There We Go

In case you thought I am only a cranky old-fashioned engineer when again ranting on software bloat and its related dangers, maybe think again.

Ars Technica: What we know about the xz Utils backdoor that almost infected the world.

A backdoor to log in to all major Linux installations with root privileges? Nice. No hacking needed, no exploitation of obscure defects. Just an access key added during the installation of a ubiquitous utility library on-one even gives a second thought when including it.

Thomas Depierre in 2022: I am not a supplier.

As so often, xkcd gets it right:1