[mdlug] info about the xz backdoor
Dark Star
dark58star at gmail.com
Sun Mar 31 10:11:05 EDT 2024
Isn't this the the reason they switched to using systemd instead of initd.
Another shining example of "fix it until it's broke".
Maybe we should be thanking those experts over at IBM.
First the Linux Blue Screen of Death, and now a backdoor.
It sounds like the work of Microsoft.
Dennis
On Sun, Mar 31, 2024 at 8:57 AM LAP <mail1 at lapiet.info> wrote:
> On Sun, 31 Mar 2024 07:33:43 -0400
> "Carl T. Miller" <carl at carltm.com> wrote:
>
> > This is a good video that explains how the backdoor
> > works and how it got there in the first place.
> >
> > https://www.youtube.com/watch?v=OHAyf0qwdCs
> >
>
> The vid contains a useful command to check ones system:
>
> ldd "$(command -v sshd)"
>
> On Gentoo, I get:
>
> linux-vdso.so.1 (0x00007ffff7fcb000)
> libcrypt.so.2 => /usr/lib64/libcrypt.so.2 (0x00007ffff7f6e000)
> libcrypto.so.3 => /usr/lib64/libcrypto.so.3 (0x00007ffff7a00000)
> libz.so.1 => /usr/lib64/libz.so.1 (0x00007ffff7f54000)
> libc.so.6 => /lib64/libc.so.6 (0x00007ffff783c000)
> /lib64/ld-linux-x86-64.so.2 (0x00007ffff7fcc000)
>
> Thus, regardless of what version of xv-utils is installed my
> system cannot be affected.
>
> _______________________________________________
> mdlug mailing list
> mdlug at mdlug.org
> http://mdlug.org/mailman/listinfo/mdlug
>
More information about the mdlug
mailing list