=== JanC is now known as Guest9843
=== JanC_ is now known as JanC
[04:03] <lotuspsychje> welcome to the community ironbear 
[04:03] <ironbear> Hello All
[04:04] <ironbear> lotuspsychje: thanks
[04:05] <ironbear> So is this the thread to talk to experienced users?
[04:06] <lotuspsychje> every quality ubuntu discussion fits here ironbear 
[04:07] <lotuspsychje> expert or novice
[04:07] <Bashing-om> ironbear: ironbear: Well -- there are experienced users that frequent this channel :D
[04:08] <ironbear> I ran into an issue with a bug on my cpu even after just changing over from windows on an older machine (10ish years old)
[04:08] <ironbear> MDS CPU bug present and SMT on, data leak possible. See https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/mds.html for more details.
[04:09] <ironbear> went to the website and tried to fix but it feel like im hitting a wall with permissions.
[04:10] <lotuspsychje> !usn | ironbear 
[04:10] <ubottu> ironbear: Please see https://usn.ubuntu.com/ for information about recent Ubuntu security updates.
[04:12] <ironbear> lotuspsychje and ubuttu: thanks havent seen this site yet
[04:29] <sarnold> lotuspsychje: if ironbear returns https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/MDS
[04:29] <lotuspsychje> ah nice tnx sarnold 
=== guiverc2 is now known as guiverc
=== JanC is now known as Guest7658
=== JanC_ is now known as JanC
=== JanC is now known as Guest6853
=== JanC_ is now known as JanC
=== arraybolt3 is now known as arraybolt3-dange
=== arraybolt3-dange is now known as arraybolt3-cmp
[19:30] <pragmaticenigma> hey leftyfb ... I wonder if this is the source of the SSH traffic up-tick being seen: https://arstechnica.com/security/2024/03/backdoor-found-in-widely-used-linux-utility-breaks-encrypted-ssh-connections/
[19:31] <leftyfb> the vulnerable package was never released
[19:32] <pragmaticenigma> It did make it into the released beta for Fedora 40
[19:33] <oerheks> 5.4.6
[19:33] <pragmaticenigma> timings are a bit off though... Fedora 40B was released march 26, your chart showed the sustained attempts starting the 21
[19:34] <oerheks> "In some cases, the backdoor has been unable to work as intended."
[19:34] <leftyfb> I doubt verymuch this is related
[19:36] <pragmaticenigma> The article does mention this person has been very active contributor for xz source for the last couple years
[19:37] <pragmaticenigma> though it sounds like the vulnerability was rather blatently added as if they were running out of time or just got impatient
=== JanC_ is now known as JanC
[21:08] <JanC> looks like not only the "JiaT75" account was involved but also "hansjans162" & "Larhzu"
[21:09] <JanC> they might all be the same person
[21:10] <oerheks> the manhunt on ycombinator points to an finnish group, originally
[21:10] <JanC> the original author was Finnish, so that is not very useful probably
[21:10] <JanC> (at least I think so?)
[21:11] <oerheks> sure, the person joined in 2022
[21:11] <JanC> no, xz was moved to github then
[21:11] <oerheks> so any name or alias, who knows
=== JanC_ is now known as JanC
=== JanC is now known as Guest8342
=== JanC_ is now known as JanC
=== Guest55 is now known as arraybolt3