Originally posted by HEL88
View Post
Announcement
Collapse
No announcement yet.
XZ Struck By Malicious Code That Could Allow Unauthorized Remote System Access
Collapse
X
-
Originally posted by LightBit View Post
Did I say that? I said we should assume all software potentialy contains backdoors.
And you yourself are unable to prove that the vulnerability in Linux is the result of coincidence and not intentional action (bacdoor embedding).
Comment
-
Originally posted by HEL88 View Post
But from Windows you demand proof of the lack of bacdoor.
And you yourself are unable to prove that the vulnerability in Linux is the result of coincidence and not intentional action (bacdoor embedding).
This can not be proven. Not for Windows, not for Linux.Last edited by LightBit; 30 March 2024, 09:14 AM.
- Likes 2
Comment
-
Lasse Collin seems to have started fixing stuff. It looks like there is/was more: https://git.tukaani.org/?p=xz.git;a=...cbe41b55823b00
- Likes 1
Comment
-
Originally posted by LightBit View Post
Well, avis is so agressive about Windows being free of backdoors and demanding proof of backdoor. That is why I said that. I expect, if someone makes such strong statements to provide proof instead of demanding proof he is wrong.
This can not be proven. Not for Windows, not for Linux.
Windows is choke full of backdoors made/enforced by NSA until people here cannot prove anything or even cite recent incidents of people getting hacked.
With literally tens of nations being the archenemies of the US why is it not happening? Why?
Myths, egregious lies, and conspiracies, that's why.
Comment
-
Originally posted by novideo View Post
Would my main PC with Devuan Ceres Xfce with runit instead of systemd be affected? Would this kind of exploit be possible without systemd?
Comment
-
Originally posted by avis View PostI've now offered three people on these forums to hack my patched Windows 10 installation. Unfortunately no one has replied/agreed. Maybe I should offer a reward, I don't know.
Comment
-
andyprough
I was talking about a standard base system and people here have endlessly claimed Windows is vulnerable/full of malware/backdoors out of the box.
No, I'm not installing anything just to compromise myself. Not a fan of rigging the game. With the same success you could have asked me to enable RDP, create an admin user and give you the credentials. I'm not so stupid.
- Likes 1
Comment
-
Originally posted by avis View Post
I've now offered three people on these forums to hack my patched Windows 10 installation. Unfortunately no one has replied/agreed. Maybe I should offer a reward, I don't know.
Windows is choke full of backdoors made/enforced by NSA until people here cannot prove anything or even cite recent incidents of people getting hacked.
With literally tens of nations being the archenemies of the US why is it not happening? Why?
Myths, egregious lies, and conspiracies, that's why.
So you are actually the same as those who claim Windows is full of backdoors. But you fail to see it, because you are so opinionated.Last edited by LightBit; 30 March 2024, 10:42 AM.
Comment
-
Originally posted by Amaranth View Post
Since no one got around to answering this through all the flamewars: the initial detection was loading the vulnerability via libsystemd (used for sd_notify) but sshd could end up being compromised via pam modules using libselinux as well. Not sure if this actually works, still too early to know all the details and I'm not willing to try it myself but based on the description of how the vulnerability gets itself in to sshd it should.
Comment
Comment