A video by SavvyNik that covers some of the highlights from the following recently published scientific article - Wolves in the Repository: A Software Engineering Analysis of the XZ Utils Supply Chain Attack
deleted by creator
Pretty good breakdown. Glad to see my hard work recognized!
Thanks for posting. I was literally l looking for updates on this recently and couldn’t find anything. I was worried that it might have been forgotten about
Thanks for posting.
It has been my pleasure!
I was worried that it might have been forgotten about
The XZ utils supply chain attack has actually made the community more wary of blobs. Some projects were even prompted to come clean on this matter.
Fedora has also recently made a push towards reproducible builds. In the lwn.net article that discussed that push, one of Fedora’s spokespeople explicitly said that it would help combat supply chain attacks.
So, all in all, I can confidently say that it did leave a mark on the Linux landscape. Hopefully, this specific attack vector will not be as viable in the foreseeable future.