Jim Winstead on Nostr: One of the things that led to discovering the #xz supply chain attack was Andres ...
One of the things that led to discovering the #xz supply chain attack was Andres doing his performance testing on a machine with the ssh port open to the internet at large, so sshd was having to fend off the usual barrage of login probes. Just one in an astounding number of usually inconsequential decisions and fortunate occurrences that led to his discovery.
https://mastodon.social/@AndresFreundTec/112180406142695845Published at
2024-03-30 18:15:44Event JSON
{
"id": "087402149c39ca742159513b1cb8fca8be9ce4690b4ec12d2c5c3576443e209b",
"pubkey": "b43b3234094351947af871aee795d8967a2a6ef3b13f5fdfa3e44e9ed92390c1",
"created_at": 1711822544,
"kind": 1,
"tags": [
[
"t",
"xz"
],
[
"proxy",
"https://mefi.social/users/jimw/statuses/112186002246032021",
"activitypub"
]
],
"content": "One of the things that led to discovering the #xz supply chain attack was Andres doing his performance testing on a machine with the ssh port open to the internet at large, so sshd was having to fend off the usual barrage of login probes. Just one in an astounding number of usually inconsequential decisions and fortunate occurrences that led to his discovery.\nhttps://mastodon.social/@AndresFreundTec/112180406142695845",
"sig": "1f5a3ff2828fa30716ea7a96c9da1d51bed5c7f18851b551d8bc398ced0671373f568836c4d9063ada13c2f41fda8c17de9d527b149f019576d4641cb5f18b25"
}
