this post was submitted on 24 Oct 2024
1059 points (96.9% liked)

Technology

60052 readers
2809 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 10 points 1 month ago (1 children)

xz attack was an open source attack and it would be silly to assume that it was unique.

[–] [email protected] -1 points 1 month ago (1 children)

This has nothing to do with xz

[–] [email protected] 10 points 1 month ago (1 children)

I don't think you understood their point.

[–] [email protected] 1 points 1 month ago (1 children)
[–] [email protected] 1 points 1 month ago (1 children)

In response to:

Moreover, the claim that they can harm the software is unwarranted because it is OPEN and many eyes are on it.

The xz attack was an intentional backdoor put into a project that was "OPEN and many eyes are on it." Also, it was discovered due to the way it was executing and not because someone found it in the source. The original assumption has been proven wrong.

[–] [email protected] 1 points 1 month ago

Oh, yep I didn't see that. Though definitely more eyes are on Linux than were on xz