xz-utils takes
Oscar Wilde: "Nowadays people know the price of everything and the value of nothing".
The Economist's expert: “The bottom line is that we have untold trillions of dollars riding on top of code developed by hobbyists” [on the xz vulnerability]
This looks like open source FUD, so here's a refute: 1) the sophistication required to sneak something into a so-called hobby project, 2) it failed, 3) it had to happen in the open, 4) think about how easy this is done in closed source
@h_thoreson Don't know if you follow them but saw this and thought of you:
https://www.youtube.com/watch?v=m19BSnesG-w
3D Sonar Images of Baltimore's Key Bridge Reveal the Underwater Wreckage in Detail | Smart News| Smithsonian Magazine
https://www.smithsonianmag.com/smart-news/3d-sonar-images-of-baltimores-key-bridge-reveal-the-underwater-wreckage-in-detail-180984090/
Credit where credit is due! I'd really like to take a minute and thank Jia Tan how they helped us to finally get sd_notify() support merged into OpenSSH upstream!
https://bugzilla.mindrot.org/show_bug.cgi?id=2641
Thank you, Jia, you rock!
FOSS, motorbikes, and photography.