02.02.21

Gemini version available ♊︎

Raspberry Pi (at Least Raspbian GNU/Linux and/or Raspberry Pi Foundation) Appears to Have Been Infiltrated by Microsoft and There Are Severe Consequences

Posted in GNU/Linux, Microsoft, Security at 9:11 am by Dr. Roy Schestowitz

Video download link

Summary: Microsoft entryism (using fake ‘love’ and openwashing tactics) seems to have yielded the worst possible outcome; it now has root-level access, without user consent, into millions of Raspberry Pi devices

SEVERAL years ago the thugs from Microsoft marked the Raspberry Pi Foundation for death or defection, as they had done OLPC a decade earlier.

Raspberry PiMicrosoft is a cult that does not tolerate anything that’s not Microsoft. Those who seriously think that Microsoft “loves Linux” are deeply deluded or bribed/misled by (or like) the Linux Foundation. Microsoft has long faked “love” just to get closer to what it’s trying to destroy (or take over, then destroy).

“Microsoft has, via the package repository, defacto root access.”
      –AnonymousThe video above provides technical and objective truth about claims I received last night. Microsoft is now spying on a lot of Raspberry Pi devices and these devices are happy to push proprietary software for Microsoft.

How did that happen? Why was there no disclosure or warning?

Are you already ‘infected’? Here’s how to check. We’ve reproduced this on two devices so far. The operating system (this might be applicable to more):

$ grep -i pretty /etc/os-release
PRETTY_NAME="Raspbian GNU/Linux 10 (buster)"

How to know if you’re affected/infected already:

$ cat /etc/apt/sources.list.d/vscode.list
### THIS FILE IS AUTOMATICALLY CONFIGURED ###
# You may comment out this entry, but any other modifications may be lost.
deb [arch=amd64,arm64,armhf] http://packages.microsoft.com/repos/code
stable main

We don’t know yet if this affects only Buster-based devices. We need to highlight the issue before this becomes widespread.

Raspberry Pi logo“Just in case the implications were not obvious,” our source noted, “Microsoft servers get pinged with every update. That tells them the quantities and locations of all the world’s networked Raspberry Pi computers running Raspberry Pi OS.”

Here in Techrights we’ve long warned about adding Microsoft to sources (e.g. to install proprietary software like Edge). This isn’t just another company; it’s the company looking to undermine GNU/Linux and it’s also blackmailing the platform using patent lawsuits (yes, still). It loves Windows, not “Linux”.

A poor work-around or fix (to the above):

sudo rm /etc/apt/sources.list.d/vscode.list
sudo touch /etc/apt/sources.list.d/vscode.list
sudo chattr +i /etc/apt/sources.list.d/vscode.list

But why was this added in the first place? “A far as I can tell,” the source said, “the file was injected during an update this weekend, but no package fesses up to having created it.”

sudo dpkg -S /etc/apt/sources.list.d/vscode.list
dpkg-query: no path found matching pattern /etc/apt/sources.list.d/vscode.list

We got the same on two systems now. As the video shows, a system update a week ago did not yield this ‘infection’. So it happened less than a week ago.

“We got the same on two systems now. As the video shows, a system update a week ago did not yield this ‘infection’. So it happened less than a week ago.”“Conclusion,” according to our source, is that “Raspberry Pi Foundation has a quisling somewhere inside.”

“Result,” the source added: “Microsoft has, via the package repository, defacto root access.”

“This is almost certainly a direct reaction to the Raspberry Pi having entered the desktop market with very, very serious models.”

“We need to slaughter Novell before they get stronger….If you’re going to kill someone, there isn’t much reason to get all worked up about it and angry. You just pull the trigger. Any discussions beforehand are a waste of time. We need to smile at Novell while we pull the trigger.”

Former Microsoft VP James Allchin

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

Decor ᶃ Gemini Space

Below is a Web proxy. We recommend getting a Gemini client/browser.

Black/white/grey bullet button This post is also available in Gemini over at this address (requires a Gemini client/browser to open).

Decor ✐ Cross-references

Black/white/grey bullet button Pages that cross-reference this one, if any exist, are listed below or will be listed below over time.

Decor ▢ Respond and Discuss

Black/white/grey bullet button If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

5 Comments

  1. Harald said,

    February 3, 2021 at 4:01 am

    Gravatar

    Not sure what you did, but I can’t reproduce this, maybe it’s your kubic that installs the microsoft repository to use the vc as “default” editor.

  2. SaveDave said,

    February 3, 2021 at 1:20 pm

    Gravatar

    I just updated one of my Pi’s that hadn’t been updated for a little while, based on this article. Watching the update process I saw this snippet:

    Setting up raspberrypi-sys-mods (20210125) …
    Adding vscode repo…
    Setting up raspberrypi-kernel (1.20210108-1) …

    So it appears to be coming from raspberrypi-sys-mods.
    Following that:
    zcat /usr/share/doc/raspberrypi-sys-mods/changelog.gz
    raspberrypi-sys-mods (20210125) buster; urgency=medium

    * Add Microsoft’s VS Code repo on upgrade

    — Serge Schneider Mon, 25 Jan 2021 16:03:24 +0000

    That’s your answer for how it got there, and seemingly who submitted the change. I’m not particularly worried, as Wolfram used to be included… but also easy to remove. I think it is reasonable to be skeptical of the motivations of Microsoft and such. However, it seems like this must be some effort to provide Visual Studio on the Pi. Having a widely used development platform available on the Pi, in an easy manner, seems in line with the mission of the Raspberry Pi team. I would imagine they likely received some funding as well, to make it mutually beneficial. I’d be more worried if they start messing with the kernel or other core packages.

  3. Canta said,

    February 3, 2021 at 8:14 pm

    Gravatar

    > Having a widely used development platform available on the Pi, in an easy manner, seems in line with the mission of the Raspberry Pi team.

    I would concede that, if the common use case for the PI were “desktop replacement”, or even maybe “portable replacement”. We all know that’s hardly the case. And even in that case, VSC would hardly be even a decent choice for the rpi compared to available software like Geany that runs wonderful on a pentium 3 with 512MB of ram.

    This is either Microsoft doing its usual, or another irresponsable and absolutely unnedded trend aligment. Want VSC? Go download it, like you did in your distro or in your non-GNU setup. There’s no need for any forced microsoft repo.

  4. rdt said,

    February 4, 2021 at 8:50 am

    Gravatar

    Replacing vscode.list by a dummy immutable file seems like an over-reaction. A “quisling” at raspberrypi isn’t responsible, it’s the executive board. And if you don’t want a microsoft repository as a source, just remove the file or comment out the relevant line.

  5. Canta said,

    February 4, 2021 at 1:08 pm

    Gravatar

    > And if you don’t want a microsoft repository as a source, just remove the file or comment out the relevant line.

    No, rdt: when people like me don’t want something from Microsoft, we come to the GNU/Linux ecosystem. It’s part of our history and our culture. Our reactions come from that, not from “technical differences”.

DecorWhat Else is New

  1. Heads of Patent Offices Are Immune to Coronavirus

    The overconfident chiefs of the U.S. Patent and Trademark Office (USPTO) and EPO might love speaking about COVID-19 (in relation to patents), but they do not take it seriously themselves

  2. Links 26/05/2022: Plex Finally on GNU/Linux

    Links for the day

  3. The General Consultative Committee of the EPO Exposes a Disaster and a Lack of Genuine Dialogue

    The General Consultative Committee (GCC) at the EPO deals with unlawful proposals from António Campinos (he’s happy to violate laws, constitutions, protocols, conventions, just like Benoît Battistelli did) and once again the abuses by managers is covered up; it’s as if the Office is run by unaccountable gangsters who arrogantly curse at everyone whilst insisting they’re the nicest people ever

  4. The Latest Letter to Josef Kratochvìl and the Heads of Delegation of the Administrative Council of the European Patent Organisation

    A week-old letter from the Central Staff Committee (CSC) to the Administrative Council of the European Patent Organisation highlights the nature of a crisis; there's no genuine dialogue and staff of the EPO (i.e. the scientists who do all the actual work) is constantly under attack

  5. [Meme] The Recordings Must Have Accidentally Been Lost While Breaking the Rules

    The EPO‘s “nicest” chief, Monopoly Tony, won’t even mention the recordings…

  6. Links 25/05/2022: ‘V Rising’ on GNU/Linux and Pearl Linux OS 11

    Links for the day

  7. Links 25/05/2022: Librem Tries Another Approach

    Links for the day

  8. IRC Proceedings: Tuesday, May 24, 2022

    IRC logs for Tuesday, May 24, 2022

  9. Links 24/05/2022: nginx-1.22.0 and WordPress 6.0

    Links for the day

  10. [Meme] Divine Protection

    You won’t find Monopoly Tony (António Campinos) wearing a mask at the EPO because the rules of the Office do not apply to him

  11. António Campinos and the Alicante Clique (EPO Management, Appointed Based on Nepotism Despite Lack of Qualifications) Nowadays Exploiting Kids for PR Charades

    The sick old habit of exploiting kids for Public Relations (PR) and marketing purposes is all too common at the EPO (they’re constantly exploiting “the children” to associate criticism of the EPO with demeaning the young and innocent), but the management — which enjoys nepotism and immunity rather than relevant skills — carries on today and it’s being called “inaugural”

  12. [Meme] Snake on a Plane

    The EPO‘s President ‘Monopoly Tony’ (António Campinos), whom you never see wearing a mask (none of the photo ops; he does not even socially distance himself from peers, he wears sneakers instead of masks) during the height of a pandemic, is the "f***ing president"; don’t tell him to wear one…

  13. Microsoft GitHub Exposé — Part XX — Entering Phase II

    We're about to resume the long-running series about the sick clique which ran GitHub until the assault on women became too much of a liability (among other wrongdoings and PR blunders)

  14. Links 24/05/2022: Fedora 37 Test Days and Tor Browser 11.0.13

    Links for the day

  15. Microsoft Vidal, as USPTO Director, Already Plays 'Political Cards' to Disguise and Deflect Away From the Corporate Agenda

    Microsoft Vidal, another corporate pawn in charge of the world’s most dangerous patent system, is using soft-spoken defle

  16. Links 24/05/2022: WAL-G 2.0

    Links for the day

  17. IRC Proceedings: Monday, May 23, 2022

    IRC logs for Monday, May 23, 2022

  18. Unethical Advertising, Published as So-called 'Articles', in CNX Software

    As we noted earlier this year, the CNX team is looking for money in the wrong places

  19. Links 23/05/2022: Broadcom to Buy VMware?

    Links for the day

  20. LibreOffice Conference 2022, As Before, Puts the Keynotes on Sale (the Rich Buy Influence, the Price Doubles)

    Discrimination against the community; talks and mentions are based on money, not merit ($2000 has become $4000 in just one year)

  21. Links 23/05/2022: Kdenlive 22.04.1 and New Alpine Linux Released

    Links for the day

  22. António Campinos Promotes Software Patents Using Buzzwords and Sketchy Loopholes With Dubious Legal Basis

    ‘Monopoly Tony’ (António Campinos) is shamelessly manipulating EPO processes at both ends (sender and receiver) to facilitate the illegal granting of invalid European software patents; we’re meant to think this former EU official and imposter (banker) is some guru in the sciences because he reads a lousy speech crafted for him with lots of meaningless buzzwords peppered all over it (he’s not good at reading it, either)

  23. [Meme] Jorgotta Be Kidding Us, Campinos!

    Monopoly Tony (António Campinos) runs the EPO by attacking the very legal basis of the EPO’s existence

  24. Unified Patent Court (UPC) Relies Too Much on Lies and Mischief Without Any Basis in Law

    Today’s video runs through the typical (weekly) lies from Team UPC — lies that are very easy to debunk; Team UPC not only drafted the thing but also looks to profit from it while misleading politicians and bribing publishers to spread intentionally misleading statements (lies)

  25. IRC Proceedings: Sunday, May 22, 2022

    IRC logs for Sunday, May 22, 2022

  26. Links 23/05/2022: Fedora 36 Reviewed

    Links for the day

  27. [Meme] It's My Working Party... And I'll Cry If I Want to!

    EPO President António Campinos is still not being held accountable for his Code of Conduct violations

  28. Links 22/05/2022: The 5.18 Kernel is Out

    Links for the day

  29. Gemini is Bigger Than Most People Care to Realise

    Geminispace has gotten to the point where it's too computationally expensive (or outright pricey) to study, let alone keep abreast of, Gemini capsules or the domain space as a whole

  30. Links 22/05/2022: Rock64 and Peppermint OS Release

    Links for the day

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts