On 4/5/24 10:36, wes wrote:
I'm surprised to see that no one has mentioned this on PLUG yet, though
it's been flying around the rest of the tech sphere on the internet pretty
heavily over the last week. I will share it here in case any list member
It did come up at the PLUG meeting last night. It also helps that it
really only made it to the public through Debian unstable and testing. I
think it was briefly on one of my arch linux machines that shouldn't
have been reachable from teh internet. One thing that remains cloudy for
me is whether the compromise actually phoned home some kind of alert
that would identify a compromised machine. Seems like that would be
possible to replicate and observe in a test environment.
--
Russell Senior
russ...@pdxlinux.org
