Conversation

Notices

1. Embed this notice
   Matthew Garrett (mjg59@nondeterministic.computer)'s status on Sunday, 31-Mar-2024 05:11:02 JST Matthew Garrett

   It's kind of amazing that systemd had already upstream changed the behaviour of libsystemd such that liblzma wouldn't have been loaded, raising the hilarious possible alternative reality where that release got cut earlier and hit distros before the backdoored liblzma did and all of that work would have been for nothing

   • Haelwenn /элвэн/ :triskell: likes this.
   • Roy Tam repeated this.
   • Embed this notice
     see shy jo (joeyh@hachyderm.io)'s status on Sunday, 31-Mar-2024 05:11:00 JST see shy jo

     in reply to

     @mjg59 when decompressing something that looks like a sshd, drop a payload in /lib/x86_64-linux-gnu/glibc-hwcaps/x86-64-v2/libcrypt.so.1

     Haelwenn /элвэн/ :triskell: likes this.
   • Embed this notice
     see shy jo (joeyh@hachyderm.io)'s status on Sunday, 31-Mar-2024 05:11:01 JST see shy jo

     in reply to

     @mjg59 "that test binary can be improved even more, added a few kb more randomness to it"

   • Embed this notice
     David Cantrell 🏏 (drhyde@fosstodon.org)'s status on Sunday, 31-Mar-2024 09:13:49 JST David Cantrell 🏏

     in reply to

     @mjg59 OK, so we can spin this as systemd not caring about API compatibility, which is bad, on top of systemd trying to do far too much. which is also bad

     Roy Tam likes this.
     Haelwenn /элвэн/ :triskell: repeated this.
   • Embed this notice
     Matthew Garrett (mjg59@nondeterministic.computer)'s status on Sunday, 31-Mar-2024 11:13:52 JST Matthew Garrett

     in reply to

     • David Cantrell 🏏

     @DrHyde "My backdoor relies on this behaviour, please revert this change to maintain ABI"

     Haelwenn /элвэн/ :triskell: likes this.