• knorke3@lemm.ee
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      don’t forget the ones we got paid for very well and the ones we introduced to not go to prison

    • LazaroFilm@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      And the ones you leave for yourself to check during development and forgotten to close before release.

      • redcalcium@lemmy.institute
        link
        fedilink
        arrow-up
        1
        ·
        1 year ago

        This is why you should secure your own bureaucracy-bypassing backdoor with a long ass key (bonus point if you use pki instead of a simple static key).

    • magic_lobster_party@kbin.run
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      The only reason why xz got exposed was because someone noticed SSH was a bit slower and decided to take it to their own hands to investigate. It’s possible this backdoor would go unnoticed for far longer if the attacker didn’t make this slight oversight.

      So it might be that there have been other, successful attacks before. It’s just that this one is the one that got exposed.