med-mastodon.com is one of the many independent Mastodon servers you can use to participate in the fediverse.
Medical community on Mastodon

Administered by:

Server stats:

387
active users

An interesting thing about the XZ sabotage is that, while it was very cleverly obfuscated (congratulations to Andres Freund for finding it!), once found, it is very clear that it's a deliberate backdoor. It can't be explained away as an ordinary bug that introduced a vulnerability.

Says something about the tradeoff space the attacker was working in.

Noah Cook

@mattblaze You're one of the first I've seen to analyze this in terms of the adversary's constraints. I am not a computer scientist, but in terms of constraints, resources, and targeting, this doesn't "feel" like a state actor.

So, this is highly targeted, and the social engineering tactics seemed personal. You're not getting that from a committee. And it was a long game, which would have meant supervisors coming and going, changes in priority, etc in government.

@UncivilServant is disagree that that’s inconsistent with a state actor. Personalized, long game infiltration is how spies and HUMINT has always worked.

@mattblaze Ah, is that part of why intelligence types complain that the rest of the government keeps giving them side-eye?

Because yeah, that sort of unprofessional obsession...huh, Le Carré really wasn't exaggerating if that's how they act.

@UncivilServant @mattblaze Your assumptions reflect a politician. Intelligence agencies are very insulated/deliberate and so a state-sponsored spy is a very different animal.