The hot security topic, for those that are not total idiots, is the
XZ backdoor.

As it turns out, Gentoo Linux, although it is NOT affected due to its
rejection of standard systemd, was one of the first distros to report
some "funny stuff" happening:

https://bugs.gentoo.org/925415

Whoa ho! Read down the list of posts and you will find a post by
"Jia Tan," the supposed mastermind of the XZ backdoor.

This is interesting but totally irrelevant. As indicated, Gentoo,
because it rejects that piece-of-shit systemd as default, is totally
unaffected.

But distro lackeys, who likely use Ubuntu, Mint, Debian, or Fedora,
had better start shitting their pants. Their distros are targeted
by sophisticated hackers.

Brother, if you aren't using Gentoo Linux, then run, don't walk
to the nearest mental asylum.

Ha, ha, ha, ha, ha, ha, ha, ha, ha, ha, ha!

Farley Flud <ff@linux.rocks> wrote:

>But distro lackeys, who likely use Ubuntu, Mint, Debian, or Fedora,
>had better start shitting their pants. Their distros are targeted
>by sophisticated hackers.

I never had the SSH daemon running, anyway. And updates would correct
it. It's a dirty mark on the community, to be sure, but I'm still not
going back to M$.

--
Joel W. Crump

Amendment XIV
Section 1.

[...] No state shall make or enforce any law which shall
abridge the privileges or immunities of citizens of the
United States; nor shall any state deprive any person of
life, liberty, or property, without due process of law;
nor deny to any person within its jurisdiction the equal
protection of the laws.

Dobbs rewrites this, it is invalid precedent. States are
liable for denying needed abortions, e.g. TX.

On Mon, 08 Apr 2024 19:02:33 -0400, Joel wrote:

> I never had the SSH daemon running, anyway. And updates would correct
> it. It's a dirty mark on the community, to be sure, but I'm still not
> going back to M$.

I do have sshd up on the Fedora 39 box but it wasn't affected.

On 9 Apr 2024 00:09:59 GMT, rbowman wrote:

>
> I do have sshd up on the Fedora 39 box but it wasn't affected.
>

As analysis continues, many interesting aspects of the backdoor
behavior emerge.

For one thing, only dkpg (Debian, et.al.) or RPM (RedHat, et.al)
builds are allowed by the backdoor code. Otherwise it will exit
during build and not inject the backdoor.

Another thing, only if argv[0] = /usr/sbin/sshd will the backdoor
be activated. Thus, only sshd (at that location) is affected.
Anything other program that links to liblzma will NOT be affected.

These aspects, and much more, can be found here:

https://research.swtch.com/xz-script

https://www.wiz.io/blog/cve-2024-3094-critical-rce-vulnerability-found-in-xz-utils

I was hoping for a good technical discussion but that's not
possible on this group of fools.

Ha, ha, ha, ha, ha, ha, ha, ha!

On 4/9/2024 3:48 PM, Lameass Larry Piet wrote:

> On 9 Apr 2024 00:09:59 GMT, rbowman wrote:
>
>>
>> I do have sshd up on the Fedora 39 box but it wasn't affected.
>>
>
> As analysis continues, many interesting aspects of the backdoor
> behavior emerge.
>
> For one thing, only dkpg (Debian, et.al.) or RPM (RedHat, et.al)
> builds are allowed by the backdoor code. Otherwise it will exit
> during build and not inject the backdoor.
>
> Another thing, only if argv[0] = /usr/sbin/sshd will the backdoor
> be activated. Thus, only sshd (at that location) is affected.
> Anything other program that links to liblzma will NOT be affected.
>
> These aspects, and much more, can be found here:
>
> https://research.swtch.com/xz-script
>
> https://www.wiz.io/blog/cve-2024-3094-critical-rce-vulnerability-found-in-xz-utils
>
> I was hoping for a good technical discussion but that's not
> possible on this group of fools.
>
> Ha, ha, ha, ha, ha, ha, ha, ha!

Lucky the attentive Microsoft employee Andres Freund was taking notice.

Left to a lazy Linux configurator king like you, who blindly installs
every piece of FOSS (cr)app he can get his hands on and runs off to take
a crap every time his system is being updated, no vulnerabilities would
EVER be caught.

They could give you 3 lines of code and say "Which one of these is bad?"
and you would whine "I'm NOT a code monkey! I'm an INNOVATOR!" and run
away.

Fuckin' phony.

"Andres Freund exposed our reliance on insecure, volunteer-maintained tech"
https://www.theguardian.com/commentisfree/2024/apr/06/xz-utils-linux-malware-open-source-software-cyber-attack-andres-freund

Farley Flud wrote this copyrighted missive and expects royalties:

> I was hoping for a good technical discussion but that's not
> possible on this group of fools.
>
> Ha, ha, ha, ha, ha, ha, ha, ha!

You fool! Cackling like the Joker! :-D

--
You have Egyptian flu: you're going to be a mummy.

Le 08-04-2024, Farley Flud <ff@linux.rocks> a écrit :
> The hot security topic, for those that are not total idiots,

OK, so you aren't concerned. Good to know.

> is the XZ backdoor.

You improved: no mistake on those two letters this time.

> As it turns out, Gentoo Linux, although it is NOT affected due to its
> rejection of standard systemd,

Please. Don't be like -highhorse. Don't forgot the answers I gave you. I
already provided you links showing you can be affected even without
systemd.

> was one of the first distros to report
> some "funny stuff" happening:
>
> https://bugs.gentoo.org/925415
>
> Whoa ho! Read down the list of posts and you will find a post by
> "Jia Tan," the supposed mastermind of the XZ backdoor.

You should have read down a little bit further. When I read this message
I didn't understood how it was related with the back door. And at the
bottom, it's written: it's not related. You should try to understand
what you copy/past to avoid nullifying yourself your impressive
mediocrity.

> This is interesting but totally irrelevant. As indicated, Gentoo,
> because it rejects that piece-of-shit systemd as default, is totally
> unaffected.

As indicated, you are wrong. Once again. Gentoo is unaffected because it
downgraded the affected version.

> But distro lackeys, who likely use Ubuntu, Mint, Debian, or Fedora,
> had better start shitting their pants. Their distros are targeted
> by sophisticated hackers.

And once again you are wrong. It's impressive how you don't know
anything about the subjects you raise. The distros you named are
unaffected because they use older versions than the ones affected.

> Brother, if you aren't using Gentoo Linux, then run, don't walk
> to the nearest mental asylum.

Why? To see you there?

--
Si vous avez du temps à perdre :
https://scarpet42.gitlab.io

Le 09-04-2024, Farley Flud <ff@linux.rocks> a écrit :
>
> I was hoping for a good technical discussion but that's not
> possible on this group of fools.

The few messages you sent proved you are unable to have a good technical
discussion on the subject.

--
Si vous avez du temps à perdre :
https://scarpet42.gitlab.io

On 12 Apr 2024 20:25:31 GMT, Stéphane CARPENTIER wrote:

>
> Don't forgot the answers I gave you. I
> already provided you links showing you can be affected even without
> systemd.
>

Not true.

The backdoor becomes activated only during the execution in
which sshd, libsystemd, and liblzma are linked. In particular,
the argv[0] is checked to see if it is "/usr/bin/sshd." If it
is not then the backdoor does not activate.

Furthermore, sshd has to invoked and I never use sshd. Therefore,
I could be using 5.6.1 to compress/decompress and the backdoor
would just be dormant.

>>
>> https://bugs.gentoo.org/925415
>>
>
> You should have read down a little bit further. When I read this message
> I didn't understood how it was related with the back door. And at the
> bottom, it's written: it's not related.
>

Yes it is related.

The backdoor was first released with xz-utils 5.6.0, and this version
was causing segfaults due to code instrumentation when a profile build
was specified. "Jia Tan" actually fixes this bug, and another involving
valgrind issues, and then releases 5.6.1 with an "improved" backdoor.

It is related because the code changes accompanying the incorporation
of the backdoor were causing problems.