> The author(s) of the backdoor went a long way to make the backdoor look as innocent as possible.<p>No, not really. The technical part of this backdoor is not interesting at all. Obfuscating strings? Give me a break. That's something your average commercial developer does. It wouldn't even qualify as DRM. Wake me up when the software is self-modifying and/or written in a way that makes IDA crash (seen it a lot, and I am not a security engineer).<p>"Innocent as possible" would be the something like that Debian weak keys fiasco, or the misleading indentation patch, etc. Those offer much more plausible deniability than this. "Innocent as possible" and interesting technical-wise would be something like the NIST curves. Decades from now people will still be arguing if they are backdoored or not.<p>The interest in this exploit is on the community/supply side of things, but hardly the technical aspects.
Looks like the site is slowing down: This is the primary source: <a href="https://www.openwall.com/lists/oss-security/2024/03/29/4" rel="nofollow">https://www.openwall.com/lists/oss-security/2024/03/29/4</a>