> Engineers have been circulating an old, famous-among-programmers web comic about how all modern digital infrastructure rests on a project maintained by some random guy in Nebraska. (In their telling, Mr. Freund is the random guy from Nebraska.)<p>Huh, my take was that the "guy in Nebraska" was Lasse Collin, the original xz maintainer. Am I alone in that?
A more level-headed report with less fluff from the economist: <a href="https://www.economist.com/science-and-technology/2024/04/02/a-stealth-attack-came-close-to-compromising-the-worlds-computers" rel="nofollow">https://www.economist.com/science-and-technology/2024/04/02/...</a><p><a href="https://archive.ph/rdxhb" rel="nofollow">https://archive.ph/rdxhb</a>
> In the cybersecurity world, a database engineer inadvertently finding a backdoor in a core Linux feature is a little like a bakery worker who smells a freshly baked loaf of bread, senses something is off and correctly deduces that someone has tampered with the entire global yeast supply.<p>These kind of analogies are always a bit of an eye roll for me but I’ll grant a few points for creativity here
Why is the HN submission titled "Andres Freund and the xz backdoor"? The NYTimes title (at least right now?) is: "Did One Guy Just Stop a Huge Cyberattack?"
"Engineers have been circulating an old, famous-among-programmers web comic about how all modern digital infrastructure rests on a project maintained by some random guy in Nebraska. (In their telling, Mr. Freund is the random guy from Nebraska.)"<p>No, it's Lasse Collin the _maintainer_ of xz..
In an otherwise well written and accessible article, I found the naming of example nations gratuitous:<p>> some researchers believe only a nation with formidable hacking chops, such as Russia or China, could have attempted it.<p>… or the US, UK, Israel, Germany, France, Canada, Australia, DPRK, Japan, etc, and the security offence companies that work as a supply chain for such nations in provision of embedded exploits.<p>It’s based on very weak logic, but perhaps “Jia Tan” rules out China.
> (The New York Times has sued Microsoft and its partner OpenAI on claims of copyright infringement involving artificial intelligence systems that generate text.)<p>It's strange to see this included randomly in the middle of the article.
With even the NYT on board it should be clear to everyone now that the whole xz thing must be a plot to have that Andres Freund person introduced into government and security circles where he then can finally fulfill that heinous plot. Classic.<p>Ahh, the voices...