this post was submitted on 31 Mar 2024

452 points (98.3% liked)

Open Source

30587 readers

277 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Posts must be relevant to the open source ideology
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 5 years ago

MODERATORS

kevincox@lemmy.ml

CrypticCoffee@lemmy.ml

Lettuceeatlettuce@lemmy.ml

452

XZ Hack - "If this timeline is correct, it’s not the modus operandi of a hobbyist. [...] It wouldn’t be surprising if it was paid for by a state actor." (lcamtuf.substack.com)

submitted 6 months ago by Jennykichu@lemmy.dbzer0.com to c/opensource@lemmy.ml

71 comments fedilink hide all child comments

Thought this was a good read exploring some how the "how and why" including several apparent sock puppet accounts that convinced the original dev (Lasse Collin) to hand over the baton.

you are viewing a single comment's thread
view the rest of the comments

[–] RegalPotoo@lemmy.world 2 points 6 months ago

I'd be super surprised if this was western intelligence. Stuxnet escaping Natanz was an accident, and there is no way that an operation like this would get approved by the NSAs Vulnerabilities Equities Process.

My money would be MSS or GRU. Outside chance this is North Korean, but doesn't really feel like their MO