this post was submitted on 02 Apr 2024
456 points (94.4% liked)

Programmer Humor

32718 readers
107 users here now

Post funny things about programming here! (Or just rant about your favourite programming language.)

Rules:

founded 5 years ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] magic_lobster_party@kbin.run 66 points 8 months ago* (last edited 8 months ago) (2 children)

The only reason why xz got exposed was because someone noticed SSH was a bit slower and decided to take it to their own hands to investigate. It’s possible this backdoor would go unnoticed for far longer if the attacker didn’t make this slight oversight.

So it might be that there have been other, successful attacks before. It’s just that this one is the one that got exposed.

[–] scarilog@lemmy.world 66 points 8 months ago (1 children)

Slower as in 500ms slower iirc.

Linux users when bloat

[–] imnotfromkaliningrad@lemmy.ml 52 points 8 months ago (1 children)

tbh given the context 500ms is a lot.

[–] nickwitha_k@lemmy.sdf.org 19 points 8 months ago (1 children)

Yeah. 500ms for ssh feels like an eternity.

[–] LostXOR@fedia.io 7 points 8 months ago

SSHing into my less powerful machines takes a good few seconds, so I'm not sure if I'd notice an extra 500ms. For the more powerful ones that are basically instant it would be much more noticeable.