top of page

Head's up! Check your Python modules


Head's up! Be on the lookout for malicious Python libraries! As reported by Developer Tech and Naked Security there is an imposter version of the popular library dateutill which is called python3-dateutil with a one '1' at the end instead of a lowercase L, 'l'. The malicious library can steal keys for Secure Shell (SSH), a network encryption protocol, and GnuPG Privacy guard, encryption software.

You can confirm which python modules you have installed with the pip freeze command. In your scripts directory simply enter, 'pip freeze'.

. . . and a list of installed modules will be generated.


Sean O'Shea has more than 20 years of experience in the litigation support field with major law firms in New York and San Francisco.   He is an ACEDS Certified eDiscovery Specialist and a Relativity Certified Administrator.

The views expressed in this blog are those of the owner and do not reflect the views or opinions of the owner’s employer.

If you have a question or comment about this blog, please make a submission using the form to the right. 

Your details were sent successfully!

© 2015 by Sean O'Shea . Proudly created with Wix.com

bottom of page