WingNews logo WingNews
top | item 45639848

(no title)

schuyler2d | 4 months ago

Well, xz is a rare event too.

There's no knowing how many backdoors were added by small network companies or contractors. But there's rarely accountability when it happens because the company would rather cover it up, or just not ask too many questions about that weird bug

discuss

order

jiggawatts|4 months ago

> xz is a rare event too.

The discovery of the hack is rare, sure. Once a decade kind of thing.

The implication is that Jia Tan is a professional, and XZ was one of many irons on the fire.

Don’t be like Trump!

Don’t confuse positive tests with cases!

Jia Tan surely had many other attacks going.

Surely he’s not the only one.

Famously, there are two kinds of large organisations: those that have been hacked, and those that don’t yet know they’ve been hacked.

The open source community was the latter.

Now they’re the former.

Some of you all are still playing catch up.

array_key_first|4 months ago

The main difference is that closed source software is not auditable, so when it is compromised you don't know.

It's safe to assume pretty much all the firmware you're running is vulnerable. It doesn't matter though, because you cannot find out.

The attackers can. You can't. And that's why we still have botnets.