Whole-known-network
<p>If you still want to read more about the xz backdoor, I highly recommend these two posts from Russ Cox:</p><p>"The xz attack shell script" - <a href="https://research.swtch.com/xz-script" target="_blank" rel="nofollow noopener noreferrer" translate="no"><span class="invisible">https://</span><span class="">research.swtch.com/xz-script</span><span class="invisible"></span></a></p><p>"Timeline of the xz open source attack" - <a href="https://research.swtch.com/xz-timeline" target="_blank" rel="nofollow noopener noreferrer" translate="no"><span class="invisible">https://</span><span class="">research.swtch.com/xz-timeline</span><span class="invisible"></span></a></p><p><a href="https://social.afront.org/tags/xz" class="mention hashtag" rel="tag">#<span>xz</span></a> <a href="https://social.afront.org/tags/OpenSource" class="mention hashtag" rel="tag">#<span>OpenSource</span></a> <a href="https://social.afront.org/tags/Security" class="mention hashtag" rel="tag">#<span>Security</span></a></p>
<p><span class="h-card" translate="no"><a href="https://mastodon.social/@gamingonlinux" class="u-url mention">@<span>gamingonlinux</span></a></span> Oh i though it was abandoned, glad i was wrong</p>
<p><span class="h-card" translate="no"><a href="https://hachyderm.io/@liztai" class="u-url mention">@<span>liztai</span></a></span> I love your enthusiasm for cdramas. That's why I started following you. It's great to see discussions about them. I only occasionally watch so I'm not as big of a fan but it's good to follow and see what the big favorites are! :) </p><p>I also enjoy your thoughtful blog posts, they give me a different perspective and insights.</p>
<p><span class="h-card" translate="no"><a href="https://mastodon.social/@whitequark" class="u-url mention">@<span>whitequark</span></a></span> If I had a dime every time a C-suite looked at the world around them and only saw tools... 😓</p>
<p>Are there any papers at all about designing error messages for compilers/PLs?</p>
<p><span class="h-card" translate="no"><a href="https://nixos.paris/@raito" class="u-url mention">@<span>raito</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.social/@flaviusb" class="u-url mention">@<span>flaviusb</span></a></span> having thought more about the "rocks" part, which <span class="h-card" translate="no"><a href="https://bsd.network/@cynicalsecurity" class="u-url mention">@<span>cynicalsecurity</span></a></span> accurately described as "slavery", I don't think I have enough in common with <span class="h-card" translate="no"><a href="https://infosec.exchange/@dymaxion" class="u-url mention">@<span>dymaxion</span></a></span> to discuss anything with. you don't talk with someone who treats you like a rock, you cast them away</p>
<p><span class="h-card" translate="no"><a href="https://circumstances.run/@mawhrin" class="u-url mention">@<span>mawhrin</span></a></span> nope</p>
<p><span class="h-card" translate="no"><a href="https://bsd.network/@cynicalsecurity" class="u-url mention">@<span>cynicalsecurity</span></a></span> oh, I meant the entire rest of the thread. that particular comment is so off-the-charts unhinged I didn't even fully process it</p>
<p><span class="h-card" translate="no"><a href="https://mastodon.social/@gamingonlinux" class="u-url mention">@<span>gamingonlinux</span></a></span> who verifies the verifiers?</p>
