Tim Bray  

1/2 If you don’t want to read about the #xz backdoor-related stuff I advise muting the hashtag because a *lot* of people across the geek spectrum find this whole thing fascinating and very educational.

My latest educational read has been the discussion over in the Debian world at bugs.debian.org/cgi-bin/bugrep which makes me happy about my long-term policy of running things on Debian Stable except where proved impossible.

Also…

1
Tim Bray  

2/2 … raises the possibility that the attacker may have left some tiny little buffer-overflow or suchlike exploit hidden behind the big obvious backdoor hack. *shudder*

Show thread
1+
crater🐮n  

@timbray Seems like there's a small contingent suggesting moving away from xz entirely. Is something being seriously considered?

1
Hans-Christoph Steiner
Follow

@cratermoon @timbray sounds worthwhile to me, there are so many compression libs out there

· Web · 0 · 0 · 0
Sign in to participate in the conversation
Librem Social

Librem Social is an opt-in public network. Messages are shared under Creative Commons BY-SA 4.0 license terms. Policy.

Stay safe. Please abide by our code of conduct.

(Source code)

image/svg+xml Librem Chat image/svg+xml