223
What we know about the xz Utils backdoor that almost infected the world
(arstechnica.com)
Welcome to the main community in programming.dev! Feel free to post anything relating to programming here!
Cross posting is strongly encouraged in the instance. If you feel your post or another person's post makes sense in another community cross post into it.
Hope you enjoy the instance!
Rules
Follow the wormhole through a path of communities !webdev@programming.dev
The fact that that person happened to be looking on a system downstream to this one, while also having the context needed to pin it back to xz in particular is the lucky part. The same attack in any of countless other places wouldn't have gotten spotted the same way, or as quickly. That's not to say diligence on Freund's part wasn't a big factor here, but it's important to identify that luck was a big factor.