Announcement

Collapse
No announcement yet.

XZ Struck By Malicious Code That Could Allow Unauthorized Remote System Access

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • lateo
    replied
    Originally posted by avis View Post

    The word "English" is always capitalized, and I know that despite not being a native English speaker. So, something might be lacking on your side, sir.

    Logic and common sense are normally based on solid evidence and you've failed to provide any. Not a single citation. I have to take your word for it. Nope.

    People here have been claiming "Windows is spyware". They are talking about right effing now, not your insinuations about past "events" and "revelations". Those are largely or completely irrelevant even if they were true. The onus of proving this is on you since you decided to show off.

    Have a nice day.

    P.S. Here's a nice bit of trivia about me: at university I aced the following subjects: logic, philosophy, rhetoric and psychology. BS'ing, even if everyone in the class is pushing it, including the professor, doesn't work on me. And, oh boy, I caught my professors being wrong on multiple occasions. Even if the entire Linux community is BS'ing itself and others about the virtues of Linux and ostensible Windows faults will also not work with me. I'm allergic to BS. Windows is not perfect, but Linux is even worse than Windows. Linux's biggest virtue is the fact that it's Open Source. Anyone (with time, will, determination and qualifications) can hack it. That's about it.
    I liked your post for the fun provided.

    Have a nice life, wherever it's happening.

    Leave a comment:


  • avis
    replied
    Originally posted by lateo View Post

    I wonder which is lacking, my english or your understanding ?
    - is there, yes or no, some history of windows being voluntarily vulnerable that some US agencies have an edge over other countries ?
    - is there, yes or no, a history of NSA voluntarily weakening some crypto algos so that they can pown them at will the easy way ?
    - do US laws, yes or no, make it so that corps have to obey agencies and can't even talk about what was asked specifically ?
    - was there, yes or no, pressure against kernel devs to let some vulnerabilities pass in the last years ?
    - given the previous points, are there, yes or no, some strong reasons to think that all and every operating system largely used is somewhat compromised ?

    It's so obvious I wonder why you can't help but continue arguing against common sense.
    The word "English" is always capitalized, and I know that despite not being a native English speaker. So, something might be lacking on your side, sir.

    Logic and common sense are normally based on solid evidence and you've failed to provide any. Not a single citation. I have to take your word for it. Nope.

    People here have been claiming "Windows is spyware". They are talking about right effing now, not your insinuations about past "events" and "revelations". Those are largely or completely irrelevant even if they were true. The onus of proving this is on you since you decided to show off.

    Have a nice day.

    P.S. Here's a nice bit of trivia about me: at university I aced the following subjects: logic, philosophy, rhetoric and psychology. BS'ing, even if everyone in the class was pushing it, including the professor, that didn't work on me. And, oh boy, I caught my professors being wrong on multiple occasions. Even if the entire Linux community is BS'ing itself and others about the virtues of Linux and ostensible Windows faults will also not work with me. I'm allergic to BS. Windows is not perfect, but Linux is not perfect either. Far from it. Linux's biggest virtue is the fact that it's Open Source. Anyone (with time, will, determination and qualifications) can hack it. That's about it.
    Last edited by avis; 02 April 2024, 03:16 PM.

    Leave a comment:


  • lateo
    replied
    Originally posted by avis View Post

    Somewhat valid? And no examples again? Thanks for confirming the last sentence for the Nth time.

    In the meantime I don't understand why the "Windows is full of backdoors" mythology is so close to Linux fans. I guess with the amount of time you've wasted tinkering with Linux to get it to work, you need some internal justification. That'll work, right. Just try to be I don't know be honest with yourself, will you? I guess not.
    I wonder which is lacking, my english or your understanding ?
    - is there, yes or no, some history of windows being voluntarily vulnerable that some US agencies have an edge over other countries ?
    - is there, yes or no, a history of NSA voluntarily weakening some crypto algos so that they can pown them at will the easy way ?
    - do US laws, yes or no, make it so that corps have to obey agencies and can't even talk about what was asked specifically ?
    - was there, yes or no, pressure against kernel devs to let some vulnerabilities pass in the last years ?
    - given the previous points, are there, yes or no, some strong reasons to think that all and every operating system largely used is somewhat compromised ?

    It's so obvious I wonder why you can't help but continue arguing against common sense.

    Leave a comment:


  • qarium
    replied
    Originally posted by avis View Post
    Somewhat valid? And no examples again? Thanks for confirming the last sentence for the Nth time.
    In the meantime I don't understand why the "Windows is full of backdoors" mythology is so close to Linux fans. I guess with the amount of time you've wasted tinkering with Linux to get it to work, you need some internal justification. That'll work, right. Just try to be I don't know be honest with yourself, will you? I guess not.
    install W10Privacy and you can see that windows itself is the backdoor.

    Leave a comment:


  • qarium
    replied
    Originally posted by HEL88 View Post
    All my life I have not met a professional linux developer (only hobbyists).
    But I know that there is a company nearby where they develop embeded systems based on linux so I know where to meet them besides the forum .
    first you claim you have never met a professional linux developer then you say the professional linux developers are nearby ...

    well...

    Leave a comment:


  • qarium
    replied
    Originally posted by darkoverlordofdata View Post
    I find it a bit ironic that this was discovered by Microsoft. The fact is, this was a malicious and intentional backdoor, and it sailed past all the vaunted Linux bureaucracy and its many eyes.
    This is an organizational issue. This was accomplished by social engineering, by another oss team that were bad actors. And now I’m supposed to continue trusting open source? And not trust Microsoft? Right.
    This definitely informs me that my recent decision to stop using linux (after 15 years) was the correct one.
    yet another sock puppet of avis/birdie/sophisticles ?

    it was not discovered by microsoft it was discovered by a person who also work for microsoft thats a big difference he does not represent microsoft.

    "it sailed past all the vaunted Linux bureaucracy and its many eyes."

    thats wrong it did not reach any stable or release of any major linux distro like ubuntu or fedora or debian... the only people who really where hit where the rolling release distros

    but its not news that rolling release distros are really dangerous.

    "This definitely informs me that my recent decision to stop using linux (after 15 years) was the correct one"



    your psychological operation will not work here

    Leave a comment:


  • qarium
    replied
    Originally posted by spicfoo View Post
    You appear to be posting a correction but you are in fact 100% agreeing with me. I already noted that Fedora 40 has an update (it appears the package maintainer made some changes that accidentally broke the exploit but it would be wise to update anyway) and that there is no separate Fedora 41 update. I am not sure what confused you there.
    looks like the key maintainers and developers of debian and fedora where informed in a sting operation and they did make sure the xz exploid does not land in a functional state.


    Leave a comment:


  • Keats
    replied
    Originally posted by avis View Post

    By the same token you can make an argument that Google/Apple/MS distribute malware via their App Stores. No, that's not what I meant and if I didn't make myself clear at first, I'll make it clear now: I only meant software which is developed, distributed publicly and signed by these three companies.

    "Distributed publicly" is also quite important. I can imagine all three companies have security researchers/engineers who have written exploits/malware/viruses just for fun and for testing purposes.



    Here's the full story: https://grahamcluley.com/microsoft-stab-macro-viruses/ https://www.cnet.com/deals/the-88-be...ill-remaining/

    Not really malware, more like a stupid joke perhaps from someone who was heavily reprimanded. I'm still thankful you've unearthed it as I never knew about it. It was back from the time when the Internet wasn't yet a thing.

    Here we are talking about a freaking backdoor to access a system remotely.
    Then you should have said so in the first place instead of moving goalposts and generally acting like a troll.

    Leave a comment:


  • avis
    replied
    Originally posted by lateo View Post

    When you know the history of the product and the current Us laws, why wouldn't you be wary of it especially if you're not a US citizen/corp/gov ?
    When you know that linux dev were put under pressure to look somewhere else and let some shitty stuff go into the kernel, why wouldn't you assume that a billions dollars company wouldn't be subject to such pressures ?

    Your points are somewhat valid, but man... I don't do unicorns.
    Somewhat valid? And no examples again? Thanks for confirming the last sentence for the Nth time.

    In the meantime I don't understand why the "Windows is full of backdoors" mythology is so close to Linux fans. I guess with the amount of time you've wasted tinkering with Linux to get it to work, you need some internal justification. That'll work, right. Just try to be I don't know be honest with yourself, will you? I guess not.

    Leave a comment:


  • HEL88
    replied
    Originally posted by F.Ultra View Post

    That's news to me, we hire several Linux developers (and I'm one of them) and none of us have any prior macOS experience.
    All my life I have not met a professional linux developer (only hobbyists).

    But I know that there is a company nearby where they develop embeded systems based on linux so I know where to meet them besides the forum .

    Leave a comment:

Working...
X