this post was submitted on 31 Mar 2024
0 points (NaN% liked)

Open Source

31031 readers
612 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 5 years ago
MODERATORS
Cloak@lemmy.ml
kevincox@lemmy.ml
CrypticCoffee@lemmy.ml
Lettuceeatlettuce@lemmy.ml
0
Inside the failed attempt to backdoor SSH globally - that got caught by chance - Kevin Beaumont (doublepulsar.com)
submitted 7 months ago by lemmyreader@lemmy.ml to c/opensource@lemmy.ml
5 comments fedilink hide all child comments
top 5 comments
sorted by: hot top controversial new old
[–] Wes_Dev@lemmy.ml 1 points 7 months ago

Let's keep in mind that if this is a state actor or some sort of global organized crime, then they don't put all their eggs into one basket. If that's the case, they're going to have a bunch of other plans and backdoor attempts ongoing. This isn't the end and we can assume there's something else somewhere that went unnoticed.

Security is a constantly changing war of attrition, not a goal/product/configuration.

[–] BestBouclettes@jlai.lu 0 points 7 months ago (1 children)

If anything it highlights how great open source actually is when it comes to security. People saw it and immediately flagged it.

[–] ChannelSix@aussie.zone 0 points 7 months ago (1 children)

Dude, the issue was found purely by coincidence, it very nearly made it through

[–] hitmyspot@aussie.zone 0 points 7 months ago (1 children)

Yes, but it didn’t. Has it made it through on closed software? Who knows?

[–] ErilElidor@feddit.de 0 points 7 months ago

My takeaway is more like: This one almost made it through and was caught by accident. How much more backdoors actually were not caught and made it through? I would bet some money on it being more than 0 :(