[mdlug] info about the xz backdoor
David Lee Lambert
davidl at lmert.com
Mon Apr 1 14:48:01 EDT 2024
(note that I get an error "This video is restricted. Please check the
Google Workspace administrator and/or the network administrator
restrictions." when I try to view the original video, but there are good
in-text summaries of the issue out there, e.g.
https://doublepulsar.com/inside-the-failed-attempt-to-backdoor-ssh-globally-that-got-caught-by-chance-bbfe628fafdd
)...
El dom, 31 mar 2024 a las 14:32, LAP (<mail1 at lapiet.info>) escribió:
> On Sun, 31 Mar 2024 13:49:46 -0400
> Jonathan Billings <billings at negate.org> wrote:
>
> > While it was the inclusion of systemd’s notification into OpenSSH
> > (which improves service automation) that brought in the library, I
> > suspect blaming systemd is probably beside the point, the author of
> > the backdoor would have just attacked a different subsystem.
> >
>
> My use of GNU/Linux is just to run applications on a desktop
> workstation. I have little interest, if any at all, in the
> networking aspects (aside from an Internet connection).
>
> Thus, all these security concerns simply do not apply to my
> situation, which I imagine is very common among GNU/Linux
> users.
>
So far the exploit is known to hook into sshd. It hasn't been fully
explored yet, and it's possible that it also hooks into other processes.
--
--
cell: +1 586-873-8813
IM: davidleelambert (Skype,Google)
"Justicia, Tierra y Libertad"
More information about the mdlug
mailing list