(no subject)

Apr. 4th, 2024 10:20 pm
kradeelav: Zihark, FE10 (silly)
[personal profile] kradeelav
little funny to have earned just enough knowledge about linux to know when an article is being realistic vs ridiculously sensational about the latest debian hack. (ubuntu supremacy huzzah)

(like yeah it was Not Great and Could have been bad but not 'TEHY (almost) HACKED THE PLANET!!!' vibes.)

.... honestly i think the last time i truly was cool with tech sensationalism was Y2K lol. at least that one was kind of earned.
Tags:
  • Add Memory
  • Share This Entry
Flat | Top-Level Comments Only

(no subject)

Date: 2024-04-05 03:10 am (UTC)
queenlua: (Default)
From: [personal profile] queenlua
is this about xz. can we talk about xz. i love the drama

(no subject)

Date: 2024-04-05 01:55 pm (UTC)
kradeelav: Zihark, FE10 (silly)
From: [personal profile] kradeelav
it *is* about xz, correctomundo >:D

as much as open source is great the sheer draaaaaama is even more legendary if anything.

(no subject)

Date: 2024-04-05 07:03 am (UTC)
meningioma: (AA - KWERKY)
From: [personal profile] meningioma
D-Debian hack?
You mean the XZ backdoor?
... *googles furiously in debian user*

(no subject)

Date: 2024-04-05 05:22 pm (UTC)
kradeelav: (Default)
From: [personal profile] kradeelav
yup, the very same! you should be fine if you already know though. :)

(no subject)

Date: 2024-04-05 09:33 pm (UTC)
meningioma: (ROA - smart)
From: [personal profile] meningioma
*puts on dweeb glasses*
well the xz exploit didnt actually effect stable distros like debian stable, ubuntu, anything not rolling bc it was those versions 5.6.0 and 5.6.1 that were infected with a backdoor. Debian is still on 5.4.1-0.2...meaning, it is wrong to call it a debian hack! It is more like an arch/rolling distro hack. And its already patched, so...

the whole xz fiasco is a good reason why people developing open source stuff should be more careful about what goes into each distro, and why I won't use a rolling distro for a longgg time
Edited Date: 2024-04-05 09:35 pm (UTC)

(no subject)

Date: 2024-04-07 07:40 pm (UTC)
kradeelav: Dr. Kiriko (amused)
From: [personal profile] kradeelav
Oooh see, this is what i love about you and open source circles in general, you learn all sorts of new fun facts every day. TIL, and thanks for the correction! I suppose that's exactly why a lot of those safety rails are put in place to boot.

(no subject)

Date: 2024-04-08 02:00 pm (UTC)
meningioma: (CUTE - capymunch)
From: [personal profile] meningioma
ok CORRECTION, it IS a debian hack BUT it doesnt effect any debian/ubuntu/RPM installs right now. It would have effected them if they used testing/rolling versions of Debian/ubuntu/RPM and any flavors of it bc it only targets the debian/rpm package and wouldnt even have backdoored the arch version...

And the sauce for that

so uhhh it kinda is a debian hack but you know. not yet.

now that I linked the source from the guy who found it, its really interesting seeing how he found it. If this hadnt been caught it would have infected every debian derivative out there, which would be fuuucking catastrophic for servers bUT IT STILL ISNT RIGHT TO SAY ITS TEH GIANT DEBAIN HAXXOR THAT EVERYONE IS SAYING IT IS(!!!!)
Edited Date: 2024-04-08 02:31 pm (UTC)
  • Add Memory
  • Share This Entry
Flat | Top-Level Comments Only

Custom Text

WEBSITE - LOG - PROFILE - SHOP
Top of page