Does a Malicious Backdoor Compromise SSH?

newly discovered backdoor found in the xz liblzma library of XZ Utils, the XZ format compression utilities included in most Linux distributions, targets the RSA implementation of OpenSSH.

Advertisement

For those outside of tech, that sentence was an unreadable jumble of acronyms. For those inside tech, a chill probably ran down their spine, as those technologies are everywhere. Anytime anyone buys something online, they’re going to be using SSH to create a secure channel to pass transaction information. Depending on how many distros are using that library, the consequence range from “bad” to “really, really bad.”

Ed Morrissey

Lawrence leans to the merely "bad," as the big retail sites use a different form of Linux. For smaller online retailers, however, that may not be the case -- and they'd better catch up quickly to the patches that close this hole. Consumers should be careful in the meantime as well. Read it all.

Join the conversation as a VIP Member

Trending on HotAir Videos

Advertisement
Advertisement
Advertisement