[kwlug-disc] Veritasium detailed video on the xz/openssh backdoor
Mikalai Birukou
mb at 3nsoft.com
Mon Mar 2 17:25:59 EST 2026
>> Remember the xz backdoor that was put in openssh, and barely discovered
>> before being widely distributed?
>>
>> Veritasium has an excellent in depth analysis, preceded by what is open
>> source, what is Linux, ...etc.
>>
>> Highly recommend watch.
>>
>> https://www.youtube.com/watch?v=aoag03mSuXQ&
> There are some complaints I've seen about the "untimelyness" and
> "somtimes high level" content of this video. But we need to keep in mind
> it was made so that "normal" people could understand it: People who
> might need an explanation of what "Open Source" means, what Linux is,
> etc. The video has to cover *a lot* of ground to get the target viewer
> to the point.
>
> "We" -- people who are members of Linux groups -- are not the main
> target of this video.
>
> Nevertheless, I *thoroughly* enjoyed the video.
>
> The simple explanations of key exchange, and compression, are excellent.
> Also includes an obligatory xkcd.
I liked the story, details. Tech explanations: ya, *we* don't go there.
When I heard colours for public crypto explanation, long time ago, it
felt okay-ish. But now it rubs, and it feels that we may do better. But
I don't have a suggestion, yet.
More information about the kwlug-disc
mailing list