Skip Navigation

Anti-Corporate Movement @lemmy.giftedmc.com

haui @lemmy.giftedmc.com

4d ago

Proprietary vs Open Source Backdoors

cross-posted from: https://lemy.lol/post/45980344

linuxmemes @lemmy.world

icegladiator @lemy.lol

4d ago

Proprietary vs Open Source Backdoors

9 comments

I still find it ironic that the dude that found the malicious code was a Microsoft employee.
- Honestly just makes me feel like Microsoft was already ripping off code from the project and they needed another method of discovery to avoid suspicion.
  
  Windows did add .rar, .7z and .tar support in late 2023, and the ZX-utils backdoor happened just half a year later.
- I have friends everywhere.

I feel like the latter really happened. That sounds too specific to be made up.
- You would be correct:
  https://www.runtime.news/how-a-500ms-delay-exposed-a-nightmare-scenario-for-the-software-supply-chain/
  
  This story does make me worried though, that this is the case where they were caught, and there are many more where they weren’t caught.

9 comments