Snaps Were Never Good at Security, But the Media Coverage is Just Appalling

posted by Roy Schestowitz on Oct 01, 2023

THE "sky is falling" alarmists are at it again because we're meant to think that Snaps are Linux and Linux is Snaps. OMG Ubuntu wrote a couple of posts about it [1]. Clickbait from Brian Fagioli [2] and Phoronix [3] came as well. Imagine LWN saying that Exim is Linux and Linux is Exim [4]. Instead, it places attribution correctly.

The real issue or the elephant in the room should be Windows. There's a lot of cybercrime [5] taking advantage of Windows problems and causing real fiascos [6,7], not theoretical ones.

The media should focus on culling Windows, not making a huge fuss over minor things wrongly attributed to "Linux". █

Related/contextual items from the news:

1. Snap Store Restricts Uploads Following Possible Security Issue

   Canonical is enacting manual reviews for all newly registered uploads to its Snap Store following what it describes as a ‘potential security incident’. It’s responding to reports that a number of recently published crypto-related snaps were acting in malicious manner (the apps in question have since been pulled and are no longer available to install). Now, this sounds dodgy – as any security incident might.

2. Linux users at risk? Canonical uncovers possible security issue in Snap Store! [Ed: Clickbait from Brian Fagioli]

   When it comes to Linux-based operating systems, users don’t have to worry about security, right? Umm, no. Linux distributions are not infallible. For instance, according to a forum post, Canonical's Snap Store recently hit a big security snag when users discovered some new snaps that might contain harmful code. This scary moment shows how even trusted places like app stores can have problems that could hurt users.

   Reacting quickly, the Snap Store team removed these bad snaps from the platform, making sure no one else could find or install them. But they didn't stop there.

3. Canonical's Snap Store Hit By Malicious Apps

   Stemming from reports of several fake crypto apps appearing in Canonical's Snap Store that aimed to steal user funds, temporary restrictions have been put in place while Canonical investigates the security matter...

4. Multiple Exim security vulnerabilities disclosed

   The "Zero Day Initiative" site has posted a number of advisories (1, 2, 3, 4, 5, 6) describing a number of flaws in the Exim mail server, some of which are exploitable remotely. These problems, allegedly, were first reported to the project in June 2022, well over one year ago. There is some disagreement over the timing of events, with Exim developer Heiko Schlittermann claiming that no actual information was received until last May, and an anonymous ZDI representative disputing that story.

5. A Closer Look at the Snatch Data Ransom Group

   Earlier this week, KrebsOnSecurity revealed that the darknet website for the Snatch ransomware group was leaking data about its users and the crime gang's internal operations. Today, we'll take a closer look at the history of Snatch, its alleged founder, and their claims that everyone has confused them with a different, older ransomware group by the same name.

6. More than 3.8 billion records exposed in DarkBeam data leak

   More than 3.8 billion records have been exposed after digital protection firm DarkBeam left an interface containing the exposed records unprotected.

   The leak was discovered on September 18 by CEO of cyber security news site SecurityDiscovery, Bob Diachenko, who alerted DarkBeam to the leak. The digital protection firm immediately addressed the vulnerability and closed the leak after being alerted to the fact.

7. Building automation giant Johnson Controls hit by ransomware attack

   Johnson Controls International has suffered what is described as a massive ransomware attack that encrypted many of the company devices, including VMware ESXi s […]

   Yesterday, a source told BleepingComputer that Johnson Controls suffered a ransomware attack after initially being breached at its Asia offices.

   BleepingComputer has since learned that the company suffered a cyberattack over the weekend that caused the company to shut down portions of its IT systems.