))
The XZ exploit: The day the internet got lucky
Manage episode 431027519 series 2980399
Content provided by Privacy International. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Privacy International or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
This week we're talking about a backdoor inserted into a popular Linux file compression tool, which had the potential to massively undermine the security of vast swathes of the internet. What happened? How did it happen? And how was it thwarted?
Links
- Andres Freund's Mastodon - where he revealed the backdoor: https://mastodon.social/@AndresFreundTec
- Read more in Ars Technica's article about it: https://arstechnica.com/security/2024/03/backdoor-found-in-widely-used-linux-utility-breaks-encrypted-ssh-connections/ - Read more in the verge's article about it https://www.theverge.com/2024/4/2/24119342/xz-utils-linux-backdoor-attempt
- Read more in Wired's article about it https://www.wired.com/story/jia-tan-xz-backdoor/ - Check out this excellent and very helpful diagram: https://twitter.com/fr0gger_/status/1775759514249445565 - The XKCD comic we mention: https://xkcd.com/538/
81 episodes
Share
