July 27, 2024

The XZ exploit: The day the internet got lucky

Listen Later

54 minutes

This week we're talking about a backdoor inserted into a popular Linux file compression tool, which had the potential to massively undermine the security of vast swathes of the internet. What happened? How did it happen? And how was it thwarted?

Links

- Andres Freund's Mastodon - where he revealed the backdoor: https://mastodon.social/@AndresFreundTec

- Read more in Ars Technica's article about it: https://arstechnica.com/security/2024/03/backdoor-found-in-widely-used-linux-utility-breaks-encrypted-ssh-connections/

- Read more in the verge's article about it https://www.theverge.com/2024/4/2/24119342/xz-utils-linux-backdoor-attempt
- Read more in Wired's article about it https://www.wired.com/story/jia-tan-xz-backdoor/

- Check out this excellent and very helpful diagram: https://twitter.com/fr0gger_/status/1775759514249445565

- The XKCD comic we mention: https://xkcd.com/538/

...more

View all episodes

View all episodes

Download on the App Store

Download on the App Store

Get it on Google Play

Technology Pill

By Privacy International

5

11 ratings

July 27, 2024

The XZ exploit: The day the internet got lucky

Listen Later

54 minutes

This week we're talking about a backdoor inserted into a popular Linux file compression tool, which had the potential to massively undermine the security of vast swathes of the internet. What happened? How did it happen? And how was it thwarted?

Links

- Andres Freund's Mastodon - where he revealed the backdoor: https://mastodon.social/@AndresFreundTec

- Read more in Ars Technica's article about it: https://arstechnica.com/security/2024/03/backdoor-found-in-widely-used-linux-utility-breaks-encrypted-ssh-connections/

- Read more in the verge's article about it https://www.theverge.com/2024/4/2/24119342/xz-utils-linux-backdoor-attempt
- Read more in Wired's article about it https://www.wired.com/story/jia-tan-xz-backdoor/

- Check out this excellent and very helpful diagram: https://twitter.com/fr0gger_/status/1775759514249445565

- The XKCD comic we mention: https://xkcd.com/538/

...more

More shows like Technology Pill

Security Now (Audio) by TWiT

Security Now (Audio)

1,979 Listeners

Radiolab by WNYC Studios

Radiolab

43,967 Listeners

This American Life by This American Life

This American Life

90,911 Listeners

99% Invisible by Roman Mars

99% Invisible

26,159 Listeners

Darknet Diaries by Jack Rhysider

Darknet Diaries

7,879 Listeners

The Indicator from Planet Money by NPR

The Indicator from Planet Money

9,568 Listeners

Random but Memorable by 1Password

Random but Memorable

70 Listeners

James O'Brien - The Whole Show by Global

James O'Brien - The Whole Show

232 Listeners

Surveillance Report by Techlore & The New Oil

Surveillance Report

96 Listeners

The Weekly Show with Jon Stewart by Comedy Central

The Weekly Show with Jon Stewart

10,556 Listeners

The Rest Is Politics by Goalhanger

The Rest Is Politics

3,276 Listeners

The Rest Is Politics: Leading by Goalhanger

The Rest Is Politics: Leading

988 Listeners

The 404 Media Podcast by 404 Media

The 404 Media Podcast

315 Listeners