If you're a #Linux user, beware of the XZ backdoor:
The XZ Linux Backdoor Is Incredibly BAD!!
Of all the times for a massive vulnerability to come out did it have to be over the Easter Weekend, I just wanted to take a break and here we are talking abo...YouTube
Andrew Pam likes this.
Anders Rytter Hansen reshared this.
in reply to Anders Rytter Hansen
I remember in college editing OpenSSH source code to instead of return wrong password to a root shell prompt just to stop brute force attacks
Anders Rytter Hansen likes this.
in reply to Anders Rytter Hansen
Oh all of my configs are deny root ssh login or without-password. I noticed a significant decrease in scans when returning a root prompt when I did that. This was also in the mid 2000s so who knows how things would be in this day in age for a reduction in scans
Anders Rytter Hansen likes this.
in reply to Pacmanlives
@Pacmanlives
So it was a fake root prompt which tricked the bots into believing that they logged in successfully but in reality the prompt could do nothing on the system?
So it was a fake root prompt which tricked the bots into believing that they logged in successfully but in reality the prompt could do nothing on the system?
N. E. Felibata 👽
in reply to Anders Rytter Hansen • • •🤣
Anders Rytter Hansen
in reply to N. E. Felibata 👽 • •Why laughing? 😀
N. E. Felibata 👽
in reply to Anders Rytter Hansen • • •Anders Rytter Hansen likes this.
Anders Rytter Hansen
in reply to N. E. Felibata 👽 • •Oh yeah that's pretty funny. Out of all the devs it is.... Microsoft 😄
N. E. Felibata 👽
in reply to Anders Rytter Hansen • • •Yes, the main thing is that it was discovered!
Still, it's funny that it came from a Microsoft developer obsessed with benchmarks. ... 🤔
Anders Rytter Hansen
in reply to N. E. Felibata 👽 • •Yes haha. Lucky that the exploited library runs a bit slower 😅
david Marec
in reply to Anders Rytter Hansen • • •Anders Rytter Hansen
in reply to david Marec • •Does he do open source development in his free time or is he paid by Microsoft to do it?
N. E. Felibata 👽
in reply to Anders Rytter Hansen • • •Anders Rytter Hansen likes this.
Murkas Wylander
in reply to Anders Rytter Hansen • • •Anders Rytter Hansen likes this.
N. E. Felibata 👽
in reply to Anders Rytter Hansen • • •Anders Rytter Hansen
in reply to N. E. Felibata 👽 • •In any case I think the chance of this backdoor being detected before it ends up in Debian is almost 100%
Murkas Wylander
in reply to Anders Rytter Hansen • • •Anders Rytter Hansen likes this.
Murkas Wylander
in reply to Anders Rytter Hansen • • •like this
Anders Rytter Hansen and ミ★ Confederate Space Force ★彡 like this.