2024-03-31
RT fr0gger:
🤯 The level of sophistication of the XZ attack is very impressive! I tried to make sense of the analysis in a single page (which was quite complicated)!
I hope it helps to make sense of the information out there. Please treat the information “as is” while the analysis progresses! 🧐 #infosec #xz
2024-03-30
RT bontchev:
So, kids, what’s the moral of the XZ story?
If you’re going to backdoor something, make sure that your changes don’t impact its performance. Nobody cares about security - but if your backdoor makes the thing half a second slower, some nerd is going to dig it up.
RT SecureOwl:
people are saying the xz backdoor is likely the work of a nation state actor, and given that it appears to been slow rolled for a couple of years and immediately became obsolete before it was fully launched - you do have to admit it bears the hallmarks of a government IT project
RT delroth:
xz-utils was backdoored by its upstream. Tracked as CVE-2024-3094 and thoroughly documented by vuln discoverer Andres Freund on oss-security@: https://www.openwall.com/lists/oss-security/2024/03/29/4
2024-03-28
2024-03-27
RT timbray:
Wow, who needs color anyhow? https://petapixel.com/2024/03/25/15-photos-show-beautiful-simplicity-of-monochromatic-minimalism/
09:04 [/bb-atom] #photography ●
2024-03-25
RT joebeone:
This deepfake cryptography cipher suite tier debate between Trump, Obama, and Biden is totally NSFW and totally genius. Laughed. so. freaking. hard. https://securitycryptographywhatever.com/2024/03/23/tier-list/
2024-03-24
RT jfmblinux:
#Google announced that starting in June 2024, ad blockers such as uBlock Origin #uBO will be disabled in Chrome 127 and later with the rollout of Manifest V3 (#Mv3).
#ManifestV3 is deceitful and threatening to your privacy, and now is a good time to switch to #Firefox (@Mozilla@mamot.fr) (@mozilla@mozilla.social ) and/or #TorBrowser if you haven’t done so already!
| ̄ ̄ ̄ ̄ ̄ ̄ ̄ ̄ ̄ ̄|
| Install |
| firefox |
|__________|
(\__/) ||
(•ㅅ•) ||
/ づ
00:43 [/bb-atom] #google #ubo #mv3 #manifestv3 #firefox #torbrowser ●
2024-03-22
RT bagder:
The value of OSS today?
“from $1.22 billion to $6.22 billion if we were to decide as a society to recreate all widely used OSS on the supply side”
“from $2.59 trillion to $13.18 trillion, if each firm who used an OSS package had to recreate it from scratch”
“5% of programmers are responsible for more than 90% of the value created on the supply- and demand- side”
The report: https://papers.ssrn.com/sol3/papers.cfm?abstract_id=4693148
2024-03-21
2024-03-20
@chm Gibt es eine Möglichkeit, zu steuern, welche Posts in meinem RSS-Feed erscheinen? Ich sehe nur Original-Toots, nicht aber Replies und Boosts.
2024-03-16
Für Kurzentschlossene: Morgen ist Velobörse in Lyss: #fedibikes #velobörse #cycling #secondhand
00:46 [/bb-atom] #fedibikes #veloborse #cycling #secondhand ●