TL;DW:
A video by Veritasium about how a single dependency (.xz) was momentarily compromised leading to the compromise of OpenSSH (which uses .xz as a dependency), which ultimately would have spelled out a master key access to Linux systems across the world.
Really cool how they explain and visualize LZ, Deflate, LZMA and RSA.
Shout-out to all the Open Source contributors out there! And a reminder to others to show your appreciation to those who dedicate time and resources to projects that often go unappreciated or for granted.
I love that no one would have caught the backdoor except some rando M$ employee noticed a half second delay in his connection during testing.
Makes you wonder how many backdoors (obfuscated and well hidden) have remained intact over the years.
Poor Tux. Abused as a symbol for anything that is somehow related to Linux or even open source.
deleted by creator
