Jayson Salazar Rodriguez

Regarding the #XZ Utils #backdoor, some are looking for culpability in #FOSS, but a point we should echo louder is that although FOSS _might_ have delivered on its weaknesses it also, and most importantly, delivered on its strengths.

Yes, there was an element of luck in the discovery of #CVE-20240-3094, but it is undeniable source code availability and other FOSS customs tipped the scale in the community’s favor. 

I've put some of my thoughts on this matter over at https://jdsalaro.com/note/xz-liblzma-linux-backdoor-foss-pitfalls-strengths

🚨 On the XZ Utils Backdoor (CVE-2024-3094): FOSS Delivered on its Pitfalls and Strengths

The newly discovered backdoor 1 in the XZ Utils...

Jayson Salazar Rodriguez | @jdsalaro | Blog
Apr 2, 2024 at 2:07amMastodon for Android
Show threaduncomfyApr 2, 2024
@jdsalaro pls remove the `.html` extension. gives me a 404 xD
Show threadJayson Salazar RodriguezApr 2, 2024

@uncomfyhalomacro πŸ‘€, there's no html extension at the end πŸ€”

Can you share how you are trying to access it?

Show threaduncomfyApr 2, 2024
@jdsalaro It's weird haha. it shows here so when i opened, it does have an `html` extension xD
Show threadJayson Salazar RodriguezApr 2, 2024

@uncomfyhalomacro weird!

Let's try again! πŸ˜…πŸ‘‡

https://jdsalaro.com/note/xz-liblzma-linux-backdoor-foss-pitfalls-strengths

🚨 On the XZ Utils Backdoor (CVE-2024-3094): FOSS Delivered on its Pitfalls and Strengths

The newly discovered backdoor 1 in the XZ Utils...

Jayson Salazar Rodriguez | @jdsalaro | Blog
Show threaduncomfyApr 2, 2024

@jdsalaro i wonder if this is a firefox bug or whatever, this happens on desktop. safari on my iOS just opens it just fine.

EDIT: just tried with chromium desktop. it opens just fine. LMAO

Show threadJayson Salazar RodriguezApr 2, 2024
@uncomfyhalomacro we'll have to troubleshoot it seems :D