very generic dark dark picture of a room that people are getting fooled by to think that that’s actually their room that they got a picture of and things. There are times where they do get into a cloud. If you’re storing your pictures and cloud services and things, and don’t have those properly secured where they do actually get the pictures. The problem is that this is leading to some horrible situations where kids are making terrible decisions because they think their life’s over because these photos and things get compromised. So really this is a warning to parents out there or even uncles or any family member to talk to your kids, nephews, whomever, any teenagers.
Ryan:
[34:25] Kids in college, anybody who’d be susceptible to this that may not understand that, number one, most of the time it’s a scam. Number two, even if it’s not, there are really bad people out there and there are ways to handle these types of situations or organizations specifically that will go hunt these groups down and try to get this stuff taken down. There’s a lot of things that can be done. It’s not the end of the world. And I think it’s very important for people to have those conversations with their family members out there. So Hadouken’s obviously not targeting personal information, but I wanted to talk about that because there’s a documentary out there right now kind of talking about this and the horrible consequences it’s having on certain people’s lives. And so I think when we talk about security and privacy, we need to talk about that.
Michael:
[35:09] I’m glad you talked about it.
Jill:
[35:11] Ryan. It’s important because I had seen another documentary not too long ago that was targeting children with one of these vulnerabilities. Yeah. It’s scary. It’s really scary.
Michael:
[35:24] Gary and also um you talked about how some cars are now reporting your driving uh activity there i i’ve found some cars are embedding you know like all these cars have cameras now everywhere like there’s the backup camera that everybody knows about but there’s also like other cameras for sensors and whatever but there’s also now some cars are putting cameras inside of the cabin of the car to track the person driving and they say it’s for safety reasons in case you have the autopilot going and therefore uh you’re not doing it properly and blah blah blah blah but i i have to say in no way is it okay for someone to have a camera in the in my car pointed at me at all times sometimes just because like like what am i buying at this point like like this is like why are you giving this to.
Ryan:
[36:21] Me for free like a google search and.
Michael:
[36:23] You’re stealing all my data yeah you’re you’re making me have like buy pay thousands and thousands of dollars for surveillance of my myself that i didn’t even know like then it’s crazy because a lot of cars are doing that sometimes they’re even purposefully hiding them like some people are some companies are putting it out like outright in your face on the steering column and then some are putting it in the dash like next to the vents or something like it’s it’s a it’s.
Ryan:
[36:51] A mad world it’s a very so.
Michael:
[36:54] Privacy is a very important thing and uh even though this is not necessarily related to hadouken security is security so you know stay alert the.
Ryan:
[37:03] Good news about all of this is it really got me thinking about how much i miss playing street fighter that was one of my favorite games.
Michael:
[37:08] That’s It has been a very long time since I played Street Fighter.
Ryan:
[37:12] Yeah.
Jill:
[37:14] And speaking of which, the Hadouken spelling used for the malware is actually spelled incorrectly. If it was referring to the term given to a special attack with fireballs from Capcom’s Street Fighter series of fighting games, The correct spelling is Hadouken, H-A-D-O-U-K-E-N, not Hadouken, H-A-D-O-O-K-E-N.
Ryan:
[37:40] Listen, Professor Jill coming in to save the day. They should be so embarrassed they just delete the malware.
Michael:
[37:45] Not only are you terrible people, you’re also terrible at spelling. Yeah.
Jill:
[37:50] These bad actors don’t know how to spell correctly.
Ryan:
[37:53] Good, bro.
Jill:
[37:54] They didn’t go to school.
Ryan:
[37:56] Your spelling’s Ohio dog water.
Jill:
[37:58] Yeah.
Ryan:
[37:59] All right. So, you know, we talked last week about Apple and some of its privacy things it’s doing with AI and stuff. There’s this really interesting, you’ve probably heard about this if you look into cybersecurity and things at all. But if you’re new, there’s a company in Israel called NSO, and this group makes a tool called Pegasus. Pegasus is a very, very powerful tool that can essentially break into any phone, anytime, remotely. and is supposed to be used by governments as a counterintelligence tool, but its capabilities that we know of so far are quite shocking. There are reports that you don’t even have to open the text message that it sends you. Once it sends you the text message, it has full control of your device, whether that be Android or iPhone. The things that people are saying about this tool and the stories out there of what it can do is astounding. So I obviously don’t have access to the tool. I can’t tell you if it works that way or not, but we know this company is a very big company. It makes a lot of money off these tools. So I’m, I’m quite certain it’s very effective in some manner. Right. Uh, and it’s been over the news and a lot of documentaries about security and things, uh, because of obviously the abuse of this tool. Cause once you use a tool like this, somebody else can capture it. Right. And then they can potentially reverse engineer and utilize it.
Michael:
[39:20] Once you make this kind of tool, um, and use it.
Ryan:
[39:22] Yeah.
Michael:
[39:23] Yeah. It’s also software, so it’s not like it can’t be copied, you know?
Ryan:
[39:27] Yeah. Well, would you download a car, Michael?
Michael:
[39:30] 100%.
Ryan:
[39:31] Okay, cool.
Michael:
[39:32] So this NSO group. Unless it has a camera in the cabin tracking me, then I don’t want to download that car.
Ryan:
[39:38] You remember those movies?
Jill:
[39:39] But you can download the software from your car or someone else’s car and stop it from starting. Oh.
Ryan:
[39:45] Jill, I’m starting to worry about Jill, Michael. We thought she was all this nice, friendly Jill. But it turns out she’s an elite haxer.
Michael:
[39:52] We are learning quite a bit this episode about our girl.
Ryan:
[39:56] Yeah, I’m kind of scared. Last week, we were talking about her hacking into my computer. And this week, she’s just finally coming out.
Michael:
[40:02] It just so happens that she might have already done it before.
Ryan:
[40:07] Right. So the NSO group has been sued by Apple back in 2021. So they’ve had a lawsuit out there for the last three years for the fact that it uses this Pegasus tool on iPhones. phones. However, this week, Apple dropped the case, which shocked a lot of people. A lot of people were very happy that Apple was pursuing this lawsuit to kind of stop this tool from getting out any further. And the reason Apple gave for dropping the case reportedly is that they’re afraid if this case continues, Pegasus will use the information in the discovery phase of the case to essentially to continue to improve their tool. as in apple’s words they will use any means necessary to get information about how their system works and utilize it so instead of potentially revealing sensitive information apple has decided to just give up and i think it’s a shame because we have to wonder how much apple can do actually to block these kind of companies who are using exploits they’re not making known to the public and potentially doing all kinds of damage and things especially if these These things get out in the wild, like we mentioned before. So, yeah, crazy.
Michael:
[41:19] Supposedly, these are good actors that are trying to do good for society.
Ryan:
[41:25] Because government is good.
Michael:
[41:26] Because that’s why I said.
Ryan:
[41:28] We support our government.
Michael:
[41:29] That’s why I gave a lot of snark when I said good actors. Who knows?
Jill:
[41:34] Yeah.
Michael:
[41:35] Who knows? But, yeah, these kinds of things shouldn’t exist. And it’s a shame that this happened. It makes sense that Apple, their reasoning makes sense to drop it. But also, it’s kind of a shame because these kinds of things, especially if it just requires sending messages and you don’t even have to open the message, I’m pretty confident I’m just going to delete SMSs and just the functionality from my phone entirely.
Ryan:
[42:00] That was one of our tips of the week, is to not allow messages. There’s a way to block downloading of any videos or photos.
Michael:
[42:07] Yeah, but not to download anything. thing i was just gonna block all messages period like all.
Ryan:
[42:11] Block them all yeah i mean i don’t read yours anyway so i might as well just block i mean click.
Michael:
[42:15] Exactly i don’t think.
Ryan:
[42:16] You read.
Michael:
[42:16] Any at this point.
Ryan:
[42:17] I think you’re pegasus i think you’re the founder oh.
Jill:
[42:20] Well you know recently.
Ryan:
[42:25] You’re right that’s man i do like uh pegasus i’m sure you do since you founded it jill no No.
Michael:
[42:34] She meant the flying horses.
Jill:
[42:38] Flying horses. Yeah. So actually recently on Destination Linux episode number 386, we actually talked about fingerprint and credit card data being at risk on Android phones. But Apple wasn’t mentioned in the title of the article, even though their phones have the same horrible vulnerabilities. and you know it’s when we talk about, information about uh about you know this recent um issue and you know apple actually is gatekeeping and keeping security breaches out of the news so this is no surprise yeah because you have to wonder scary are they dropping the case because.
Ryan:
[43:27] They don’t want people to know how are they really dropping it because of the reveal probably obviously pegasus has a lot of information they want. And in the discovery phase, I know lawyers have the ability to request certain information and things, but it has to have some relevance to the case. Is it really that Apple doesn’t want people to know how easy it was and how vulnerable they were? And it goes back to your point, Michael, of saying these companies that say, oh, open source is more dangerous because you can see the code. But we have no idea in a closed system whether Apple can say they’re the the most private thing in the world android can say the most private thing in the world one you can actually check the other you can’t and so without reverse engineering so we don’t know there could have been a vulnerability that’s so stupid it’s like your passwords in your notepad file and all your encryption keys are stored you know in an open folder right there like we don’t know and that could be something they’re trying to hide too we just don’t know because it’s closed source and that’s the dangers of proprietary so there’s there’s give and take not one’s necessarily uh always the path to take but there’s give and take in either of those scenarios yeah.
Jill:
[44:39] And in many cases i mean companies like apple have to have you know some security policies in in.
Ryan:
[44:46] Place you.
Jill:
[44:47] Know so this this is especially for like you know government investigation and whatnot not so.
Ryan:
[44:52] It’s there there there.
Jill:
[44:55] Has to be that security there but it would be nice to find out a little more information.
Ryan:
[45:01] With the subpoena through the courts through the proper channels is how it’s supposed to work i’m not quite sure sending a text message and getting full access to everybody’s yeah the way that pegasus apparently works it’s.
Michael:
[45:14] Very not it also makes you think about maybe this pegasus thing is how because there was like this um, This report in 2016, I believe, that the FBI was contacting Apple and trying to get them to open up a phone for some suspect or something. And they didn’t do it. They didn’t want to do it. And then all of a sudden, the FBI stops trying to get Apple to do it because they found a third party who was able to help. I’m like, yeah, okay, that’s scary.
Ryan:
[45:45] I wonder who that is.
Michael:
[45:45] Yeah.
Ryan:
[45:46] Yeah. Nobody believed that story, as I recall, to begin with, because they had physical access to the phone, but claimed they couldn’t get into it. The belief was they were actually utilizing that to get Apple to open an easier backdoor so that they could remote into it. Oh, yeah.
Michael:
[46:01] Because they had physical access. It was just like, you should be able to get in. What are you talking about?
Ryan:
[46:05] They could get in. They’re just… Anyways, Jill, there’s a lot of cybersecurity thing. I feel like there’s a lot of Ryan all over this episode. Let’s get something non-cybersecurity.
Michael:
[46:15] Which is disgusting, I know.
Jill:
[46:17] It’s disgusting. It’s gross.
Ryan:
[46:18] What do we got in gaming?
Jill:
[46:20] Well, after all that hacking and hearing about all these bad actors, maybe you just want an idle clicker game to relax with.
Ryan:
[46:29] Sounds good.
Jill:
[46:30] Our game this week is called Sword and Shield Idle. And on Steam, the game is described like this. Enter a never-ending idle game. Battle creatures, rescue captives, forge swords, wield shields, and get special boosts. Each restart makes you tougher. Easy to play, deep in strategy. And embark on an idle, incremental adventure set in a dungeon teeming with monsters. Progress through each deep… each deep where every boss room presents a unique opportunity to free prisoners. Sweet.
Ryan:
[47:12] Get to go in there and hack and slash. Oh, dang it. I said hack again.
Jill:
[47:16] I can’t stop myself. Yes, you did. So Sword and Shield Idol is a fun, you know, it’s a fun top-down game with minimal graphics and lots of cool weapon sound effects. It does have very deep mechanics, but I found them easy to master. and the game has a fun dungeon progression and boss fights that are are both challenging and keep you wanting more and i honestly had played the demo for sword and shield idol during the last steam next fest and enjoyed it so i just went ahead and grabbed the full version and it’s only 2.99 on steam so it’s only a few bucks.
Ryan:
[47:55] There you go nice yeah and it runs on.
Jill:
[47:59] Linux out of the box i don’t.
Ryan:
[48:01] Get these.
Michael:
[48:02] Kind of clicker games.
Ryan:
[48:02] Just not.
Michael:
[48:05] My thing i.
Ryan:
[48:05] Don’t get it click it just constantly i don’t.
Michael:
[48:10] Get it but.
Ryan:
[48:11] Kind of brainless like i consider it like eye bleach it’s kind of brain bleach you just kind of endlessly like i’m doing something that i don’t have to think about like yeah you know if you have a hard day at work your brain’s all like code infused and everything you just always want to click something and look like i’m playing okay fair enough i like watching to know that people play video games maybe. I don’t know. I honestly never got into them either, Michael. I was just trying to, But this was a fun one.
Jill:
[48:35] I don’t usually either, but this one was a fun one.
Ryan:
[48:37] Very cool. All right, Jill, let’s get back into cybersecurity. I’m sick of this happy crap.
Jill:
[48:42] Yeah.
Michael:
[48:43] We were so close to getting away from the cybersecurity stuff.
Jill:
[48:45] We were so close. Darn you, Ryan. You thought you were done. No. You thought you were done. No.
Michael:
[48:53] We’re not done.
Jill:
[48:55] So maybe Kali Linux isn’t your thing, but investigating punk hackers is? Here we go again.
Ryan:
[49:02] Did you write that? You wrote that one.
Jill:
[49:06] I wrote the one in the gaming.
Ryan:
[49:08] She’s talking about me.
Jill:
[49:11] Our software spotlight this week is really a Linux distribution spotlight. The distro is called CSI Linux. It works amazing in a virtual machine as well, so you don’t have to make it your main distro.
Michael:
[49:28] Nice. Also, CSI Linux, not to be confused with CSI Miami.
Ryan:
[49:33] Yeah exactly also has elite hackers in it right yeah yeah.
Michael:
[49:38] Absolutely doesn’t.
Ryan:
[49:39] Csi have some of the worst hacking scenes of.
Michael:
[49:41] Any show there’s there’s literally a csi cyber which is so bad that it got canceled after like a couple seasons because it like the csi miami the csi whatever they are there’s like who knows tons of them but they they all do like the worst possible hacking experience and i feel like it’s it’s they have to know that it’s nonsense and it’s just funny for that purpose because they can’t believe it’s real but csi cyber was the worst one because they started they started making up stuff that’s like not even like it doesn’t even seem real like it doesn’t even seem possible even for people who are not technical i had people who tell me like this show is stupid because there’s no way that that’s real like uh, There was one where they were driving down the road and they were connecting to this car, the car smart tires through some kind of like the, you know, the air clamp that tightens on the air nozzle. So those somehow those were smart and had Bluetooth and they would connect and track the car based on this Bluetooth thing. You’re like, what are you talking about?
Ryan:
[50:54] I got to look these up.
Jill:
[50:55] A little plug for the tire.
Michael:
[50:59] That’s a pretty good.
Ryan:
[51:00] Idea i feel like you could hide a little bluetooth device inside the but.
Michael:
[51:04] Okay but you’re not ever gonna you’re not gonna be able to like consistently jump back and forth between a pole and like bluetooth only has 20 feet of being able to detect right don’t.
Ryan:
[51:15] Kill my dreams.
Michael:
[51:16] Starting this smarting.
Ryan:
[51:18] The smart tire company.
Michael:
[51:19] So they were saying that every single light pole had some kind of bluetooth receiver and it was able to jump back and forth and it was like what what kind of what what weird alternate universe are you in that all of this infrastructure is set up like michael you.
Ryan:
[51:40] Know i love terrible movies and terrible shows and i gotta be honest with you you’ve talked me into watching this show.
Michael:
[51:45] Now yeah okay if you want more garbage that’s like this uh hacker nonsense check out scorpion it’s oh yeah that’s a good horrible i enjoyed.
Jill:
[51:55] That show it.
Michael:
[51:58] Is funny for how ridiculous it is because it is like the first episode you’re like what no no you can’t even you can’t even pretend that this makes sense so they hacked a plane while it’s moving trying to take off by connecting it from a convertible car with, I don’t know, just like a parallel port or something, and then somehow they’re hacking it as it’s trying to take off. What is this?
Jill:
[52:27] I kind of remember that.
Ryan:
[52:28] I’ve seen that before. It’s real. It’s very realistic.
Michael:
[52:31] Very realistic.
Jill:
[52:32] They need to take some tips from James Bond. I mean, let’s just face it.
Michael:
[52:36] Yeah, I think James Bond at least makes it clear that this is ridiculous.
Jill:
[52:40] Yeah. But CSI Linux is actually a focused Linux distribution for digital forensics and was developed as an open source theme park for the cybersecurity industry. It also comes.
Michael:
[52:57] With an AI assistant Is this ThemeTarget? I want to know.
Jill:
[52:59] Yeah, I know. Metasploit. So it also comes with an AI assistant app. Navi, and it uses Ubuntu LTS on the back And while CSI Linux could be used for pen testing, where its tools really shine is in forensics with things like CSI Tools. which is a wide array of tools catering to various investigation needs. Cryptocurrency Wallet Lookup, which is a quick search and analysis of cryptocurrency wallet transactions. Centralized Evidence Capture, which is an organized collection and storage of critical evidence. There’s Custom GUIs and Forensic Disk Image Mounter. forensic volume and image right blocker which is a protection against accidental alterations to original data there’s just so much packed into csi linux you should go to the website and and check it out and i was running uh the distro just recently um as as we were going through she worked jill yeah, she probably she is so busted man Well.
Jill:
[54:26] It’s kind of funny because I had had ran it when it was a new distro, but way back when. And what’s nice now is it’s so much more organized. So it’s it’s got actually predefined topics. So if you want to, for instance, do forensic disk image mounter, there’s actually a topic, a menu that you click on and then you’ll get those tools available. which is really nice.
Ryan:
[54:54] Has that made it easier for you to run Pegasus with those tools?
Jill:
[54:56] Yeah. Curious. And what I found is really, really cool. This is something awesome because I have some friends that have taken these courses. You can even take a free CSI Linux Academy course. And if you pass the exam, you can earn the CSIL-CI certification notification that you can use for cyber forensics and cyber security jobs.
Ryan:
[55:25] That’s really cool.
Jill:
[55:26] So it’s legit. That is very cool. It’s very legit. That’s very cool. And I heard that even Amazon uses this. Yeah, very cool.
Michael:
[55:33] Nice.
Jill:
[55:33] That’s praise indeed.
Michael:
[55:34] So I think CSI Linux or Cecil is a very interesting distribution.
Jill:
[55:41] Yeah, absolutely.
Michael:
[55:43] I just wanted to call it Cecil, really.
Jill:
[55:45] Cecil. That’s good, Michael. And you can download pre-built virtual machines of CSI Linux for VirtualBox, VMware, or QMU, or as a pre-built disk image, which I did.
Ryan:
[56:00] Very nice. All right, Jill, what’s going on in the tip of the week?
Jill:
[56:04] So there are quite a few players trying to bring some form of Linux onto Android devices since, after all, Android runs on a Linux kernel. One that’s looking very promising is Lendroid. And yes, this is a happy topic, not one of hacking.
Ryan:
[56:24] You have to hack it to use it. You have to root your phone.
Jill:
[56:28] You do, actually, but this is happy hacking. Okay. So if you want a containerized version of Linux on your mobile phone, this might be a great tool for you. Lendroid is stating they have a hardware accelerated version of Linux working on Android, and it uses Wayland. It’s the only one I know of that’s really using Wayland right now. Now, so currently you will need to put your hacker hat on as your device will need to be rooted. But those things can change as it gets more mature, which is so true that we’re going to make this process easier, I’m sure. So many of you out there are old school Android routers, so it won’t be a problem for you. And like for me and Michael and Ryan.
Ryan:
[57:16] We’ve done rooting devices before you were even born.
Jill:
[57:20] I’ve been rooting them since Unix.
Ryan:
[57:22] Been rooting, yeah.
Jill:
[57:25] So, yeah.
Michael:
[57:26] You’re a rooting, tooting bunch of people.
Ryan:
[57:29] We root everything. I root everything. I don’t care what. I rooted my refrigerator. I root it.
Michael:
[57:34] It doesn’t even have a smart device in it. Just rooted it anyway.
Ryan:
[57:37] Just rooted it.
Michael:
[57:38] You figure out how, and then you can root yours.
Ryan:
[57:41] Yeah. Yeah.
Jill:
[57:42] So, we have to ask for everyone out in the community, if you use Lendroid, we would love to hear from you and what you loved about it and how well does it actually work for you? Because it’s still very much a work in progress. And so it takes a bit of going through all the instructions and doing some compiling and, and whatnot but.
Michael:
[58:05] A random side note we were talking about i just made that ridiculous joke about hacking a bridge i kind of want to hack my microwave because i hate my microwave because like there’s you know how like some microwaves you just click one of the numbers and it’s like oh two two minutes one button this this one i have now does not do that you have to put the regular thing like a savage barbarian. 2-0-0 start.
Jill:
[58:32] Oh, yeah, yeah.
Ryan:
[58:33] Why don’t I just cook it over a campfire or dig a hole in the dirt and just put some coal in there and cover it back up?
Michael:
[58:41] You get it.
Ryan:
[58:42] If I have to push three buttons.
Michael:
[58:45] I literally looked up to see if I could change this. I cannot.
Jill:
[58:49] So sad. You can hack it with a raspberry pie.
Ryan:
[58:51] I’m sure someone in our community will tell you how.
Michael:
[58:54] I would love to know.
Jill:
[58:54] Was it 1, 2, 3, 4, 5?
Ryan:
[58:57] Yeah. You got this, Michael. I want to know. I want an update of how you’ve hacked this thing. There’s got to be something. Even if it’s as dumb as putting a little plastic thing that you glue to the three buttons that you need for two minutes that you push and it just gives you a few minutes. You’ve got to come up with some hack by next week. Even if it’s dumb for how you can make it so you only have to push once.
Michael:
[59:20] So, like, I would have to basically make it where there’s, like, one prong is longer than the other prong. So, it hits it in an order. It’s like boom, boom, boom, boom, boom. Yes.
Ryan:
[59:28] Like something, you know. Or you could electronically hack it or whatever.
Michael:
[59:32] I mean, I sort of, I did a workaround because, like, two minutes.
Ryan:
[59:35] No, no, no. It’s for next week. You shut it. Whatever the trick is, it’s next week.
Jill:
[59:40] Aw.
Ryan:
[59:40] We’ll give it the microwave hack.
Michael:
[59:42] We’re going to save this super important information.
Ryan:
[59:45] If you want to know how to save half a millisecond, you got to tune in next week. Hit that subscribe button, people.
Michael:
[59:53] I retroactive, retro hacked my, or analog hacked my MacBook.
Ryan:
[1:00:00] Still a hack, right.
Jill:
[1:00:02] Jill? Yes, absolutely. It’s like back in the day with DVD players to make them region free so I could play my British DVDs.
Ryan:
[1:00:11] Oh my gosh, Jill, will you please quit telling us about your crimes? All right.
Ryan:
[1:00:16] Thank you to each and every one of you who are supporting us by watching or listening to Destination Linux. However you do it, we love your faces. Come join us on Discord. Go to tuxdigital.com/discord. Our whole community’s there. Talk about all the cool things you hear about the show. And if you want to watch us live, become a patron of Destination Linux.
Michael:
[1:00:36] Yeah. And you go to tuxdigital.com/membership to become a patron. You get those perks, plus also many, many other perks, including unedited versions of the show. And so much more. So, and also the unedited versions usually come out a little early too, but that’s not a guarantee, but probably, but also if you want some merch like this shirt or the shirts that Jill is wearing and nothing that Ryan is picking up right now, actually, that’s a good, he finally picked up something that is relevant to us. Although the sticker, that sticker is not in the store, but tuxdigital.com/store, where you can get a bunch of cool swag, like shirts, hoodies, mugs, stickers, and even more. So tuxdigital.com/store
Jill:
[1:01:17] And make sure to check out all the amazing shows here on Text Digital. That’s right. We have an entire network of awesome shows to fill your whole week with geeky goodness. Head to tuxdigital.com to check them all out.
Michael:
[1:01:29] And everybody, have a great week. And remember, the journey itself is just as important as the destination.
Ryan:
[1:01:39] Man, well, you inflected on those words.
Michael:
[1:01:42] You know?
Ryan:
[1:01:43] I was.
Michael:
[1:01:44] Trying to express it in the most profound way.
Ryan:
[1:01:48] Even though we’ve said this 389 times you know what makes Jill such a great criminal is that when you look at her room you don’t think criminal if a cop walked in there you would never believe she’s like nah not her see she’s trying to change the subject that’s how she gets the cops off her case they bust down her door they know the hacks are coming there and she’s like flashy penguin they’re like nah can’t be her they’re like no it’s not her nah It’s not Jill.
Jill:
[1:02:13] It could be anybody else but not Jill.
Ryan:
[1:02:15] We’re onto you, Jill.
Michael:
[1:02:17] We know your secret.
Ryan:
[1:02:21] See you next week, everyone.
Michael:
[1:02:22] Yeah, see you next week.
Jill:
[1:02:23] Bye, everyone. Love you all.
Ryan:
[1:02:24] Most of you.
My notes regarding the episode:
Apple dropping it’s lawsuit against NSO is unlikely to be because of the claim that the discovery process will let NSO get more technical information - the DL crew is correct to be suspicious of that. It is much more likely that they either figured out they can’t prevail on the merits and are trying to save face, or - I think less likely, but as the DL crew mentioned - because exposing NSO techniques might be a PR disaster for Apple, especially if these techniques are still viable.
Lindroid: saying that you need a rooted device to install it isn’t technically accurate - yes, it currently needs a device with
su
, but the device also need to run a patched AOSP ROM - you can’t just run it on any OEM ROM that had been rooted. They claim that in the future they might offer this capability to rooted OEM ROMs as a Magisk module - but there’s not even a hint of a timeline for that. The Lindroid documentation talks about supposedly offering prebuilt fastboot images of a working AOSP ROM - for specific devices, which would let you just replace your existing system with a Lindroid capable one, and that would not require jailbreaking your Android, just unlocking the bootloader - something that most vendors let you do today without too many hoops, except that you have to format your device and lose all your data. I also couldn’t find where such images can be downloaded from and the lindroid.org site does not appear to be functioning.Continue the discussion at forum.tuxdigital.com