Are you a user of NoiseTorch? It's a popular way of getting some pretty great noise suppression on your microphone, to keep out all that background noise or a hammer hitting your desk. Sadly, the developer had a machine compromised.
The developer announced on the GitHub page that a system that held some of their private keys was compromised, giving attackers the ability to mess with the code. For that reason, they're suggesting people to not trust the builds and they think the source code could be compromised too.
Such a shame for such a great app that I've used previously. However, it appears the community is coming together to review the code in an attempt to help save the project.
Alternatives exist for those of you still needing some right now like EasyEffects and Cadmus.
Hopefully they will be able to salvage the project and ensure no harm was done.
Article taken from GamingOnLinux.com.
Some you may have missed, popular articles from the last month:
The comments on this article are closed.
All posts need to follow our rules. For users logged in: please hit the Report Flag icon on any post that breaks the rules or contains illegal / harmful content. Guest readers can email us for any issues.
16 comments
slaapliedje May 19, 2022
That is a weird, random one to target. This day and age it is no longer paranoia, someone is out to hack you.
1 Likes, Who?
Seem to me the alternatives are breaking on me lol. It's a no go for me for now. Updated EasyEffects seem to work even better.
Last edited by Lomkey on 19 May 2022 at 2:34 pm UTC
Last edited by Lomkey on 19 May 2022 at 2:34 pm UTC
1 Likes, Who?
That is a weird, random one to target. This day and age it is no longer paranoia, someone is out to hack you.
Why should this have been a deliberate and targeted attack? I suppose pretty much everyone (more so on Windows machines) can catch malware and become therefore compromised.
0 Likes
Ohh sad. I have been using this for a long time and it's been amazing tool to clean up all the background noise. I think i will still keep using the build i have, cause other similar programs never worked great for me.
1 Likes, Who?
That is a weird, random one to target. This day and age it is no longer paranoia, someone is out to hack you.
Why should this have been a deliberate and targeted attack? I suppose pretty much everyone (more so on Windows machines) can catch malware and become therefore compromised.
conversely this is a 'go between' microphone application so it actually fits the MO of a hacker or organization to target such a thing.
Why are Dev's still using Windows when they are developing cross platform applications ? At least use a Mac and reduce the vector of attack. It just seems dumb at this point not to use something other than Windows when it is such a well known OS for vulnerabilities (or should that be POS)
idk im pretty biased towards Linux lol. Linux is the Swiss army knife of computing .. windows is the Swiss cheese of it.
4 Likes, Who?
slaapliedje May 19, 2022
That is a weird, random one to target. This day and age it is no longer paranoia, someone is out to hack you.
Why should this have been a deliberate and targeted attack? I suppose pretty much everyone (more so on Windows machines) can catch malware and become therefore compromised.
Well, unless malware now is scanning systems for github keys? Not saying they aren't, but kind of sounds like at least a targeted attack toward people who host projects on github.
0 Likes
Mountain Man May 19, 2022
Why are Dev's still using Windows when they are developing cross platform applications ? At least use a Mac and reduce the vector of attack.According to some sources, MacOS is even less secure than Windows.
Last edited by Mountain Man on 19 May 2022 at 7:45 pm UTC
0 Likes
slaapliedje May 20, 2022
Why are Dev's still using Windows when they are developing cross platform applications ? At least use a Mac and reduce the vector of attack.According to some sources, MacOS is even less secure than Windows.
Ha, but but, it has a thing that complains whenever I try something outside of the app store!! Which then you just hold down control and say 'open it anyway.'
Yeah I'm not impressed with macOS' security. Though I do have an annoying story. Paragon, who makes a lovely NTFS driver and Ext3/4 driver for macOS, clearly says they support the M1 macs. But you have to disable the security on it to have it installed. I went through the whole process and managed to write to an ext4 SD card... but then applications simply wouldn't launch. They were random ones too.... had to remove the 40 dollar software...
1 Likes, Who?
This is screwed, hope there is a way to fix this.
It's the only program that works good enough for me and I NEED it
It's the only program that works good enough for me and I NEED it
0 Likes
Stolen private keys... So, if they were password protected, that would buy you time to make a new private key and revoke the old ones.
0 Likes
slaapliedje May 22, 2022
This is screwed, hope there is a way to fix this.Looks like Garuda Linux installs it by default. That's even more crappy.
It's the only program that works good enough for me and I NEED it
Edit: is it still using Python2?
(5/9) Orphaned package notification...
ananicy-cpp 1.0.0.rc6-1.1
cmake 3.23.1-1
go 2:1.18.2-1
hdparm 9.63-2
irqbalance 1.8.0-2
preload 0.6.4-7
python2-gobject 3.36.1-5
python2-numpy 1.16.6-2
python2-wxpython3 3.0.2.0-3
Last edited by slaapliedje on 22 May 2022 at 5:32 pm UTC
0 Likes
Stolen private keys... So, if they were password protected, that would buy you time to make a new private key and revoke the old ones.Unless, keylogger on the system?
0 Likes
slaapliedje May 23, 2022
Stolen private keys... So, if they were password protected, that would buy you time to make a new private key and revoke the old ones.Unless, keylogger on the system?
ha, Private Keylogger...
It's kind of shit. I've said in the past at some point that a computer that isn't connected to the internet is practically useless these days. But now it's gotten so bad that a computer connected to the internet is likely compromised in some way... Granted with how computers are, generally speaking the weakest link is the human at the keyboard. Guess this is why I kind of like old platforms like the Atari 8bit computers, and then slapping a FujiNet on them for internet access. Can someone hack it? Sure! But who is going to target such a thing? Also, they have a Mastadon client now.
0 Likes
I'm kinda bummed out by the author's refusal to explain what happened and why the project was killed. Someone even posted an issue on Github asking what happened and the author just replied to not use that repo or any fork, without saying why. Some of us are developers and would really like to know instead of being told what to do. Luckily this post sheds some light on it, thanks for this
1 Likes, Who?
catbox_fugue Jun 6, 2022
https://github.com/noisetorch/NoiseTorch
while they released a new version
im still highly skeptical
on high alert
especially since lawl said himself not to trust any forks.
i use an older version of noisetorch i self compiled back in december.
no reason to update and build. sometimes honestly question if i need it anymore and should i find alternatives...
it will take a lot of trust to recover this kind of disaster in the community.
while they released a new version
im still highly skeptical
on high alert
especially since lawl said himself not to trust any forks.
i use an older version of noisetorch i self compiled back in december.
no reason to update and build. sometimes honestly question if i need it anymore and should i find alternatives...
it will take a lot of trust to recover this kind of disaster in the community.
0 Likes
Patreon
PayPal
See more from me