RT fr0gger:

🤯 The level of sophistication of the XZ attack is very impressive! I tried to make sense of the analysis in a single page (which was quite complicated)!

I hope it helps to make sense of the information out there. Please treat the information “as is” while the analysis progresses! 🧐 #infosec #xz

13:14 [/bb-atom]

RT tyx:

I’ve found the best #meme about #xz #backdoor.

13:06 [/bb-atom]


RT bontchev:

So, kids, what’s the moral of the XZ story?

If you’re going to backdoor something, make sure that your changes don’t impact its performance. Nobody cares about security - but if your backdoor makes the thing half a second slower, some nerd is going to dig it up.

19:56 [/bb-atom]

RT SecureOwl:

people are saying the xz backdoor is likely the work of a nation state actor, and given that it appears to been slow rolled for a couple of years and immediately became obsolete before it was fully launched - you do have to admit it bears the hallmarks of a government IT project

11:36 [/bb-atom]

RT tpolecat:

Raise your hand if you ever made a paper snake out of tear-off tractor-feed margins.

11:02 [/bb-atom]

RT delroth:

xz-utils was backdoored by its upstream. Tracked as CVE-2024-3094 and thoroughly documented by vuln discoverer Andres Freund on oss-security@: openwall.com/lists/oss-securit

10:46 [/bb-atom]


Antwort auf @simon

@simon import textwrap
Batteries included, remember? :-)

10:19 [/bb-atom]



RT joebeone:

This deepfake cryptography cipher suite tier debate between Trump, Obama, and Biden is totally NSFW and totally genius. Laughed. so. freaking. hard. securitycryptographywhatever.c

00:01 [/bb-atom]


RT jfmblinux:

#Google announced that starting in June 2024, ad blockers such as uBlock Origin #uBO will be disabled in Chrome 127 and later with the rollout of Manifest V3 (#Mv3).

#ManifestV3 is deceitful and threatening to your privacy, and now is a good time to switch to #Firefox (@Mozilla@mamot.fr) (@mozilla@mozilla.social ) and/or #TorBrowser if you haven’t done so already!

| ̄ ̄ ̄ ̄ ̄ ̄ ̄ ̄ ̄ ̄|
| Install  |
| firefox  |
(\__/) ||
(•ㅅ•) ||
/   づ

00:43 [/bb-atom]


RT bagder:

The value of OSS today?

“from $1.22 billion to $6.22 billion if we were to decide as a society to recreate all widely used OSS on the supply side”

“from $2.59 trillion to $13.18 trillion, if each firm who used an OSS package had to recreate it from scratch”

“5% of programmers are responsible for more than 90% of the value created on the supply- and demand- side”

The report: papers.ssrn.com/sol3/papers.cf

00:28 [/bb-atom]


Antwort auf @karlauerbach

@karlauerbach Rewrite using async/await?

00:39 [/bb-atom]


Antwort auf @chm

@chm OK, danke!

17:29 [/bb-atom]

@chm Gibt es eine Möglichkeit, zu steuern, welche Posts in meinem RSS-Feed erscheinen? Ich sehe nur Original-Toots, nicht aber Replies und Boosts.

16:15 [/bb-atom]

Antwort auf @johnmacintosh

@johnmacintosh That’s exactly what I wrote my first BASIC programs on!

13:21 [/bb-atom]


Für Kurzentschlossene: Morgen ist Velobörse in Lyss:

00:46 [/bb-atom]


Antwort auf @thomasweibel

@thomasweibel Ist in Europa nicht am 22/7? 😆

23:35 [/bb-atom]


RT _benui:

✨ new tech bingo ✨

23:48 [/bb-atom]