\s obviously
JIA CHEONG TAN
TEACHING JOAN
this post was submitted on 01 Apr 2024
445 points (97.6% liked)
linuxmemes
20464 readers
563 users here now
I use Arch btw
Sister communities:
- LemmyMemes: Memes
- LemmyShitpost: Anything and everything goes.
- RISA: Star Trek memes and shitposts
Community rules
- Follow the site-wide rules and code of conduct
- Be civil
- Post Linux-related content
- No recent reposts
Please report posts and comments that break these rules!
founded 1 year ago
MODERATORS
HENTAI CAN JOG ๐๐ฅซ๐
NINJA HATE COG ๐ฅท๐กโ๏ธ
A JOINT CHANGE ๐ฌ๐
HANG IT CEO JAN ๐ด๏ธ
GAIN JET NACHO โ๏ธ๐ฅโ
GOAT-CHIN JANE ๐งโโ๏ธ
GONNA CITE HAJ ๐๏ธ๐ฆโ
ANCIENT HAG JO ๐ง๐ปโโ๏ธ
ENJOING A CHAT ๐๐ฌ
Wait a minute:
CIA AGENT JOHN
I TAG JOHN CENA
The real answer is right in front of us all along. He played us all for fools.
who's jia cheong tan?
Former maintainer of the .xz project for about a year or two. Hid a backdoor into the code that almost made it into many bigger distros if it wasn't found by a Microsoft employee.
More specifically, it's the name used by the attacker. Could well be multiple people, or if it's one person (still almost certainly state-funded, but the state can fund one person), a fake name nevertheless. We have no info about this person's real life identity. They used a VPN in Singapore, and some people have looked at the times of the commits to try guess a timezone, though that's not foolproof as they could've just been a nocturnal person, or even tried to schedule commits to happen at a time to suggest they're in a different timezone, though I think the latter is unlikely and overkill.
Yep seems like a bigger organisation being involved considering fact that this was brewing 2+ years.
so it's very well possible that they're a CIA agent named John?
i think it's the person that snuck in the xz vulnerability