Thoughts on the xz backdoor: an lzma-rs perspective | Blog | Guillaume Endignoux - discu.eu

Reddit

Thoughts on the xz backdoor: an lzma-rs perspective https://gendignoux.com/blog/2024/04/08/xz-backdoor.html 22 comments 8/4/2024 rust

Linking pages

This Week in Rust 542 · This Week in Rust https://this-week-in-rust.org/blog/2024/04/10/this-week-in-rust-542/ 1 comment

Linked pages

oss-security - backdoor in upstream xz/liblzma leading to ssh server compromise https://www.openwall.com/lists/oss-security/2024/03/29/4 3112 comments
GitHub - uutils/coreutils: Cross-platform Rust rewrite of the GNU coreutils https://github.com/uutils/coreutils 2044 comments
research!rsc: Timeline of the xz open source attack https://research.swtch.com/xz-timeline 492 comments
Hackers can extract secret encryption keys from Apple’s Mac chips | Ars Technica https://arstechnica.com/security/2024/03/hackers-can-extract-secret-encryption-keys-from-apples-mac-chips/ 484 comments
Parsing JSON is a Minefield https://seriot.ch/projects/parsing_json.html 431 comments
On Tech Debt: My Rust Library is now a CDO | Armin Ronacher's Thoughts and Writings https://lucumr.pocoo.org/2024/3/26/rust-cdo/ 298 comments
Dependency on rust removes support for a number of platforms · Issue #5771 · pyca/cryptography · GitHub https://github.com/pyca/cryptography/issues/5771#issuecomment-775119338 186 comments
GoFetch https://gofetch.fail 150 comments
xz/liblzma: Bash-stage Obfuscation Explained - gynvael.coldwind//vx.log https://gynvael.coldwind.pl/?id=782&lang=en 129 comments
Added error text to warning when untaring with bsdtar by JiaT75 · Pull Request #1609 · libarchive/libarchive · GitHub https://github.com/libarchive/libarchive/pull/1609 98 comments
Everything I know about the XZ backdoor https://boehs.org/node/everything-i-know-about-the-xz-backdoor 93 comments
About RustSec › RustSec Advisory Database https://rustsec.org/ 76 comments
research!rsc: Running the “Reflections on Trusting Trust” Compiler https://research.swtch.com/nih 70 comments
Sudo-rs dependencies: when less is better - Prossimo https://www.memorysafety.org/blog/reducing-dependencies-in-sudo/ 47 comments
https://www.cs.cmu.edu/~rdriley/487/papers/Thompson_1984_ReflectionsonTrustingTrust.pdf 46 comments
Scaling back my involvement in Rust - Rust Internals https://internals.rust-lang.org/t/scaling-back-my-involvement-in-rust/11754 43 comments
Build Scripts - The Cargo Book https://doc.rust-lang.org/cargo/reference/build-scripts.html#outputs-of-the-build-script 27 comments
Post-Quantum Cryptography | CSRC https://csrc.nist.gov/Projects/Post-Quantum-Cryptography 26 comments
GitHub - aws/aws-lc-rs: aws-lc-rs is a cryptographic library using AWS-LC for its cryptographic operations. The library strives to be API-compatible with the popular Rust library named ring. https://github.com/aws/aws-lc-rs 26 comments
Project Everest https://project-everest.github.io/ 25 comments

Would you like to stay up to date with Rust? Checkout Rust Weekly.

Related searches:

Search whole site: site:gendignoux.com

Search title: Thoughts on the xz backdoor: an lzma-rs perspective | Blog | Guillaume Endignoux

See how to search.

Submit link to: