WelcomeUser Guide
ToSPrivacyCanary
DonateBugsLicense

©2025 Poal.co

150

Probably in AMI's too.

Archive: https://archive.today/A3LDO

From the post:

>At the end of March last year, the entire cybersecurity community was rocked by the discovery of the infamous XZ Utils backdoor. ‘Jia Tan’, a developer who had spent two years building significant credibility in the project through numerous contributions, inserted a sophisticated backdoor into the xz-utils packages. The discovery sent cybersecurity experts, including the Binarly REsearch team, scrambling to reverse engineer the backdoor to understand its scope and potential impact.

Probably in AMI's too. Archive: https://archive.today/A3LDO From the post: >>At the end of March last year, the entire cybersecurity community was rocked by the discovery of the infamous XZ Utils backdoor. ‘Jia Tan’, a developer who had spent two years building significant credibility in the project through numerous contributions, inserted a sophisticated backdoor into the xz-utils packages. The discovery sent cybersecurity experts, including the Binarly REsearch team, scrambling to reverse engineer the backdoor to understand its scope and potential impact.

(post is archived)

[–] 1 pt

That was some spook shit and this has to be deliberate.

[–] 0 pt

Not the problem they’re talking about in this article. This is just Docker bros being idiots, as usual.

Docker bros don’t keep their containers up to date. They don’t even have a system to do it. There are loads of unpatched security flaws in running production Docker containers and even the people who built and maintain those images have no idea.

On a regular running server security updates are installed automatically. If you’re smart you setup system mail so that you get an email telling you what you need to restart after updates have been installed. Docker containers typically have none of this.

[–] 1 pt

If there was only some magical timer program that you could schedule this with, maybe do updates, even distro updates, possibly even schedule reboots.

Maybe I should make a magical app like this.

Side note, I just schedule all my shit to do this. Reboots too, since it’s not some live production shit. But if you have live production you could maybe like bounce machines in the farm one at a time?

I should ask Linux if this is a thing.

[–] 1 pt

Remember that time I asked about docker? Seems to be a security risk….yeah fuck docker. Fuck people that make dockers.