Oddbean new post about | logout
provoost | 7 months ago (raw) | root | parent | reply | flag +3 
 Impressive how this was caught within three weeks of the first malicious commit.
provoost | 7 months ago (raw) | root | parent | reply | flag +2 
 Which if true could mean that updating your system now might actually pull in the exploit, if this isn't shipped for the particular distro.
provoost | 7 months ago (raw) | root | parent | reply | flag +2 
 The github comments on the first commit say that this was a rogue maintainer who had behaved well for two years.
ARVIN | 7 months ago (raw) | root | parent | reply | flag 
 #roguemaintainers
https://m.primal.net/Hpgn.jpg
matt | 7 months ago (raw) | root | parent | reply | flag 
 Honestly that’s mostly cause the exploit was kinda shitty, though…
provoost | 7 months ago (raw) | root | parent | reply | flag +3 
 Don't tell their manager... two years of infiltration wasted, not good for promotion opportunities.
(Or staying alive, if this was North Korea)
mutatrum | 7 months ago (raw) | root | parent | reply | flag +2 
 *) by chance

Because it added a 0.4 second delay on ssh logins and someone decided to have a look.
mutatrum | 7 months ago (raw) | root | parent | reply | flag +1 
 nostr:nevent1qqs0rs88teu2e0zj5jdy70u49slyjdjp7sruh0mg8d8t7ly762uankqpzemhxue69uhhyetvv9ujuurjd9kkzmpwdejhgq3qhklphk7fkfdgmzwclkhshcdqmnvr0wkfdy04j7yjjqa9lhvxuflsxpqqqqqqzsv2c8c
mutatrum | 7 months ago (raw) | root | parent | reply | flag +1 
 He's on the bridge, btw

nostr:nevent1qqs0hf6sk2ggd2m5h00nkrwvy6dq20n3e7fa8jpz3cy4d94dj5cqjxqpzemhxue69uhhyetvv9ujuurjd9kkzmpwdejhgq3qly44p7gfxnqm237hpxc8dynusdz4jfvtqrh5nmgrwcrsxkmz5n6qxpqqqqqqzsmehtt
elsat | 7 months ago (raw) | root | parent | reply | flag 
 @AndresFreundTec well done, ser. 

You open to contributing to the FOSS nostr protocol?