Hey, I’ve been hearing a LOT about the xz backdoor. Crazy story, but rather than reading 10 different articles about it from 3 days ago when the story was quite new, does anybody know a high quality write-up that has all the juicy details and facts? I really like in-depth guides that cover every aspect of the story.

Thanks in advance guys!

  • trolololol@lemmy.world
    link
    fedilink
    arrow-up
    2
    arrow-down
    1
    ·
    9 months ago

    I wonder exactly why ssh was taking so long more. Perhaps the bits that scan ssh logs with a regex to extract IP address and username?

    Whatever it is, that particular bit should be easy to deactivate since somehow a full fledged binary file with executable code was being bundled. I can imagine it only being active under a toggle that would make it harder to detect, such as a specific time of day.