XZ Exploit Discussion

This episode really highlights the danger of contributor burnout and overload. But it also shows that we're not very good as an industry at sustaining work. Today we dissect what the XZ SSH intrusion attack is, how it happened, what the social engineering was, and the pressure that involved to make that happen. Transcript: https://otter.ai/u/kRqADDwa6DmoZcnQEmqQD1UaxZ8?utm_source=copy_url References https://www.openwall.com/lists/oss-security/2024/03/29/4 https://news.ycombinator.com/item?id=39865810 https://arstechnica.com/security/2024/04/what-we-know-about-the-xz-utils-backdoor-that-almost-infected-the-world/