| === JanC is now known as Guest9843 | ||
| === JanC_ is now known as JanC | ||
| lotuspsychje | welcome to the community ironbear | 04:03 |
|---|---|---|
| ironbear | Hello All | 04:03 |
| ironbear | lotuspsychje: thanks | 04:04 |
| ironbear | So is this the thread to talk to experienced users? | 04:05 |
| lotuspsychje | every quality ubuntu discussion fits here ironbear | 04:06 |
| lotuspsychje | expert or novice | 04:07 |
| Bashing-om | ironbear: ironbear: Well -- there are experienced users that frequent this channel :D | 04:07 |
| ironbear | I ran into an issue with a bug on my cpu even after just changing over from windows on an older machine (10ish years old) | 04:08 |
| ironbear | MDS CPU bug present and SMT on, data leak possible. See https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/mds.html for more details. | 04:08 |
| ironbear | went to the website and tried to fix but it feel like im hitting a wall with permissions. | 04:09 |
| lotuspsychje | !usn | ironbear | 04:10 |
| ubottu | ironbear: Please see https://usn.ubuntu.com/ for information about recent Ubuntu security updates. | 04:10 |
| ironbear | lotuspsychje and ubuttu: thanks havent seen this site yet | 04:12 |
| sarnold | lotuspsychje: if ironbear returns https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/MDS | 04:29 |
| lotuspsychje | ah nice tnx sarnold | 04:29 |
| === guiverc2 is now known as guiverc | ||
| === JanC is now known as Guest7658 | ||
| === JanC_ is now known as JanC | ||
| === JanC is now known as Guest6853 | ||
| === JanC_ is now known as JanC | ||
| === arraybolt3 is now known as arraybolt3-dange | ||
| === arraybolt3-dange is now known as arraybolt3-cmp | ||
| pragmaticenigma | hey leftyfb ... I wonder if this is the source of the SSH traffic up-tick being seen: https://arstechnica.com/security/2024/03/backdoor-found-in-widely-used-linux-utility-breaks-encrypted-ssh-connections/ | 19:30 |
| leftyfb | the vulnerable package was never released | 19:31 |
| pragmaticenigma | It did make it into the released beta for Fedora 40 | 19:32 |
| oerheks | 5.4.6 | 19:33 |
| pragmaticenigma | timings are a bit off though... Fedora 40B was released march 26, your chart showed the sustained attempts starting the 21 | 19:33 |
| oerheks | "In some cases, the backdoor has been unable to work as intended." | 19:34 |
| leftyfb | I doubt verymuch this is related | 19:34 |
| pragmaticenigma | The article does mention this person has been very active contributor for xz source for the last couple years | 19:36 |
| pragmaticenigma | though it sounds like the vulnerability was rather blatently added as if they were running out of time or just got impatient | 19:37 |
| === JanC_ is now known as JanC | ||
| JanC | looks like not only the "JiaT75" account was involved but also "hansjans162" & "Larhzu" | 21:08 |
| JanC | they might all be the same person | 21:09 |
| oerheks | the manhunt on ycombinator points to an finnish group, originally | 21:10 |
| JanC | the original author was Finnish, so that is not very useful probably | 21:10 |
| JanC | (at least I think so?) | 21:10 |
| oerheks | sure, the person joined in 2022 | 21:11 |
| JanC | no, xz was moved to github then | 21:11 |
| oerheks | so any name or alias, who knows | 21:11 |
| === JanC_ is now known as JanC | ||
| === JanC is now known as Guest8342 | ||
| === JanC_ is now known as JanC | ||
| === Guest55 is now known as arraybolt3 | ||
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!