| 00:05:08 | | linuxgemini quits [Client Quit] |
| 00:20:31 | | lunik1 quits [Client Quit] |
| 00:21:00 | | lunik1 joins |
| 01:08:10 | <nicolas17> | https://xz.tukaani.org/ 404 |
| 01:23:35 | <katia> | https://github.com/tukaani-project/xz nuked too |
| 01:24:07 | <@JAA> | Same-ish thing, xz.tukaani.org was hosted on GitHub. |
| 01:28:33 | <fireonlive> | https://dl.fireon.live/irc/2ba9a1aed5d54144/how-to-archive-a-optical-disc.mp4 |
| 01:29:46 | <katia> | i am deaf now |
| 01:31:16 | <fireonlive> | f |
| 01:56:17 | | linuxgemini (linuxgemini) joins |
| 01:56:52 | | linuxgemini quits [Client Quit] |
| 01:59:49 | | linuxgemini (linuxgemini) joins |
| 02:11:32 | <nicolas17> | the plot thickens https://twitter.com/birchb0y/status/1773871381890924872 |
| 02:25:03 | <nicolas17> | https://www.youtube.com/watch?v=btdjLLXtvZA I had never seen this original video the meme came from |
| 02:35:36 | | Guest17 joins |
| 02:39:23 | | Guest88 quits [Ping timeout: 265 seconds] |
| 02:46:43 | | mgrytbak quits [Quit: Ping timeout (120 seconds)] |
| 02:46:52 | | mgrytbak joins |
| 02:51:53 | | mgrytbak quits [Client Quit] |
| 02:52:01 | | mgrytbak joins |
| 02:54:24 | | mgrytbak quits [Client Quit] |
| 02:54:33 | | mgrytbak joins |
| 02:59:57 | | mgrytbak quits [Client Quit] |
| 03:00:25 | | mgrytbak joins |
| 03:01:05 | | HP_Archivist (HP_Archivist) joins |
| 03:02:10 | | mgrytbak quits [Client Quit] |
| 03:02:24 | | mgrytbak joins |
| 03:13:09 | | mgrytbak quits [Client Quit] |
| 03:13:21 | | mgrytbak joins |
| 03:15:18 | | mgrytbak quits [Client Quit] |
| 03:15:28 | | mgrytbak joins |
| 03:24:00 | | mgrytbak quits [Client Quit] |
| 03:24:13 | | mgrytbak joins |
| 03:57:57 | | mgrytbak quits [Client Quit] |
| 03:58:15 | | mgrytbak joins |
| 04:00:17 | <pabs> | https://infosec.exchange/@lcamtuf/112180485473559371 |
| 04:00:24 | <fireonlive> | https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068024#30 |
| 04:00:26 | <fireonlive> | :3 |
| 04:02:50 | | Ruthalas59 (Ruthalas) joins |
| 04:04:12 | <pabs> | https://teh.entar.net/@ckape/112182452162916476 |
| 04:05:48 | <@JAA> | Heh |
| 04:05:50 | | mgrytbak quits [Client Quit] |
| 04:06:03 | | mgrytbak joins |
| 04:07:16 | <@JAA> | zstd++ |
| 04:07:17 | <eggdrop> | [karma] 'zstd' now has 1 karma! |
| 04:10:14 | <fireonlive> | :D |
| 04:10:47 | <@JAA> | xkcd++ |
| 04:10:47 | <eggdrop> | [karma] 'xkcd' now has 1 karma! |
| 04:52:54 | <nicolas17> | fireonlive: https://blogs.gentoo.org/mgorny/2014/02/22/a-few-words-on-lzip-compressor/ |
| 04:53:08 | <pabs> | https://www.mail-archive.com/xz-devel@tukaani.org/msg00567.html |
| 04:53:10 | <pabs> | https://mastodon.social/@glyph/112180939045007198 |
| 04:53:52 | <nicolas17> | pabs: https://infosec.exchange/@SecureOwl/112182345432371134 |
| 04:56:08 | <fireonlive> | :o |
| 04:59:47 | <pabs> | hah |
| 05:01:25 | <pabs> | https://bugs.debian.org/1068024 |
| 05:03:05 | <pabs> | https://bugs.debian.org/1068047 |
| 07:41:20 | | icedice quits [Client Quit] |
| 07:52:50 | <immibis> | what's the point of worrying about commits when the backdoor was supposedly not present in the git repo at all? |
| 08:01:55 | <steering> | the payload was, for one thing |
| 08:12:04 | <Irenes> | I imagine the endgame would have been to then hide evidence of the tarball that contained the trigger, making it harder to spot where the attack originated |
| 08:14:53 | <Barto> | let's appreciate how dynamic are the distributions during the easter brea |
| 08:14:55 | <Barto> | break* |
| 08:15:16 | <Irenes> | yes that was some SERIOUS professionalism getting everything patched today |
| 08:21:01 | <pabs> | Larhzu just came online on #tukaani (libera) |
| 08:22:01 | <pabs> | immibis: the non-git tarball-only part just activates the payload from within "test" files in git |
| 08:23:47 | <fireonlive> | Larhzu? |
| 08:24:52 | <@JAA> | Long-term maintainer of xz before Jia joined. |
| 08:25:56 | <fireonlive> | ahh |
| 08:33:39 | <Irenes> | I'm not gonna lie, in his place I don't know if I'd be brave enough to show up the same day |
| 08:34:02 | <Irenes> | I kind of want to go watch but that feels rude |
| 08:34:21 | <Barto> | Larhzu might be the only person we trust on this project now |
| 08:34:28 | <Irenes> | yeah |
| 08:35:04 | <Irenes> | and only because I spent time today reading the archived emails in which he was clearly psychologically manipulated into adding Jia >< |
| 08:35:15 | <pabs> | there are a ton of people there, its fine to join. lots of people speculating though, thats less welcome |
| 08:35:26 | <Irenes> | well, thank you. maybe I will. |
| 08:35:47 | <Barto> | i joined, but i will not write anything |
| 08:37:12 | | pabs just hopes the backdoor scope doesn't widen further than it already did |
| 08:39:00 | <fireonlive> | hopefully no poppers, indeed |
| 08:39:40 | <pabs> | sshd is pretty bad, but at least most Debian folks would only run the sshd from stable. not sure about Fedora |
| 08:39:52 | <Barto> | well, i hope here that we fully understand the situation. We'll see how deep thi sis |
| 08:39:55 | <Barto> | this is* |
| 09:00:03 | | Bleo182600 quits [Client Quit] |
| 09:01:34 | | Bleo182600 joins |
| 10:10:54 | | f_ quits [Remote host closed the connection] |
| 10:14:56 | | Meli quits [Remote host closed the connection] |
| 10:15:51 | | Meli (Meli) joins |
| 10:48:45 | | nulldata quits [Ping timeout: 272 seconds] |
| 10:53:08 | | nulldata (nulldata) joins |
| 11:40:26 | <joepie91|m> | <immibis> what's the point of worrying about commits when the backdoor was supposedly not present in the git repo at all? |
| 11:40:50 | <joepie91|m> | the thing is that this wasn't a vulnerability, it was a backdoor - and one that suggests a professionally-run, long-term campaign |
| 11:41:21 | <joepie91|m> | which means that, especially given the unattributable complexity and history in places, it is highly likely that this person has introduced multiple backdoors, and across multiple projects |
| 11:41:50 | <joepie91|m> | so everything they have ever done is suspect now, not just the backdoor we know about, but also anything that might contain a backdoor we don't know about yet |
| 12:02:15 | | qwertyasdfuiopghjkl quits [Client Quit] |
| 12:07:17 | | qwertyasdfuiopghjkl (qwertyasdfuiopghjkl) joins |
| 12:08:28 | | ikkoup joins |
| 12:10:18 | <ikkoup> | Hi, is there anyone here who uses grab-site? is it a good tool for archiving vbulletin forums? I see that it has "--igsets=forums" which seems to filter most non-content pages. |
| 12:11:42 | <ikkoup> | Also if possible, how do you recommend that I setup grab-site? normal or docker? pyenv? Linux or Nix? |
| 12:24:50 | | Exorcism quits [Killed (NickServ (GHOST command used by Exorcism1))] |
| 12:25:03 | | Exorcism1 joins |
| 12:26:18 | | Exorcism (exorcism) joins |
| 12:36:55 | | razul quits [Read error: Connection reset by peer] |
| 12:45:21 | | razul joins |
| 12:50:15 | | Exorcism1 quits [Client Quit] |
| 12:55:54 | | sec^nd quits [Remote host closed the connection] |
| 13:06:49 | | Arcorann quits [Ping timeout: 272 seconds] |
| 13:10:07 | | ikkoup quits [Client Quit] |
| 13:11:40 | | sec^nd (second) joins |
| 13:34:03 | | sec^nd quits [Remote host closed the connection] |
| 13:35:53 | <pabs> | joepie91|m: seems like the person/team behind this had many sock puppets, so it isn't just their aliases that are suspect |
| 13:43:54 | | jacksonchen666 quits [Ping timeout: 255 seconds] |
| 13:45:06 | | jacksonchen666 (jacksonchen666) joins |
| 13:59:39 | | sec^nd (second) joins |
| 14:19:30 | | za3k quits [Quit: ZNC 1.8.2+deb3.1 - https://znc.in] |
| 14:20:15 | | za3k joins |
| 14:23:44 | | icedice (icedice) joins |
| 14:51:24 | | Meli quits [Remote host closed the connection] |
| 14:55:03 | <nukke> | https://social.hackerspace.pl/@q3k/112184695043115759 |
| 15:12:06 | | jacksonchen666 quits [Ping timeout: 255 seconds] |
| 15:12:50 | | jacksonchen666 (jacksonchen666) joins |
| 15:13:51 | | Meli (Meli) joins |
| 15:59:52 | <nukke> | genuinely surprising https://i.imgur.com/ZN1l8Ri.jpeg |
| 16:06:18 | <ymgve> | I was like "did tinder die in the states" but then saw that it explicitly excludes tinder |
| 16:28:55 | <@JAA> | https://tukaani.org/xz-backdoor/ |
| 16:51:19 | | HackMii quits [Remote host closed the connection] |
| 16:53:29 | | HackMii (hacktheplanet) joins |
| 16:55:16 | <kpcyrd> | https://twitter.com/vxunderground/status/1774041691982369056 |
| 16:56:47 | | systwi_ quits [Quit: systwi_] |
| 16:56:47 | | nothere quits [Quit: Leaving] |
| 17:07:20 | | systwi_ joins |
| 17:22:24 | <dave> | original maintainer already found another sneaky thing fwiw: https://git.tukaani.org/?p=xz.git;a=commitdiff;h=f9cf4c05edd14dedfe63833f8ccbe41b55823b00 |
| 17:22:42 | <dave> | feature check for a linux sandboxing facility was subtly broken, so the sandboxing never got enabled |
| 17:23:44 | <dave> | so far all the discovered malicious stuff happened in a pretty short timeframe in the last month though |
| 17:24:26 | <dave> | and all the malicious commits happened at very unusual times of day given the new maintainer's normal activity patterns. Like, it looked like someone else was pushing changes while the maintainer was asleep. |
| 17:35:49 | | HackMii quits [Remote host closed the connection] |
| 17:36:13 | | HackMii (hacktheplanet) joins |
| 17:42:43 | | nothere joins |
| 17:54:12 | <nukke> | https://pbs.twimg.com/media/GJ7kUdfXsAA5B4k?format=jpg&name=small |
| 18:00:27 | <nukke> | wait, hold up, cmakelists? I thought it was using autotools |
| 18:02:44 | | HotSwap leaves [Leaving] |
| 18:04:23 | | ^ quits [Remote host closed the connection] |
| 18:04:27 | | ^ (^) joins |
| 18:04:40 | <dave> | it has both cmake and autoconf build configs, for some reason. No idea why |
| 18:33:07 | | lunik1 quits [Client Quit] |
| 18:33:53 | | lunik1 joins |
| 18:58:09 | | pseudorizer quits [Quit: ZNC 1.9.0 - https://znc.in] |
| 19:02:43 | | pseudorizer (pseudorizer) joins |
| 19:44:05 | | that_lurker quits [Quit: I am most likely running a system update] |
| 19:44:24 | | that_lurker (that_lurker) joins |
| 20:06:21 | | linuxgemini quits [Client Quit] |
| 20:07:43 | | nertzy joins |
| 20:14:38 | <@JAA> | https://gynvael.coldwind.pl/?lang=en&id=782 |
| 20:20:10 | | nertzy quits [Read error: Connection reset by peer] |
| 20:42:33 | | linuxgemini (linuxgemini) joins |
| 21:01:51 | <fireonlive> | https://theheavycup.com/products/heavy-mug-22lb-stainless-steel-mug |
| 21:02:03 | <fireonlive> | 10kg mug, preorder now |
| 21:02:05 | <fireonlive> | ! |
| 21:06:28 | <nukke> | I actually want it so bad |
| 21:15:08 | | Doranwen quits [Quit: bbl] |
| 21:19:37 | <fireonlive> | ikr? :o |
| 21:47:14 | | BlueMaxima joins |
| 22:02:52 | <icedice> | When refills are free but they don't specify cup sizes |
| 22:03:29 | <icedice> | Oh |
| 22:03:36 | <icedice> | It's not as giant as I thought |
| 22:03:42 | <icedice> | Just bulletproof |
| 22:03:48 | | Guest17 quits [Client Quit] |
| 22:04:12 | <@JAA> | When refills are limited to cup weight. |
| 22:09:09 | <icedice> | https://media1.tenor.com/m/QLbV11ltA8cAAAAC/smart-thinking.gif |
| 22:27:28 | | Guest88 joins |
| 22:27:31 | <nicolas17> | fireonlive nukke: https://infosec.exchange/@SecureOwl/112185791434856732 |
| 22:28:16 | <nukke> | Too soon |
| 22:34:52 | <Barto> | oh boy :D |
| 22:53:02 | <fireonlive> | x3 |
| 23:20:37 | | tzt quits [Ping timeout: 255 seconds] |
| 23:23:42 | <nicolas17> | https://social.treehouse.systems/@nicolas17/112186596752413438 important archival-related question |
| 23:26:03 | <@JAA> | :-) |
| 23:28:42 | | tzt (tzt) joins |