XZ Backdoor is NOT that bad!

preview_player
Показать описание
Who was affected by the XZ Backdoor? MOST of the Linux community wasn't... Let me explain.

  1. Chris Titus Tech
  2. chris titus tech
Рекомендации по теме
XZ Backdoor is 0:08:39

XZ Backdoor is NOT that bad!

The XZ Backdoor 0:11:55

The XZ Backdoor Almost Compromised Every Linux System

Linux got wrecked 0:04:32

Linux got wrecked by backdoor attack

Die BACKDOOR in 0:29:39

Die BACKDOOR in XZ Utils: Der SCHLIMMSTE ANGRIFF dieses Jahr

revealing the features 0:09:29

revealing the features of the XZ backdoor

The Amazingly Scary 0:31:59

The Amazingly Scary XZ SSHD Backdoor

XZ Backdoor: Timeline 0:10:31

XZ Backdoor: Timeline and Overview

The XZ Linux 0:15:07

The XZ Linux Backdoor Is Incredibly BAD!!

secret backdoor found 0:08:28

secret backdoor found in open source software (xz situation breakdown)

Linux Backdoor Found 0:02:00

Linux Backdoor Found in XZ Utils Used by Most Distros | Are You Affected?

Why Linus Torvalds 0:02:43

Why Linus Torvalds doesn't use Ubuntu or Debian

Understanding the Linux 0:10:07

Understanding the Linux Backdoor: Implications for Open Source [When Penguins Cry]

Lessons Learned From 0:13:28

Lessons Learned From the xz Backdoor

XZ Utils Backdoor 0:09:56

XZ Utils Backdoor Explained: How to Mitigate Risks | John Has Trust Issues

Unraveling the XZ 0:27:30

Unraveling the XZ Backdoor Situation: A Cybersecurity Breakdown

3 Things We 0:12:44

3 Things We Still Don't Know About the XZ Backdoor

XZ Utils backdoor 0:00:32

XZ Utils backdoor explained: Exploiting Vulnerabilities with Social Engineering #shorts

OpenSSH backdoor'ed via 0:45:32

OpenSSH backdoor'ed via XZ & Systemd on RedHat & Debian systemd: multi-year effort by s...

Every Linux Distro 0:19:55

Every Linux Distro Must Learn From XZ Backdoor

XZ-tool backdoor traced 0:03:39

XZ-tool backdoor traced using uftrace, Visualized in Trace Compass

📰 Linux XZ 0:22:38

📰 Linux XZ Utils Backdoor Attribution Analysis

The XZ Backdoor: 0:02:52

The XZ Backdoor: A Linux Vulnerability Exposed by Kim's Workspace

CROC Talks - 0:12:58

CROC Talks - XZ Utils backdoor explained

The XZ backdoor 0:30:27

The XZ backdoor - what, why, and how? - EMF2024

Комментарии
Автор

Key Takeaways:
1. Arch Users were never affected (SSHD isn't linked to Liblzma)
2. Do not expose port 22 (Its bad security practice and ALL Linux servers I've setup never expose this port externally through WAN)
3. This was bad, but lets not pretend that every Linux user was about to get hacked. It was NOT that!

ChrisTitusTech
Автор

It's the fact that it "could've been" one of the most horrifying backdoors so far. Yes, thanks to that random dude it never went to production.

_modiX
Автор

It's not so much the impact of this exploit, it's how it made it's way in. It raises the question: are there any other current undetected exploits? If it weren't for this Microsoft guy finding it, then we would be none the wiser. Linux users' main pitch seems to be "muh open source I can't get exploited" and assume that absolutely everything is vetted properly. Don't get me wrong, open-source is still king, it's just that the community and maintainers need to be EXTRA vigilant.

JoeBloggs
Автор

I think the concern is the implication of the potential other unknown vulnerabilities.

synchro-dentally
Автор

Easy to be the voice of reason when you are late to the party, hindsight is always 20/20, being that you were late, you probably shouldn't be so smug about it.

bkrich
Автор

i wont call him the microsoft engineer

but the XZorcist

GoldenBeans
Автор

I agree. I went and read the cve and did my own research and was like “Debian Stable isn’t affected, my servers are good, I don’t have port 22 exposed, so no big deal for me”.

penguinwrangler
Автор

how about a video about setting up remote admin without exposure of ssh ?

Obeeewaan
Автор

Yes, no users were exploited because it was only used in unstable builds of certain distros, but had it had gone unnoticed, it would've affected everyone using the main builds of these, including web servers running them, which the most likely target of this attack as so many web servers use linux.
So yes, it is bad, or at the very least, was about to be very bad

-atimes-
Автор

Funny thing is that I was like "Good thing I didn't switch to Linux yet, would've been bad timing to get breached the same time I got into Linux." then a comment straight up said "Unless you use SSHD or any XZ Utilities tool, it only affects server side; It doesn't affect Desktop users themselves. You would've still been fine". The fact that people exaggerate how bad it for everyone is hilarious, but at least it spread the word out better and the potential implications were more than enough to let everyone know what's going on

IfritBoi
Автор

I needed to see this. High-five for clarifying this.

CreepToeJoe
Автор

I hear you say not to expose SSH. What do you recommend if you do need to access your system remotely? Have you already done a video on it? You have done a ton of content. I may have missed it.

dangreen
Автор

I wonder how many backdoors are in production. Yes random guy caught this but it feels like this wasn’t the first attempt.

gordonfreimann
Автор

The fact it was detected quickly and someone was able to go through the code and check and find out should be arguments pro open source! Imagine if someone does this on a proprietary software? I mean, the technique used was so so sneaky, I'm pretty sure it could have passed even on proprietary software.

pattyrocha
Автор

I believe the concerns about the danger of the XZ backdoor is not overhyped.
The only reason it's not as critical as it could have been is that it was discovered very early on. Imagine if this backdoor had gone unnoticed for 2-3 years. During that time, the affected package could have made its way into downstream "stable" distributions like Debian 13. That scenario would have been extremely grave, potentially even more severe than the impact of the EternalBlue backdoor.

ПетрСмирнов-ще
Автор

Why doesn't Linus have an AI that searches all submissions for the signatures of code that asks for enhanced privileges and send those to trusted developers to verify?

jamescobban
Автор

The fact that Andres found it when he did is the blessing in all of this. It could have turned into something much worse. Also it is the fact we need to be on the lookout for bad actors trying this stuff. This was bad for those factors, even if the amount affected wasn't huge. It is a story with a good ending that shows the importance of looking into stuff if it isn't working right.

Karn
Автор

Although not that many people were affected by the backdoor, I think that the most important takeaway from all of this is the broader discussion. Like others have said, what are the chances that exploits like this are out there in other OSS? How do we deal with trust and treatment of the developers of OSS from this point forward?

Beaver
Автор

no, no, no. If Fruend would not have accidentally found this we ALL would have a big problem (telecoms ect). So some change in security would be appropriate

rvgeerligs
Автор

I think Chris has been drinking at least half a bottle of Whiskey before making this video. Hybris is his middle name. Chris Hybris Titus. He is now in the state of Mr. Knowall, Know everything better than everybody else, even the guy who discovered the backdoor and now Mr. Knowall will bestow us all with his wisdom.

louisfifteen