Further to the ignoble saga of Anonymosus-OS, an Ubuntu variant targeted as people who want to participate in Anonymous actions: Sean Gallagher has done the legwork to compare the checksums of the packages included in the OS with their canonical versions and has found a long list of files that have been modified. Some of these (“usr/share/gnome/help/tomboy/eu/figures/tomboy-pinup.png: FAILED”) are vanishingly unlikely to be malware, while others (“usr/share/ubiquity/apt-setup”) are more alarming.
None of this is conclusive proof of malware in the OS, but it is further reason not to trust it — if you’re going to produce this kind of project and modify the packages so that they don’t check, you really should document the alterations you’ve made.
all.md5 > /dev/shm/check.txt
md5sum: WARNING: 143 of 95805 computed checksums did NOT match
anonymous@anonymous:/$ grep -v ‘: OK$’ /dev/shm/check.txt
usr/share/locale-langpack/en_AU/LC_MESSAGES/subversion.mo: FAILED
usr/share/locale-langpack/en_GB/LC_MESSAGES/gbrainy.mo: FAILED
usr/share/applications/language-selector.desktop: FAILED
usr/share/locale-langpack/en_GB/LC_MESSAGES/file-roller.mo: FAILED
usr/share/locale-langpack/en_CA/LC_MESSAGES/metacity.mo: FAILED
usr/share/locale-langpack/en_GB/LC_MESSAGES/jockey.mo: FAILED
usr/share/locale-langpack/en_AU/LC_MESSAGES/lightdm.mo: FAILED
usr/share/doc/libxcb-render0/changelog.Debian.gz: FAILED…
The bad checksums in Anonymous-OS
(Thanks, Sean!)