Where with my "Attacked, Konqueror went beserk" video?
Page 1 of 1 (5 posts)
Tags:
None
Registered Member 
|
I didn't meddle, as I wouldn't anyway be able to meddle (not a programmer, intermediate user only).
This video shows how my system was under attack: http://vimeo.com/33561248 I actually studied hard various security related issues for weeks afterwards, and hopefully solved my systems' vulnerabilities by hardening my Gentoo installations. But that did happen. And I thought it was honest to report it in KDE forums. My systems are growing increasingly out of date. I am not using mainstream KDE installations anymore, but openbox/slim based installation, as Gentoo is an awful lot of compilation and my systems are some six yrs old based tech. But I do keep and use various KDE programs, notably I never would like, nor could I do it easily (like old dogs and new tricks as the saying goes, right?), notably I wouldn't like to have to move away from using Konsole, the queen of all the Gnu Linux X-Windows console applications! So... in hindsight, where do I post this question on my attacker exploring Konqueror vulnerabilities, exaclty? Or, if some admin thinks a better section then this one applies for it, she/he can move it right into that more appropriate section. So, which Konqueror vulnerabilities did my attacker make use of here?
Last edited by MRovis on Wed Dec 14, 2011 3:44 pm, edited 1 time in total.
|
Manager
|
How about being a bit more specific about your KDE version?
Running Kubuntu 22.10 with Plasma 5.26.3, Frameworks 5.100.0, Qt 5.15.6, kernel 5.19.0-23 on Ryzen 5 4600H, AMD Renoir, X11
FWIW: it's always useful to state the exact Plasma version (+ distribution) when asking questions, makes it easier to help ... |
|
Registered Member
|
Sorry, I should've figured out that was necessary. My Gentoo is recently all up to date, testing version (with ACCEPT_KEYWORDS="~amd64" in /etc/make.conf). But that video was taken before I took refuge with hardened Gentoo (grsecurity/pax based). It is not the case anymore, all those popping windows. My konqueror is now normal. Yes, it is. I just rechecked. That video I made back on the day 2011-09-04, I was able to check now, because I make my screencast something like this:
and it had, before I "bloated" it (in the positive way, to make it nearly HD resolution for easier viewing, original reso being miserable... only 640x480 and vimeo maybe would reduce it further, Youtube would...)... And, I was saying, before I "enlarged" it, it had: "110904" for 2011-09-04, in the name... Current kde in my system: Uuhrgh... That may even not be helpful.. But that is what there is now, after the event...
I could go and search if I may be able to find what I had of kde installed back at and around the time of the event. I *may* be able to find those versions... I sure wish I reported Konqueror going beserk earlier... But... Back then I was certain that I was under attack, and so I am now that I that which can be seen in the video was an attack... And I was confident that I needed something, and grsecurity/pax would was what I found did the protection... So I think... I am hopeful that my report is still helpful in the way of improving things. I really was very concerned to firstly protect my system, and studied really hard... Take a look how it did take me loooonngg occasionally: https://forums.gentoo.org/viewtopic-t-903218-highlight-.html Dear Mamarok, thanks for your insight! I'm not so much into music, but I did use Amarok earlier. This I snipped too much in the # emerge -s kde above. And it is the program that I use almost all of the time in my systems, and I'd like to thank here the developers for the magic of it:
|
|
Registered Member
|
It's a parallel discussion on Gentoo Forums. Not really cross posting. No same texts!
I thought it would be honest to let you people from KDE know. http://forums.gentoo.org/viewtopic-p-69 ... ight-.html (already went to sleep. but then I thought, if I get to read more replies, I gotta give sufficient info, up to what my abilities and capabilities permit me). Thanks! |
|
Registered Member
|
Here is more.
And it is brand new video. Just happened (plus the time to add my voiceover, and wait inline for vimeo to allow it on). http://vimeo.com/34150417 I suppose someone is misusing some imperfections in the Konqueror code to make some unwelcome fun, or to some other effect, but I cannot tell. Here is the version:
Any more info on this issue? I don't guess it's common to have this nuissance. As I say in the video, I didn't have anything to do with it, other than passively diagnosing the malaise. I don't even remotely have the knowledge to do this, and neither to figure out what it is and how to deal with it. I repeat, it didn't happen back with Konqueror 4.7.3 But, I suppose (I do not claim), because my attacker couldn't do it at the time, almost 10 days ago, IIRC. Thanks if anyone introduce a little more light in this matter. |
Page 1 of 1 (5 posts)
Bookmarks
Who is online
Registered users: bancha, Bing [Bot], Evergrowing, Google [Bot], lockheed, mesutakcan
