this post was submitted on 16 Jan 2025
406 points (95.5% liked)

Memes

46116 readers
1945 users here now

Rules:

  1. Be civil and nice.
  2. Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.

founded 5 years ago
MODERATORS
gary_host_laptop@lemmy.ml
sexy_peach@feddit.de
cyclohexane@lemmy.ml
cypherpunks@lemmy.ml
406
The glass is NOT half full (libranet.de)
submitted 2 days ago by fu@libranet.de to c/memes@lemmy.ml
43 comments fedilink hide all child comments
 

you are viewing a single comment's thread
view the rest of the comments
[–] ravermeister@lemmy.rimkus.it 3 points 21 hours ago (1 children)

Is there an article about that, I would like to read some more about this topic😊

[–] AnnaFrankfurter@lemmy.ml 2 points 17 hours ago* (last edited 17 hours ago) (1 children)

This is the original email by the person who discovered this backdoor. But if you want you can search for xz backdoor and you'll find a lot more articles which explain timelines and other things. https://www.openwall.com/lists/oss-security/2024/03/29/4

 == Observing Impact on openssh server ==

With the backdoored liblzma installed, logins via ssh become a lot slower.

time ssh nonexistant@...alhost

before:
nonexistant@...alhost: Permission denied (publickey).

before:
real	0m0.299s
user	0m0.202s
sys	0m0.006s

after:
nonexistant@...alhost: Permission denied (publickey).

real	0m0.807s
user	0m0.202s
sys	0m0.006s

That's a 500ms or 0.5s difference

[–] ravermeister@lemmy.rimkus.it 2 points 7 hours ago

Thanks πŸ™πŸ‘ŒβœŒοΈ