83
'xz utils' Software Backdoor Uncovered in Years-Long Hacking Plot
(unicornriot.ninja)
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 03 Apr 2024
83 points (100.0% liked)
Technology
37664 readers
536 users here now
A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.
Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.
Subcommunities on Beehaw:
This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.
founded 2 years ago
MODERATORS
i have heard it suggested that it could be national goverment who did this. so that means it could be israel, america, or china, etc .
i view this as potentially very well funded governments vs ordinary people. we never stood a chance.
That suggestion is because the attack took years of ground work, psyops, multiple disciplines and several levels of obfuscations. It needs the kind of effort that only a well paid and dedicated team can pull off. But that need not necessarily be a state actor. It could also be some spying/malware company (like NSO), any of the big corporates or a criminal group with lots of money.
But don't lose hope. All it took to uncover all of that was just one engineer who was annoyed by SSH slowing down from 0.3s to 0.8s. The effort needed to uncover it is only a fraction of what's needed to hide it. This is also a vindication of the FOSS philosophy. Imagine uncovering this if the source wasn't available.