Information Technology, Thank You Sir May I Have Another

A Fedora 33 Virus?

Several weeks ago Google started popping up their “we’ve noticed suspicious activity” screen and making me respond to a Captcha any time I used them to search something. I try to use Google as little as possible because nobody should be allowed to collect that much information about anyone. Sometimes, when all my other search engines fail I have to go there.

This finally became too annoying. The Google screen also said it through one or more machines on my network were infected. I ran full Norton scans on the Windows machines. Not just a quick scan, full disk scans. I ran whatever flavor of ClamAV each distro had in their repos on all of the Linux machines.

Found on Fedora 33

KlamAV was unable to quarantine. Most likely because I ran as a mere mortal. I opened a terminal, changed to the directory and nuked those two files then rebooted. Google has stopped complaining.

The Weird Part of Fedora Machine Virus

BOINC rack

What’s weird is that machine has been sitting over in the BOINC rack for quite a while. I will use it to look up a part if we are working on something for the shop. I did use it to create the RPM package for my fork of Diamond. That’s kind of it though. I even did most of the editing for the scripts and stuff on my main computer and just walked over to this one to test after pulling from Git again.

Why? Because I have to either stand or sit on a bar stool the entire time. I’m not twenty-something anymore so that bothers my back after a while. When I was jumping through the hoops to write this and most of my other Fedora posts they were mostly stand-up tasks.

My Fedora box was the only machine Clam squawked about. After I deleted those files from the command line and rebooted, Google stopped bitching.

Update: 2021-02-28

It’s now been more than two days. I went from every machine on the network getting a captcha request from Google for every Google search no matter what OS, browser, and adblocker they were using to every machine able to do a Google search.

The Fedora community has been both unfriendly and unhelpful. The mere mention of their beloved OS possibly having a virus has them racing to flag all posts as “unacceptable.” Even went so far as to mark the problem solved while making jokes about wearing masks and washing hands. The problem isn’t “solved.”

I’ve worked with some real assholes in my life. The joking about computer viruses and wearing masks was the last straw. The entire Fedora community sounds just like Donald Trump. Deny, deny, deny, deny.

See no Evil, hear no evil, speak no evil

Linux is not immune to viruses. It is less prone. Yes, I lump most forms of malware, including “bots” into “virus” when speaking. Code you didn’t want or knowingly install doing evil things on/with your computer. Bots get used for all sorts of activities, the most publicly known of which is probably DDoS attacks. Thousands or millions of infected machines all hitting the same Web site or IP address repeatedly at the same time.

These attitudes are really shocking. The Unix/Linux world has a looooong history of being penetrated. For decades I heard/read hackers chanting the mantra “If it has a Guest account I’m God!” The Unix/Linux community went into Donald Trump mode.

Fedora Community Response to Viruses

Guess what? The world was finally told one of the ways they did it. Shellshock was a Bash shell bug they were exploiting for over 25 years.

Assholes Joking About Masks and Washing Hands

A good friend and former co-worker has buried two brothers, two sisters, and an aunt. They were all grown adults living in their own places, most in different states. I buried my own father in October after being locked out of the nursing home due to justifiable pandemic restrictions for most of the last year of his life.

You’re just a (&)(*&()*ing asshole when you won’t wear a mask or wash your hands.

The English language doesn’t have a word to describe joking about it in a support forum.

Given the Fedora Community Response

Given the Fedora community response, I will never trust a RedHat based distro. I will also never professionally recommend a RedHat based distro. Linux is not immune, it does get targeted.

BillGates malware

Y’all need to be installing and running antivirus.

March 10, 2021 update

Since nuking those files I’ve re-installed Mozilla Firefox on all machines, set privacy/security to highest settings, and installed a different adblocker on Firefox. A great many were trying to point the finger at Firefox blocking all tracking information as to the reason Google was spitting up those screens.

I’m still writing, still looking things up, and still not getting those Google “suspicious activity” screens. Yes, Firefox is my default browser again.

I wiped that machine and installed MX Linux on it. If I need to build more RPMs with Fedora it will be from a VM that lives only long enough to create the package then gets deleted. Simply can’t trust the distro given the community response.