I don’t agree with all the doom saying about XZ incident.
You just know orgs are going to return after Easter and panic about it unnecessarily (they’re likely still on Redhat 6). It doesn’t impact them as it was caught super early.
Regarding the narrative that there’s nothing that can be done about these type of attacks - I also don’t agree. There’s already a change in the pipeline to systemd which would have prevented it.
The thing needs rational, calm reaction and response.
Before anybody points it out, I know I am in the wrong industry if I want rational calm response - LinkedIn in still full of people saying the boat got ‘cyber attacked’, and governments are busy trying to solve supply chain risks by banning HUAWEI.
The industry is basically powered by people running into a crowded theatre and shouting CYBER. Then when people point out there’s no cyber, they’re like ‘yes.. but there COULD be cyber’. Thanks, very helpful.
@GossiTheDog it was depressing watching some people on the XZ IRC the 36ish hours I was lurking.
You had a small group of people trying to get hold of Lasse Collin, and get an FAQ and write-up done. A few trying to analyse the vuln.
And then people just joining to wildly speculate and draw insane conclusions like claiming Jia Tan means Come Home or some shit like that.
And then also another handful that kept trying to impersonate Jia Tan.
@womble @campuscodi @GossiTheDog they were just trying to be disruptive.
They'd join, /nick and then survive with the jiatan nick for 30 seconds and then get force changed.
These were all people super late to the party.
And it fed the morons in the wild speculation group as they'd find people who'd previously been known as jiatan and start a witch hunt.
Just a group of real special people.
Kevin Beaumont
0x6B757261
Matt Palmer