Hey, I’ve been hearing a LOT about the xz backdoor. Crazy story, but rather than reading 10 different articles about it from 3 days ago when the story was quite new, does anybody know a high quality write-up that has all the juicy details and facts? I really like in-depth guides that cover every aspect of the story.

Thanks in advance guys!

    • trolololol@lemmy.world
      link
      fedilink
      arrow-up
      2
      arrow-down
      1
      ·
      8 months ago

      I wonder exactly why ssh was taking so long more. Perhaps the bits that scan ssh logs with a regex to extract IP address and username?

      Whatever it is, that particular bit should be easy to deactivate since somehow a full fledged binary file with executable code was being bundled. I can imagine it only being active under a toggle that would make it harder to detect, such as a specific time of day.