Brad & Will Made a Tech Pod.   /     230: Maybe Gentoo Was Right All Along

Summary

This week we attempt to unpack the recent, historic security breach in the open source world, after the discovery of a secret backdoor that was inserted by a malicious actor into the the xz-utils package, with a focus on which specific Linux distros were targeted and why, how the attacker socially engineered their way into the position of authority that made this possible, and what ought to be done to support developers of critical infrastructure to (hopefully) prevent this from happening again. Support the Pod! Contribute to the Tech Pod Patreon and get access to our booming Discord, a monthly bonus episode, your name in the credits, and other great benefits! You can support the show at: https://patreon.com/techpod

Subtitle
This week we attempt to unpack the recent, historic security breach in the open source world, after the discovery of a secret backdoor that was inserted by a malicious actor into the the xz-utils package, with a focus on which specific Linux distros wer
Duration
01:01:57
Publishing date
2024-04-14 19:39
Link
https://techpod.content.town/episodes/230-maybe-gentoo-was-right-all-along-_5QdCNIG
Contributors
  Brad Shoemaker, Will Smith
author  
Enclosures
https://cdn.simplecast.com/audio/e9903268-e1b8-4e8b-8cff-8b80ee6f43be/episodes/133d11a9-f6f5-4a6c-89ad-765061df2370/audio/7df9654b-2ba4-45dc-b6a5-4fd2214204d5/default_tc.mp3?aid=rss_feed&feed=qKIEAGzn
audio/mpeg

Shownotes

This week we attempt to unpack the recent, historic security breach in the open source world, after the discovery of a secret backdoor that was inserted by a malicious actor into the the xz-utils package, with a focus on which specific Linux distros were targeted and why, how the attacker socially engineered their way into the position of authority that made this possible, and what ought to be done to support developers of critical infrastructure to (hopefully) prevent this from happening again.

Show notes for this episode: https://tinyurl.com/techpod-230-xz-backdoor

Go watch Pirates of Silicon Valley for an upcoming episode where we'll discuss it: https://archive.org/details/piratesofsiliconvalley_201908

Support the Pod! Contribute to the Tech Pod Patreon and get access to our booming Discord, a monthly bonus episode, your name in the credits, and other great benefits! You can support the show at: https://patreon.com/techpod