this post was submitted on 16 Jan 2025
418 points (95.6% liked)

Memes

46382 readers
2131 users here now

Rules:

  1. Be civil and nice.
  2. Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.

founded 5 years ago
MODERATORS
gary_host_laptop@lemmy.ml
sexy_peach@feddit.de
cyclohexane@lemmy.ml
cypherpunks@lemmy.ml
418
The glass is NOT half full (libranet.de)
submitted 2 weeks ago by fu@libranet.de to c/memes@lemmy.ml
43 comments fedilink hide all child comments
 

you are viewing a single comment's thread
view the rest of the comments
[–] ravermeister@lemmy.rimkus.it 3 points 1 week ago (1 children)

Is there an article about that, I would like to read some more about this topic😊

[–] AnnaFrankfurter@lemmy.ml 2 points 1 week ago* (last edited 1 week ago) (1 children)

This is the original email by the person who discovered this backdoor. But if you want you can search for xz backdoor and you'll find a lot more articles which explain timelines and other things. https://www.openwall.com/lists/oss-security/2024/03/29/4

 == Observing Impact on openssh server ==

With the backdoored liblzma installed, logins via ssh become a lot slower.

time ssh nonexistant@...alhost

before:
nonexistant@...alhost: Permission denied (publickey).

before:
real	0m0.299s
user	0m0.202s
sys	0m0.006s

after:
nonexistant@...alhost: Permission denied (publickey).

real	0m0.807s
user	0m0.202s
sys	0m0.006s

That's a 500ms or 0.5s difference

[–] ravermeister@lemmy.rimkus.it 2 points 1 week ago

Thanks πŸ™πŸ‘ŒβœŒοΈ