submitted 1 month ago by Emerald to c/linuxmemes
you are viewing a single comment's thread
view the rest of the comments
[-] shotgun_crab 49 points 1 month ago* (last edited 1 month ago)

Still paniking, cause the backdoor was apparently targetting Debian servers, it was discovered just by chance and the "mantainer" made commits for 2 years in the same repo

[-] [email protected] 11 points 1 month ago

The fact that this was planned is what makes me nervous. Imagine what else is lurking.

[-] [email protected] 28 points 1 month ago

and it was only discovered accidentally, when someone was profiling some stuff, noticed SSH using a bit too much CPU power when receiving connections even for invalid usernames/passwords, and spent the time to investigate it more deeply. A lot of developers aren't that attentive, and it could have easily snuck through.

[-] [email protected] 4 points 1 month ago

hey Dan, why don't you post blogs now?

[-] [email protected] 5 points 1 month ago

I've been meaning to start blogging again. It's just been a lack of free time. Need to think of ideas, too.

[-] [email protected] 2 points 1 month ago

understandable mate, have a nice day!

[-] [email protected] 0 points 1 month ago

I've never read your blogs but I think it would be good for more people to do write ups on the XZ backdoor. There is a lot that can be learned and improved

this post was submitted on 30 Mar 2024
976 points (98.6% liked)


19078 readers
2604 users here now

I use Arch btw

Sister communities:

Community rules

  1. Follow the site-wide rules and code of conduct
  2. Be civil
  3. Post Linux-related content
  4. No recent reposts

Please report posts and comments that break these rules!

founded 11 months ago