![cloud2030 artwork](https://is3-ssl.mzstatic.com/image/thumb/Podcasts118/v4/3f/27/37/3f27379e-a8a4-56b7-e9c0-41336dcfb559/mza_3563464814421674438.jpg/100x100bb.jpg)
XZ Exploit Discussion
cloud2030
English - April 06, 2024 11:50 - 17 minutes - 15.8 MB - ★★★★★ - 2 ratingsTechnology Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Previous Episode: Figure.AI where Robots meet LLMs
Next Episode: PXE, DHCP and O/S Provisioning (oh my)
This episode really highlights the danger of contributor burnout and overload. But it also shows that we're not very good as an industry at sustaining work.
Today we dissect what the XZ SSH intrusion attack is, how it happened, what the social engineering was, and the pressure that involved to make that happen.
Transcript: https://otter.ai/u/kRqADDwa6DmoZcnQEmqQD1UaxZ8?utm_source=copy_url
References
https://www.openwall.com/lists/oss-security/2024/03/29/4
https://news.ycombinator.com/item?id=39865810
https://arstechnica.com/security/2024/04/what-we-know-about-the-xz-utils-backdoor-that-almost-infected-the-world/