Author's Opinion

The views in this column are those of the author and do not necessarily reflect the views of iTWire.

Have your say and comment below.

Wednesday, 28 February 2018 10:46

Uh, oh! Linux confuses Bleeping Computer again


The tech website Bleeping Computer, which carries news about security and malware, has once again demonstrated that when it comes to Linux, its understanding of security is somewhat lacking.

What makes the current case surprising is the fact that the so-called security issue which the website chose to write about had already been ripped to pieces by senior tech writer Stephen Vaughan-Nicholls four days earlier.

Called Chaos, the vulnerability was touted by a firm known as GoSecure as one that would allow a backdoor into Linux servers through SSH.

In a withering critique, Vaughan-Nicholls pointed out that it was just another case of trying to guess SSH credentials through brute force and hence had everything to do with weak passwords and little or nothing to do with either Linux or SSH.

He also demolished all the other claims made by GoSecure, pointing out that the port which was claimed to be opened by Chaos was TCP port 8338. But to open a raw TCP socket as GoSecure claimed, Vaughan-Nicholls pointed out that one needed root access.

Which called for using two weak passwords on a single system, meaning that the admin would have to be an A-grade n00b.

Yet, four days later Bleeping Computer's Catalin Cimpanu wrote a piece titled "Improperly Secured Linux Servers Targeted with Chaos Backdoor."

Amazingly, he acknowledged Vaughan-Nicholls article – and then proceeded to treat the claims about Chaos with all the seriousness they did not deserve!

What should have given the whole game away was the fact that GoSecure's Sebastian Feldmann, who wrote about Chaos, said that he had been unable to find any documentation about the technical details of "this backdoor". Perhaps this was because any serious researcher would have realised that there was no threat posed by Chaos, except to servers run by n00bs.

GoSecure itself pointed out that though the Chaos code in question had been around for five years, less than 150 servers had been compromised through its use.

Why write about it then? One can only theorise that the combination of Linux and backdoors/malware/ransomware in a headline serves as clickbait. Bleeping Computer has form in this regard, as iTWire pointed out in September 2016.

As Vaughan-Nicholls wrote: "...the real moral of the story isn't that there's a bad new Linux security problem. There's not. It's that, for the millionth time, if you lock your systems down with good passwords, you can avoid a lot of really stupid security problems."


You cannot afford to miss this Dell Webinar.

With Windows 7 support ending 14th January 2020, its time to start looking at your options.

This can have significant impacts on your organisation but also presents organisations with an opportunity to fundamentally rethink the way users work.

The Details

When: Thursday, September 26, 2019
Presenter: Dell Technologies
Location: Your Computer


QLD, VIC, NSW, ACT & TAS: 11:00 am
SA, NT: 10:30 am
WA: 9:00 am NZ: 1:00 pm

Register and find out all the details you need to know below.



iTWire can help you promote your company, services, and products.


Advertise on the iTWire News Site / Website

Advertise in the iTWire UPDATE / Newsletter

Promote your message via iTWire Sponsored Content/News

Guest Opinion for Home Page exposure

Contact Andrew on 0412 390 000 or email [email protected]


Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.



Recent Comments