Language Selection

English French German Italian Portuguese Spanish

How I used eog utility to pull off a small Linux exploit

Back in 2012, after my article on Linux ELF Virus was published in Linux Journal, I was curious to come up with a trigger point for this virus. I mean what would compel a Linux user to execute it for the very first time? I thought about it many times but could not come up with something in a working state.

Cut to the present times – Last Friday, when I was coming back from my office through office bus, I was indulged in some technical talk with a guy who works on encoders and decoders for various media file formats. Suddenly the same thought struck in my mind and I asked him whether it is possible for him to come up with a situation where a Linux user clicks on an image file, the image gets displayed but a notorious code gets executed in the back end?

rest here




More in Tux Machines

FOSS in Education

  • Open source is now ready to compete with Mathematica for use in the classroom
    When I think about what makes SageMath different, one of the most fundamental things is that it was created by people who use it every day. It was created by people doing research math, by people teaching math at universities, and by computer programmers and engineers using it for research. It was created by people who really understand computational problems because we live them. We understand the needs of math research, teaching courses, and managing an open source project that users can contribute to and customize to work for their own unique needs.
  • The scarcity of college graduates with FOSS experience
    In the education track at SCALE 14x in Pasadena, Gina Likins spoke about the surprisingly difficult task of getting information about open-source development practices into undergraduate college classrooms. That scarcity makes it hard to find new college graduates who have experience with open source. Although the conventional wisdom is that open source "is everywhere," the college computer-science (CS) or software-engineering (SE) classroom has proven to be a tough nut to crack—and may remain so for quite some time. Likins works on Red Hat's University Outreach team—a group that does not do recruiting, she emphasized. Rather, the team travels to campuses around the United States and engages with teachers, administrators, and students about open source in the classroom. The surprise is how little open source one finds, at least in CS and SE degrees. Employers expect graduates to be familiar with open-source projects and tools (e.g., using Git, bug trackers, and so forth), she said, and incoming students report expecting to find it in the curriculum, but it remains a rarity.
  • A Selection of Talks from FOSDEM 2016
    It's that time of the year where I go to FOSDEM (Free and Open Source Software Developers' European Meeting). The keynotes and the maintracks are very good, with good presentations and contents.

Leftovers: Ubuntu and Debian

  • Ubuntu Studio 16.04 Wallpaper Contest
    This poll is for the selection of 16 desktop wallpapers for Ubuntu Studio 16.04.
  • Debian LTS Work January 2016
    This was my ninth month as a Freexian sponsored LTS contributor. I was assigned 8 hours for the month of January. My time this month was spent preparing updates for clamav and the associated libclamunrar for squeeze and wheezy. For wheezy, I’ve only helped a little, mostly I worked on squeeze.
  • Welcome to Parsix GNU/Linux 8.5r0 Release Notes
    Parsix GNU/Linux is a live and installation DVD based on Debian. Our goal is to provide a ready to use and easy to install desktop and laptop optimized operating system based on Debian's stable branch and the latest stable release of GNOME desktop environment. Users can easily install extra software packages from Parsix APT repositories. Our annual release cycle consists of two major and four minor versions. We have our own software repositories and build servers to build and provide all the necessary updates and missing features in Debian stable branch.

Raspberry Pi/Devices

  • Another new Raspbian release
  • How do geeks control their lights?
    We made this setup to test our capabilities to control Arduino with Raspberry Pi in our upcoming big project. We did not have spare keyboard and screen for RPi, so we ended up ssh-ing into the Pi via Wi-Fi router.
  • How To Start A Pirate FM Radio Station Using Your Raspberry Pi
    Continuing our Raspberry DIY series, we are here with a simple tutorial that tells you how to start your own pirate FM station using Raspberry Pi. Take a look and broadcast your tunes — anytime, anywhere.
  • Tizen 3.0 on the Raspberry Pi 2
    The Samsung Open Source Group is currently in the process of porting Tizen 3.0 to the Raspberry Pi 2 (RPi2). Our goal is to create a device capable of running a fully-functional Tizen 3.0 operating system, and we chose the RPi2 because it is the most popular single-board computer with more than 5 million sold. There are numerous Linux Distributions that run on the RPi2 including Raspbian, Pidora, Ubuntu, OSMC, and OpenElec , and we will add Tizen to this lineup. We face a number of obstacles in accomplishing this, but we hope this will serve as a model for bringing Tizen to a broader range of hardware platforms.
  • Embedded 14nm Atom x5-E8000 debuts on Congatec boards
    Intel released several new 14nm Atom SoCs, including an embedded, quad-core x5-E8000 part with 5W TDP, now available in four Congatec boards. Intel released the Atom x5-E8000, the first truly embedded system-on-chip using its 14nm Airmont architecture. Airmont is also the design that fuels Intel’s Celeron N3000 “Braswell” SoCs and its mobile-focused Atom x5 and x7 Z8000 “Cherry Trail” SoCs. The x5-E8000 is the heir to the 22nm Bay Trail generation Atom E3800 family.

Android Leftovers