MadHatJan 1, 2023
Alex Coventry

Compromised PyTorch-nightly dependency chain between December 25th and December 30th, 2022.

Steals all your SSH keys!

"If you installed PyTorch-nightly on Linux via pip between December 25, 2022 and December 30, 2022, please uninstall it and torchtriton immediately, and use the latest nightly binaries (newer than Dec 30th 2022)."

#infosec #machinelearning #deeplearning

https://pytorch.org/blog/compromised-nightly-dependency/

https://news.ycombinator.com/item?id=34202836

Compromised PyTorch-nightly dependency chain between December 25th and December 30th, 2022. – PyTorch

Jan 1, 2023 at 3:04amWeb
Show threadjeraldina☁️Jan 1, 2023
@alx The character eating cake is pytorch users.
Show threadJasper πŸ‰Jan 1, 2023

@alx yeah you should bubblewrap/firejail your stuff..

Really need better packaging systems that also state what files/etc they need so they can be limited to that. (Or at least attempted to be limited to that...)

Show threadzevJan 1, 2023
@djm @[email protected] Seems odd to me that the remediation instructions say to uninstall/update the compromised packages, but make no mention of rotating your SSH keys. Wouldn't that also be...maybe a little bit important?
Show threadAdrian MaceJan 1, 2023
@alx jokes on them; I don’t have any SSH keys! https://github.com/maxgoedjen/secretive
GitHub - maxgoedjen/secretive: Protect your SSH keys with your Mac's Secure Enclave

Protect your SSH keys with your Mac's Secure Enclave - maxgoedjen/secretive

GitHub
Show threadfuomag9Jan 1, 2023
@adrian @alx this is amazing! 
Show threadEugeneJan 1, 2023

@alx why is extra index and global index behavior so unintuitive?

https://stackoverflow.com/questions/67253141/python-pip-priority-order-with-index-url-and-extra-index-url

python pip priority order with index-url and extra-index-url

I searched a bit but could not find a clear answer. The goal is, to have two pip indexes, one is a private index, that will be a first priority. And one is the standard PyPI. The priority is there to

Stack Overflow
Show threadCameron PurdyJan 1, 2023
@alx Wow, that seems serious.
Show threadRudiJan 1, 2023
@alx does anyone know if this works when your SSH key is stored on a #hardwaretoken like #Yubikey ? This sounds like a good use case of short-lived SSH certificates as well
Show threadAlex CoventryJan 1, 2023
@rudi I'm pretty sure this just took them from the filesystem. Keys on a yubikey ought to be safe.