Who the heck is FrankyU2, how did he get a SuSE repository, & how did it get in my repo list??!!

tgdf

New Member
Joined
Jul 27, 2020
Messages
11
Reaction score
8
Credits
173
Who the heck is FrankyU2, how did he get a repository, & how did it get in my repo list??!!

I'm installing LEAP 15.2 on another machine & I looked at the repositories on this machine to get the names of the extra ones (PackMan, etc) and I see this repository:

http :_//_download.opensuse.org/repositories/home_:_/FrankyU2/openSUSE_Leap_15.1/ (delete the 4 underscores to get there)

Can anybody just hack a repo server & dump whatever they want????!!!!!!

You might also check out https://u2start.com/u/FrankyU2/ to see more of this nonsense.
 
Last edited:


G'day @tgdf and welcome to linux.org :)

Now is THAT any way to make your first post?

Just in case of any misapprehension on your part, we are not an official arm nor organ of Linux, just scored the dot org name - we are manned by volunteer staff who share a love of Linux and have varying skills in various departments...

I am from Australia.

So do you want to dial back the Mr Cranky Pants, a little, and tell us a little bit more?

Cheers

Chris Turner
wizardfromoz
 
I haven't used Suse for a very long time. Not since long before leap/tumbleweed were introduced. So I'm not sure how things work with them, but have you installed any 3rd party applications on there?

From what I can see FrankyU2 has packages like BBswitch and Bumblebee, which are Nvidia/Optimus related libraries.
Plus Freetype, Kaffeine multimedia player, Bomi a GUI/frontend for mplayer and quakespasm - a FLOSS quake engine. Nothing seems unusual there.

Could it be that he is a maintainer of some the Suse packages?!
If you have installed any of the above packages - perhaps that is why you have his repo?! Leap is suse's rolling distro isn't it?

Again, I don't know enough about Suse/leap/tumbleweed to know how/why his repo is in your list. But my guess would be that perhaps you have installed something and that repo has been brought in.

And the other website you linked just shows that this Franky person is a huge U2 fan...... So other than having terrible taste in music - I see nothing too nefarious. The repository looks OK.

So my initial impression is that this might be operator error - somewhere along the line. A PICNIC - Problem In Chair, Not In Computer!

But if you're really unsure - the best thing to do might be to contact someone at Suse and make some enquiries there!
 
About the link of the FrankyU2 on the U2 website, that's probably his profile for that website since he's probably a U2 Fan. Since he uses the same username on the opensuse forums if you check his profile.

Looks legit since it's hosted under the opensuse.org domain. Als if you go to the home directory you will see a lot of other names of people or aliases. So it's probably the official place where third-party repositories are hosted. And also here there are official instructions of how to add the third party repository. Only question is how that repository got installed on your system. I just installed a virtual machine with opensuse leap 15.2 and didn't see this third party repository get installed by default.
 
Last edited:
I haven't used Suse for a very long time. Not since long before leap/tumbleweed were introduced. So I'm not sure how things work with them, but have you installed any 3rd party applications on there?
(snip)

"...have you installed any 3rd party applications on there?"

All my aps are from SuSE repos. I don't even load from the 'less than stable' or 'unofficial developer' repos.

As I noted elsewhere, I may have clicked on a link (at a site called GIThub or GTIhub) which purported to have files related, I think, to problems I was having with dotNET not loading properly in Wine. But it was a while ago, I don't remember clearly, & I can't seem to trace back to it.

PICNIC.....that's good. Never heard that one before.

Thanks.
 
G'day @tgdf and welcome to linux.org :)
Chris Turner
wizardfromoz

First, thanks to the person who suggested below that I should have gone directly to SuSE. That's perhaps correct. I think I wanted to get a more unofficial read on this situation before making an 'official' complaint. Also, SuSE has gone through multiple hands, including those of Microsoft, & I also, possibly, didn't want to deal immediately with corp suits.

Now:

"Now is THAT any way to make your first post?"....."...Mr Cranky Pants..."
What? Are you 6 years old??

FYI, my first posts were in the 1970s. Since then there have been at LEAST 2 major Linux forum systems where I used to post which I've outlasted because they've gone under: Novell CustCtr openSuSE, & www.linuxforums.org (which actually has a Wikipedia page explaining the demise). I've outlasted them because I'm careful & I get upset when I see lax, slovenly habits.

Why today, is truth & plain speaking confused with violence & bias? Can no one anymore tell the difference between "You're stupid," (an insult), and "You're ignorant," (meaning someone is uninformed)? I simply asked a civil question. Who is this guy & why is his trash on the repo site? And it IS trash. Most of what I dared look at is his promotion of his website & music as clickbait for his site. If there are ANY real executable or library files, they're coincidental.

So if I sounded Cranky, can you blame me? I think cranky, upset, & on the verge of anger is a proper response to the possibility of an OS repo site being hacked!

I'm an old timer from before the internet was www. In the 70s it was BBS only and we were pretty strict about enforcement. For instance, people were panned for ending their messages with ANY signature. Your ID & signature were in the header which was necessary. The flowery sig was totally unnecessary & seriously not wanted at a time when we used to pay by the SECOND for bandwidth, & a dialup connection was like waiting for molasses to flow in January. (If you worked 6PM to 6AM, it was $0.10/min. 6AM to 6PM it was $1/minute!!) So we were not angry, but we jumped on error, waste, & malevolent hacking.

My concern isn't even so much that the files are in the repository. My concern is "How did they get there?" The files seem harmless, though fantastically annoying. But the problem is, if any hacker can access & possibly change repository files, no OS is secure any more.

You'll forgive me if I'm bothered by what appears to be a cross between a Gigolo wannabee & a failed Hip Hopper (again, check out the image of his page) having potential access to my most highly guarded secrets. (And those characterizations are not insults. I believe them to be reasonably accurate evaluations of what I saw.)

Also, forums are NOT social media. If you haven't had the problem, keep your mouth shut. Forego the urge to be somebody by trying to hold up a totally useless end of the conversation. I don't need a 5 yr old AT&T 'help desk' infant to waste an hour of my time with, "Please turn all your computer equip off & on, then turn your phone on & off (after which you can start all over because this call will end when you turn your phone off.)" If you've had this problem before, (if you've seen & dealt with bogus, irrelevant files on a repo site) you know, pretty much, the exact answer. Please tell me your experience. If not, I really don't want your thoughts, musings, wonderment, & general awe that transistors have been reduced in size to where they get millions on a square inch. (When I was in HS, Scientific American used to actually be a magazine which published the research of the people who invented the integrated circuit & the ruby laser, in articles actually written by them. Today, Sci Amer is what Popular Mechanics used to be back then: The wonder of how an internal combustion engine can turn the blade in your lawn mower. I know how to reset a system.)

People who coddle you & constantly make nice-nice with phrases like Mr Cranky Pants, are NOT your friend. They are trying to put one over on you. People who are blunt &, when necessary, alarmist, are doing you a favor. It may not feel good, but it's better to be rudely awakened to a hacker than have someone be calm & soothing while the building burns down. And even if this FrankyU2 isn't a malevolent hacker, he's stealing from you & me by wasting our time & getting paid for useless clickbait.

It is possible I clicked on a link which added these repos to my list. I remember something about a site which may have been called GIThub or GTIhub. I believe I may have been looking for info re problems with dotNET not loading in Wine, but I'm unable to trace back to the exact pages I may have been looking at. In any case, the memory of possibly having clicked on such a link is connected to the memory of thinking it was strange to see such a potent link. Also, thinking that, if it were an actual connection to a real repo site, that site MUST be totally sacrosanct & protected from hacking.....which is why I'd be so upset when, a month or so later, I saw the garbage that was there.

And that's what's so concerning: The files came from a real SuSE site. I can't believe an org that puts out an OS would allow clickbait on their repo sites. I was wondering if I was correct in that. Perhaps I should have been more clear about that. But as I say, I was more concerned about shouting FIRE to get some attention to a potentially very serious problem, than in being PC or even academically accurate. Maybe you've heard: they now teach women, rather than scream RAPE, scream FIRE. Apparently, no one will lift a finger if you scream rape because it doesn't affect them. But people jump if you scream fire because they want to see if it involves them.

If you don't like my perspective, just say so. That's valid. But unless you ACTUALLY ARE the management of this site, I'm not interested in you telling me what I can & cannot say, or how urgent is my tone.

But thanks, all. In this instance, the negative supports my conclusion: NO ONE has said, "Oh, you're missing the point. These files are for this purpose...". And everyone has said that the files MIGHT be for some purpose, but they don't see what purpose. So I know what to do: Linux repositories (I think) are for sterile storage of OS files & applications, NOT for hype & nonsense. If no one can see the EXACT purpose of these files, they probably don't belong, & I do need to contact SuSE. Auch, kann Ich mit viele Sprachen diese Leute verstehen.

One thing I CAN tell you, I'll never again download repo files except with my OS Software Mgt ap.

(If I wind up with multiple posts here, please forgive me. I've opened more than one preview, but I can't find a way to close the windows or refresh the view.)
 
... that's probably his profile for that website since he's probably a U2 Fan. ...

Looks legit since it's hosted under the opensuse.org domain.... And also here there are official instructions of how to add the third party repository. Only question is how that repository got installed on your system. I just installed a virtual machine with opensuse leap 15.2 and didn't see this third party repository get installed by default.
That it LOOKS legit is what scares me. (Before I EVER click on ANY unknown link I look at the underlying address. This appeared to be a legit SuSE site.) Thanks for the link to the instr. I'll be checking that out. I did notice all the other names. Perhaps in this age of social media, SuSE wanted to make a place for expression. But on the repo, I just find it disturbing. Too much trash to wade through.

I've been looking at the SuSE site. I've never looked at anything there because all I cared about was a Linux OS with an efficient workspace GUI. Yet now, they do have seemingly extensive forums & what's specifically identified as social media. I am going to try and contact someone there and see if the social stuff belongs in the repo areas, how they deal with that, & how it's been working for them.

If I find out anything interesting, I'll post it here......but it will probably take weeks if I do get anything.
 
Last edited:
I like the avatar :)

Just an FYI - if you avoid posting links or quoting links until you have about 20-30 posts up, or days up, I'll have to check which - yours are coming across my desk for approval, which means you may be waiting 12 hours to see them posted.

Cheers

Wizard
 
If you scroll down to the bottom of the page it says:
Code:
© 2015-2020 SUSE LLC., openSUSE contributors
So I would think that these are all repositories of people that contribute to opensuse. I downloaded the FrankyU2 LEAP repo file. It looks like this:
Code:
[home_FrankyU2]
name=home:FrankyU2 (openSUSE_Leap_15.1)
type=rpm-md
baseurl=https://download.opensuse.org/repositories/home:/FrankyU2/openSUSE_Leap_15.1/
gpgcheck=1
gpgkey=https://download.opensuse.org/repositories/home:/FrankyU2/openSUSE_Leap_15.1/repodata/repomd.xml.key
enabled=1
Linking back to that that other page, so it pretty much looks like this person is an opensuse contributor.
 
Last edited:
Nice spot, @f33dm3bits :):cool:

He is listed in the F's about a third of the way down the page, so I am hoping the OP will recognise that this is a legitimate source, endorsed by openSUSE?

Cheers

Wizard
 
If you scroll down to the bottom of the page it says:
Code:
© 2015-2020 SUSE LLC., openSUSE contributors
So I would think that these are all repositories of people that contribute to opensuse. I downloaded the FrankyU2 LEAP repo file. It looks like this:
Code:
[home_FrankyU2]
name=home:FrankyU2 (openSUSE_Leap_15.1)
type=rpm-md
baseurl=https://download.opensuse.org/repositories/home:/FrankyU2/openSUSE_Leap_15.1/
gpgcheck=1
gpgkey=https://download.opensuse.org/repositories/home:/FrankyU2/openSUSE_Leap_15.1/repodata/repomd.xml.key
enabled=1
Linking back to that that other page, so it pretty much looks like this person is an opensuse contributor.
1, I see this now. It does appear that SuSE has a personal space of some kind for it's contributors.
2. What you have listed here is Leap 15.1 which has just been superseded by 15.2. And you've just listed the ReadMe file. There's 4 directories of files.
3, While (OOOoooooooKKKKKKK. It just came to me: FrankyU2=FU2 So tell me NOW how legit this can be.) FrankyU2's 15.1 is mostly RPM files which, if they're legit, is appropriate. But the 15.2 directory has been deleted, and THAT was all full of images & music garbage.
4. You're still missing the point that I got all that garbage by clicking on a link that a, purported to solve a problem I had, and b, seems to actually be a legit site of a Linux distro I use......which nonetheless was possibly being used to circulate clickbait. I didn't just get sucked in by a phishing thing. I examined the address b4 clicking on it.

I'm in the middle of replacing 6 of my obsolete machines so I really don't have time to deal with this. I'll get to it sooner or later. But if someone wants to find the appropriate contact at SuSE, be my guest. Let me know if you find anything.
 
Nice spot, @f33dm3bits :):cool:

He is listed in the F's about a third of the way down the page, so I am hoping the OP will recognise that this is a legitimate source, endorsed by openSUSE?

Cheers

Wizard
Again, yes, it appears the space is legit, but, as I noted above, it just came to me that FrankyU2=FU2. And the repo that was added to my site was Leap 15.2, NOT 15.1. And 15.2, which was the area full of garbage, has now been deleted.

Oops, my error. I see that 15.1 WAS the area I was originally looking at. But it's certainly changed from what I saw several days ago. There was 4 times as much junk, lots of images & music. Now it's just a few RPMs. But I got that U2Start address from the SuSE repo.

Again, I don't specifically care about the social stuff. But if someone puts up a link to solve a tech problem, the clickbait stuff isn't appropriately linked to your OS repositories.
 
Last edited:
4. You're still missing the point that I got all that garbage by clicking on a link that a, purported to solve a problem I had, and b, seems to actually be a legit site of a Linux distro I use......which nonetheless was possibly being used to circulate clickbait. I didn't just get sucked in by a phishing thing. I examined the address b4 clicking on it.

I'm in the middle of replacing 6 of my obsolete machines so I really don't have time to deal with this. I'll get to it sooner or later. But if someone wants to find the appropriate contact at SuSE, be my guest. Let me know if you find anything.
4. What link did you click on to solve what problem that added that repository?

I am not planning to search for a contact at SuSe because I don't run Suse Linux and it is not my problem. I was just trying to be helpful by helping you search to verify it was actually a valid repository so that you could relax.

And also welcome to the forums! ;)
 
Last edited:
If you check out the whois for the U2Start domainName you'll smell 4 day old cod at low tide. No contacts. See if you can get through to the enom registrar. I can't.
 
If you check out the whois for the U2Start domainName you'll smell 4 day old cod at low tide. No contacts. See if you can get through to the enom registrar. I can't.
It is possible to request to have your contact e-mail hidden for privacy measures. But You could try to contact the domain owner by using the contact form mentioned in the whois info. Also if you are so worried about it being a bogus domain contact the abuse contact:
Code:
Registrar Abuse Contact Email: [email protected]
 
4. What link did you click on to solve what problem that added that repository?

I am not planning to search for a contact at SuSe because I don't run Suse Linux and it is not my problem. I was just trying to be helpful by helping you search to verify it was actually a valid repository so that you could relax.

And also welcome to the forums! ;)
As I alluded above, I can't trace back to the original link. It purported to link to a repo with files which might solve a problem I was having with Wine. I checked the address, noted it was a legit SuSE site, and clicked the link which added the repo addresses to my repo db. And then forgot about it until I was setting up another machine and I check the repo sites to make sure I was using the same sites on the new machine. That's when I saw the FrankyU2 & finally actually looked at the files on the site.

I really wish I could find that original link. I don't expect you to take on the problems of others. But it's not hard to think someone else might be curious about hacking or garbage activities on the repo sites of major Linux distros. I need all the help I can get in this life.

I realize this is a bit of a rant. But, as I say, I think garbage in the repo db of a major OS distro is worrisome at the very least.

I do appreciate your interest.
 
As I alluded above, I can't trace back to the original link. It purported to link to a repo with files which might solve a problem I was having with Wine. I checked the address, noted it was a legit SuSE site, and clicked the link which added the repo addresses to my repo db. And then forgot about it until I was setting up another machine and I check the repo sites to make sure I was using the same sites on the new machine. That's when I saw the FrankyU2 & finally actually looked at the files on the site.

I really wish I could find that original link. I don't expect you to take on the problems of others. But it's not hard to think someone else might be curious about hacking or garbage activities on the repo sites of major Linux distros. I need all the help I can get in this life.

I realize this is a bit of a rant. But, as I say, I think garbage in the repo db of a major OS distro is worrisome at the very least.

I do appreciate your interest.
Well just be alert next time you decide to click on a link to see what it is actually doing, this way you will save yourself a lot of stress. Also what software were you trying to run under wine?
 
Last edited:
Well just be alert next time you decide to click on a link to see what it is actually doing, this way you will save yourself a lot of stress. Also what software were you trying to run under wine?
As I've said, I RELIGIOUSLY check ALL addresses before I click on a link, or open a document, or open an attachment.

TurboTax & Hauppauge TV pci cards, & WinTV.
-------------------------------------

The enom address is the abuse address of the registrar. And can you even get through to the site. I tried & the site doesn't load.

The form mentioned in the whois is for ICANN. You might as well write to Bill Gates. There are no contacts for ......

Oops again.....I see they've changed the whois format. There used to be contact info for the registrant, the tech, admin, & billing. You could pay to have the IDs hidden, but the fields were there, just filled in with (info hidden).

I guess this may to turn out to be nothing. So far, since the 70s, everytime something happens to make me check to see if I've been hacked, turns out to be nothing or something innocent & normal. But I still think one must be vigilant & check things out when something seems suspicious.

I know what you mean, but I wouldn't have thought it were necessary to actually look at a repo site to check for mischief. Again, that's what's got me so upset. I'd have though those sites would be very secure.
 

Staff online


Top