Hey, I’ve been hearing a LOT about the xz backdoor. Crazy story, but rather than reading 10 different articles about it from 3 days ago when the story was quite new, does anybody know a high quality write-up that has all the juicy details and facts? I really like in-depth guides that cover every aspect of the story....
You’re correct. Right now many experts are scrambling all those small pieces together as to how this could happen in the first place, as a lot of it was public too: the social pressure on maintainers, random software changes that now seem suspicious, and the absence of a real identity of the perpetrators. Every expert who’s onto this seems to be a real person, with a real identity and a real face to the name.
Prior to the first commits, there must have been months if not years of planning too.
But just the fact that some of the code those perpetrators wrote took +0.5 seconds more for something that would normally only take 0.2-0.3 seconds is what gave them away.
0.5 seconds of CPU time vs. years of planning.
It’s an intriguing story.
They tried so hard, they got so far, but in the end, it didn’t even matter.
Billie Eilish, Pearl Jam, 200 artists say AI poses existential threat to their livelihoods (arstechnica.com)
It’s time for a hard reset on notifications (www.theverge.com)
Scary AT&T breach leaks up to 70 million Social Security numbers to the dark web (www.macworld.com)
cross-posted from: lemmy.world/post/13810367
Best article about XZ backdoor?
Hey, I’ve been hearing a LOT about the xz backdoor. Crazy story, but rather than reading 10 different articles about it from 3 days ago when the story was quite new, does anybody know a high quality write-up that has all the juicy details and facts? I really like in-depth guides that cover every aspect of the story....
You will certainly not regret (lemmy.world)
What have I done to you, pen? (feddit.de)
FF Evangelists (lemmy.ml)
Oh Snap! Canonical now doing manual reviews for new packages due to scam apps (www.gamingonlinux.com)