“Many open-source software projects are governed via hierarchy; developers suggest changes to a program’s code, then more experienced developers have to review & approve the changes.
The attacker…spent several years slowly gaining the trust of other xz Utils developers and getting more control over the project, eventually becoming a maintainer, and finally inserting the code with the hidden backdoor earlier this year.”
https://www.nytimes.com/2024/04/03/technology/prevent-cyberattack-linux.html
Frank Pasquale /
npub19f…zglys
2024-04-05 02:01:00
Author Public Key
npub19ftlgt0nkkecezua58g5l6v7a8zne7g48krwmgya98llegf3gytqwzglysPublished at
2024-04-05 02:01:00Event JSON
{
"id": "16bad49064381ac50727cbaf0b5f9090bfea8061209dca77e1fb66ec40f73893",
"pubkey": "2a57f42df3b5b38c8b9da1d14fe99ee9c53cf9153d86eda09d29fffca1314116",
"created_at": 1712282460,
"kind": 1,
"tags": [
[
"proxy",
"https://mastodon.social/users/FrankPasquale/statuses/112216143328544888",
"activitypub"
]
],
"content": "“Many open-source software projects are governed via hierarchy; developers suggest changes to a program’s code, then more experienced developers have to review \u0026 approve the changes.\nThe attacker…spent several years slowly gaining the trust of other xz Utils developers and getting more control over the project, eventually becoming a maintainer, and finally inserting the code with the hidden backdoor earlier this year.”\nhttps://www.nytimes.com/2024/04/03/technology/prevent-cyberattack-linux.html",
"sig": "e30fefe3107234751e50387c75fed47291ec26109a5603550e79ac4c296506b4bd1155b69019d4736e9b694cde63295af50cd0057b4d733a8934a0fdb80ca250"
}