[unisog] Fake Redhat update

Peter Van Epp vanepp at sfu.ca
Wed Nov 24 05:06:00 GMT 2004


	I have some sympathy for our user, it did say "get this from this 
mirror site" which is somewhat plausable (I did after the fact point out that
checking the MD5s from the real RedHat site is a real good bet in future :-)).
And RedHat is distributing via BitTorrent (from suspect cable modems all over
the world according to argus :-)) so odd sites wouldn't necessarilly raise an
alarm in a RedHat user's mind (why they would trust random cablemodem users
to be giving back unaltered files eludes me, but perhaps I'm overly paranoid).

Peter Van Epp / Operations and Technical Support 
Simon Fraser University, Burnaby, B.C. Canada


On Tue, Nov 23, 2004 at 09:20:09AM +0000, STeve Andre' wrote:
> The only defense for this is to teach people a little paranoid, and to
> repeatedly pound into them the fact that *any* "notice" to do something
> to their computer other than through official channels is bad.
> 
> But doesn't common sense ever come into play here?  The url isn't from
> a company.  I would hope that most folks would key on that, but likely
> not...
> 
> Educating your users, over and over again seems to be the only way
> to deal with this.  Thats what I do.
> 
> --STeve Andre'
> MSU Dept. of Political Science
> andres at msu.edu
> 



More information about the unisog mailing list