Tim's Lemmy
  • Communities
  • Create Post
  • heart
    Support Lemmy
  • search
    Search
  • Login
  • Sign Up
HayadSont@discuss.online to Linux@programming.devEnglish ·
edit-2
2 months ago

XZ Utils Back Door in Linux - Analysis of the Attack

www.youtube.com

external-link
message-square
3
fedilink
  • cross-posted to:
  • [email protected]
44
external-link

XZ Utils Back Door in Linux - Analysis of the Attack

www.youtube.com

HayadSont@discuss.online to Linux@programming.devEnglish ·
edit-2
2 months ago
message-square
3
fedilink
  • cross-posted to:
  • [email protected]

A video by SavvyNik that covers some of the highlights from the following recently published scientific article - Wolves in the Repository: A Software Engineering Analysis of the XZ Utils Supply Chain Attack

alert-triangle
You must log in or register to comment.
  • jia_tan@lemmy.blahaj.zone
    link
    fedilink
    English
    arrow-up
    11    ·
    2 months ago

    Pretty good breakdown. Glad to see my hard work recognized!

  • w3dd1e@lemm.ee
    link
    fedilink
    arrow-up
    5    ·
    2 months ago

    Thanks for posting. I was literally l looking for updates on this recently and couldn’t find anything. I was worried that it might have been forgotten about

    • HayadSont@discuss.onlineOP
      link
      fedilink
      arrow-up
      3      ·
      2 months ago

      Thanks for posting.

      It has been my pleasure!

      I was worried that it might have been forgotten about

      The XZ utils supply chain attack has actually made the community more wary of blobs. Some projects were even prompted to come clean on this matter.

      Fedora has also recently made a push towards reproducible builds. In the lwn.net article that discussed that push, one of Fedora’s spokespeople explicitly said that it would help combat supply chain attacks.

      So, all in all, I can confidently say that it did leave a mark on the Linux landscape. Hopefully, this specific attack vector will not be as viable in the foreseeable future.

  • HayadSont@discuss.onlineOP
    link
    fedilink
    arrow-up
    1    ·
    edit-2
    12 days ago

    deleted by creator

Linux@programming.dev

linux@programming.dev

Subscribe from Remote Instance

Create a post
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: [email protected]

A community for everything relating to the GNU/Linux operating system

Also check out:

  • [email protected]
  • [email protected]
  • Matrix instant messaging group chat

Original icon base courtesy of [email protected] and The GIMP

Visibility: Public
globe

This community can be federated to other instances and be posted/commented in by their users.

  • 283 users / day
  • 2.28K users / week
  • 4.5K users / month
  • 9.31K users / 6 months
  • 1 local subscriber
  • 8.17K subscribers
  • 1.88K Posts
  • 13.9K Comments
  • Modlog
  • mods:
  • Ategon@programming.dev
  • adr1an@programming.dev
  • dwraf_of_ignorance@programming.dev
  • UI: unknown version
  • BE: 0.19.8
  • Modlog
  • Instances
  • Docs
  • Code
  • join-lemmy.org