GBHackers On Security is Trash and It Should Probably Be Ignored (It Trash-talks Linux and SSH Based on Nothing at All)

posted by Roy Schestowitz on Dec 27, 2023,
updated Dec 27, 2023

Dialing up the Fear, Uncertainty, Doubt (FUD)

THE Web site called "Hacker News" (no, not that censorious hub but the so-called 'news' site) is pure trash, just like "LinuxSecurity", which has just advertised itself [1] and is habitually spewing anti-Linux messages, even when totally misplacing the blame. A lot of so-called 'security' 'news' sites are like this and it's because they're run by nontechnical or barely technical people who try to sell something.

Consider this new example [2] from "GBHackers On Security". It gives readers the false impression there is something inherently wrong with SSH because hostile, unauthorised people can gain SSH access if they get a username/password combination some other way and it is also the fault of Linux... somehow.

Some basic research might say something like (maybe as a headline): "Compromised passwords used to access servers remotely" (do keep your passwords safe or use key-based login/s).

I used to think (or simply assume) "GB" in the site's name indicated British-ness but judging by the names in the site (never mind the sensationalism like pictures of evil aliens) it is probably Indian, just like "Hacker News". The above is by Tushar Subhra Dutta. They basically produce a high volume of low-quality, false, sensationalist junk. And no, it's not racist to point this out; my Indian friends say there's this notoriety in English-speaking sites run by Indians. A lot of SEO, chatbots etc.

Earlier this year Techrights covered many similar examples of SSH FUD (e.g. [1, 2]) - typically blaming some weak passwords like "helloworld" on SSH rather than the true culprits. Bad passwords can be taken advantage of in parallel dictionary-based attacks. Instead of focusing on one potentially well-protected server you knock on about a millions servers serially until some very common password is found to be used over port 22 (or similar).

Patched GNU/Linux is secure. OpenSSH is very secure and very selective in what new code it introduces. █

_______

1. LinuxSecurity Offers Vital Insights On Automated Linux Patch Management & Improved Security [Ed: They also spread Linux-hostile FUD in their site]

2. Hackers Attacking Linux SSH Servers to Deploy Scanner Malware [Ed: The issue here is neither Linux nor SSH. The article itself admits it's "stolen SSH credentials." An easy way to steal SSH credentials is to look for SSH users on Windows, which has back doors and ample attack surface.]

   Threat actors deploy malware on Linux servers after logging in with stolen SSH credentials.