the vessel of morganna on Nostr: The xz backdoor code is clever, but it isn't out of reach of private hacker groups. ...
The xz backdoor code is clever, but it isn't out of reach of private hacker groups. I've seen similar backdoors that pwn the entire system due to messy shared library dependencies, and infecting sshd indirectly is a fairly common tactic.
Folks also need to stop pointing fingers at every committer that has a vaguely Chinese or Russian name.
Published at
2024-03-30 20:26:39Event JSON
{
"id": "7a2d9a9283ad55b94bde194fa5dc14923c9a8953419924727aae7f855aca176b",
"pubkey": "1c35746c74e944cb3ae7191e6c4d28c89a33c9a77ed62ae89e65e7ca2a6cf826",
"created_at": 1711830399,
"kind": 1,
"tags": [
[
"proxy",
"https://social.treehouse.systems/users/astraleureka/statuses/112186517043562428",
"activitypub"
]
],
"content": "The xz backdoor code is clever, but it isn't out of reach of private hacker groups. I've seen similar backdoors that pwn the entire system due to messy shared library dependencies, and infecting sshd indirectly is a fairly common tactic. \n\nFolks also need to stop pointing fingers at every committer that has a vaguely Chinese or Russian name.",
"sig": "f2d668072b1b09386e985e87a70449ca99cd79c5b8d4e4c0838f750079e27eeafab1c13d4206a5d2bdb78241fe4e11caa054f988467636e34f39064ee8bb94ad"
}
