for everyone waxing poetic about the xz backdoor: please, please, _please_ remember that risk acceptance is as important to threat modeling as risk reduction / abatement
you’re not going to come up with a single, all-encompassing piece of security advice that works for everyone — security always is a balancing act between capability, risk, and potential outcomes
sometimes you legitimately have to accept that these kinds of things are possible and move on*
Kate Temkin /
npub1rp…gvera
2024-03-30 00:17:36
Author Public Key
npub1rp2htwusqkgmusgxlwqxkw0ts6uu0xs6hq28jdal4pt9wpa564cs4gveraPublished at
2024-03-30 00:17:36Event JSON
{
"id": "83731572cc33845fbd23960ed0b3aee1beb993b608378e9be2edc24eb2e36f5d",
"pubkey": "185575bb900591be4106fb806b39eb86b9c79a1ab8147937bfa8565707b4d571",
"created_at": 1711757856,
"kind": 1,
"tags": [
[
"proxy",
"https://chaos.social/users/ktemkin/statuses/112181762855420977",
"activitypub"
]
],
"content": "for everyone waxing poetic about the xz backdoor: please, please, _please_ remember that risk acceptance is as important to threat modeling as risk reduction / abatement\n\nyou’re not going to come up with a single, all-encompassing piece of security advice that works for everyone — security always is a balancing act between capability, risk, and potential outcomes\n\nsometimes you legitimately have to accept that these kinds of things are possible and move on*",
"sig": "80b0ad70683d87fc86fb45a2fd3f456e4b1888273773c589571618f6c83488f222e95f31e20863930fe61000980a9a9ad2d189c7f27b6dcb8c301773fe524a42"
}