linuxmemes

20880 readers

3 users here now

I use Arch btw

Sister communities:

LemmyMemes: Memes
LemmyShitpost: Anything and everything goes.
RISA: Star Trek memes and shitposts

Community rules

Follow the site-wide rules and code of conduct
Be civil
Post Linux-related content
No recent reposts

Please report posts and comments that break these rules!

founded 1 year ago

MODERATORS

[email protected]

983

Debian security amirite? (lemmy.world)

submitted 7 months ago by [email protected] to c/[email protected]

75 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 49 points 7 months ago* (last edited 7 months ago) (1 children)

Still paniking, cause the backdoor was apparently targetting Debian servers, it was discovered just by chance and the "mantainer" made commits for 2 years in the same repo

[–] [email protected] 11 points 7 months ago (1 children)

The fact that this was planned is what makes me nervous. Imagine what else is lurking.

[–] [email protected] 28 points 7 months ago (1 children)

and it was only discovered accidentally, when someone was profiling some stuff, noticed SSH using a bit too much CPU power when receiving connections even for invalid usernames/passwords, and spent the time to investigate it more deeply. A lot of developers aren't that attentive, and it could have easily snuck through.

[–] [email protected] 4 points 7 months ago (1 children)

hey Dan, why don't you post blogs now?

[–] [email protected] 5 points 7 months ago (2 children)

I've been meaning to start blogging again. It's just been a lack of free time. Need to think of ideas, too.

[–] [email protected] 2 points 7 months ago

understandable mate, have a nice day!

[–] [email protected] 0 points 7 months ago

I've never read your blogs but I think it would be good for more people to do write ups on the XZ backdoor. There is a lot that can be learned and improved