Inside the failed attempt to backdoor SSH globally - that got caught by chance - Kevin Beaumont
Inside the failed attempt to backdoor SSH globally - that got caught by chance - Kevin Beaumont
Let's keep in mind that if this is a state actor or some sort of global organized crime, then they don't put all their eggs into one basket. If that's the case, they're going to have a bunch of other plans and backdoor attempts ongoing. This isn't the end and we can assume there's something else somewhere that went unnoticed.
Security is a constantly changing war of attrition, not a goal/product/configuration.
102If anything it highlights how great open source actually is when it comes to security. People saw it and immediately flagged it.
35Dude, the issue was found purely by coincidence, it very nearly made it through
21
Lost me at suggesting that we run EDR on prod Linux servers.
Literally installing a backdoor intentionally..wow
21Smug users who don't run systemd be like...
15Laughs in Alpine
8How does systemd solve this?
2The exploit only happens in systemd
7
What a dick. I couldn't imagine spending that much time contributing to a project so I could introduce security vulnerabilities.
If this is one individual, and not a nation state, somebody needs to make some friends and pick up some hobbies.
10I think its more likely someone spent this time contributing to the project specifically to exploit it
18Yeah, I got that. I'm saying they need to make some friends and get some hobbies if they aren't being funded by a state.
3
Wish I could be a fly on the walk when the bad actor realized years of work has just gone down the drain
9Probably fear, then subsequently followed by their brains next to you on said wall. Whichever government paid for a multi-year campaign to backdoor enterprise Linux distributions is not going to be happy about this failure.
7
globally
Meanwhile, no enterprise Linux or hypervisor got nabbed; nor could it.
But, carry on.
2