421

The glass is NOT half full (libranet.de)

submitted 1 year ago by fu@libranet.de to c/memes@lemmy.ml

43 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[-] AnnaFrankfurter@lemmy.ml 24 points 1 year ago

Hey we need people like that, remember when an autistic person discovered few hundred millisecond delay in ssh which uncovered Jia Tan backdoor.

[-] ravermeister@lemmy.rimkus.it 3 points 1 year ago

Is there an article about that, I would like to read some more about this topic😊

[-] AnnaFrankfurter@lemmy.ml 2 points 1 year ago* (last edited 1 year ago)

This is the original email by the person who discovered this backdoor. But if you want you can search for xz backdoor and you'll find a lot more articles which explain timelines and other things. https://www.openwall.com/lists/oss-security/2024/03/29/4

 == Observing Impact on openssh server ==

With the backdoored liblzma installed, logins via ssh become a lot slower.

time ssh nonexistant@...alhost

before:
nonexistant@...alhost: Permission denied (publickey).

before:
real	0m0.299s
user	0m0.202s
sys	0m0.006s

after:
nonexistant@...alhost: Permission denied (publickey).

real	0m0.807s
user	0m0.202s
sys	0m0.006s

That's a 500ms or 0.5s difference

[-] ravermeister@lemmy.rimkus.it 2 points 1 year ago

Thanks 🙏👌✌️

this post was submitted on 16 Jan 2025

421 points (95.9% liked)

Memes

54221 readers

1191 users here now

Rules:

Be civil and nice.
Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.

founded 6 years ago

MODERATORS

gary_host_laptop@lemmy.ml

cyclohexane@lemmy.ml

cypherpunks@lemmy.ml