Somehow, my locale on one of my systems was changed to am_ET.uft8.  I might not have noticed, actually.  It only obviously broke a few farily minor things.  But, I use xdotool scripts with "search --name" parameters and they stopped working.  The target of these commands is my Firefox browser.  It turns out that Firefox will default to it's "C" locale if it doesn't recognize the locale as set.

Everything looked the same, but was in fact different :)

After switching the locale back to en_US.utf8, my xdotool scripts worked just fine.

It seems to me that resetting the locale in this way could be used for all kinds of attacks.  If an attacker could change my locale, I have two questions: How did they do it and what else did they change.  It happened on one of my more secure systems where I don't visit weird sites.

I was stracing some stuff and used a few related programs and was playing with file descriptors.  That may be the culprit too :)  I'm going to move this activity to another system, which will be more cumbersome.  But, I'd like to keep the affected system relatively secure

After forcing Google/Gemini to treat these changes as an attack, it gave me back some pretty generic advice but nothing about a specific attack other than some attacks look at the locale.

Just an FYI and seeing if anyone has any experience or thoughts. I found the insideous nature of the effects of the locale change interesting.
_______________________________________________
Lug-nuts mailing list -- lug-nuts@bigbrie.com
To unsubscribe send an email to lug-nuts-leave@bigbrie.com