The amount of effort put into this malware is impressive. It flew completely under the radar. Via social engineering the lead dev was tricked into accepting help from a bad actor who was then granted commit privileges. This rogue bad actor may have impersonated others and they used peer pressure to gain access. They also managed to push distros to include the updated XZ libraries in their releases. It was mere chance that a Microsoft developer working over the US Thanksgiving Day weekend; noticed a slight performance degradation with SSH on his system. Yes, the malware was out in the wild for 30 days but the only people impacted were those running the bleeding edge latest code. i.e. not a long term release version of Linux. Their distro would also have had to link sshd with systemd which not all distributions do. The attack vector is remarkably sneaky. It used unit tests and sample binaries intended to be used to test the xz compression output. The binaries contained malware split into shards. The makefile would run shell scripts to take these shards, append them together and inject a malware binary into the release tarball. The shell scripts were highly obfuscated to hide what it was doing. The malware code did not exist on the XZ repo. Except for the test binary which wasn't functional. This is known as a supply chain attack and it was highly sophisticated.
@freez882919 күн бұрын
I use arch wtf
@hagbard7219 күн бұрын
Could you be even more repetitive?
@Iswimandrun19 күн бұрын
Auto generated content my favorite.
@Contrulvideos19 күн бұрын
😁😂
@YVO00719 күн бұрын
Order 10.000 of these 00:17 then maybe the effectiveness would be recognized.
@UncleRed199919 күн бұрын
oh no, the "Pen Source" world of software has had a breach!
@SlyNine19 күн бұрын
This seems ai generated.
@Contrulvideos19 күн бұрын
Okay…
@SlyNine19 күн бұрын
Because closed source had never had exploits put the by the manufacturer, looking at you motherboard manufacturers.
@imnobody452220 күн бұрын
If they know the attack is in play, has the patch been deployed to cure it yet. they sure gave away enough information on how it was deployed .
@rogerthat10-4720 күн бұрын
You can have as much of this shit as you like, it will still end up with one soldier beating another one to death with his helmet because he ran out of ammo & his knife is stuck in the Last guy. If you take the Humanity out of War, then it just becomes a game, if that happens, then they will have them every 5 minutes & for No reason whatsoever. Take a look at Technology, we have only ever had Massive Leaps after Major Wars, there is a reason for this, it also Levels the Over Population out, if we have No wars, or wars where there are No loss of Human Lives, what will prompt Science to Create? I'm sorry to say, but War has a place in our world.
@rogerthat10-4720 күн бұрын
I'm sorry, but you can have Anyfukcingthingyou like, & you can Still Lose a battle, it might be cool, & capable, but Nothing ensures a win, just ask America, they have the best funded forces on the planet, yet they Lose eceryfukcingtime,, the Boots on the Ground are OK, but if they got rid of the Top Brass & replaced them with someone Compitant they might actually Win one of the many Wars they start.
@RyudoFanel20 күн бұрын
Oh wow, months to late for a nothingburger. Congratulations... This backdoor was already fixed months ago, it NEVER got into any legitimate and serious distro and accordingly never caused any damage as it was discovered way before.
@404-Error-Not-Found20 күн бұрын
This is old news and already patched....
@Heretus20 күн бұрын
Just one question : where in the 9 hells did you even FIND TempleOS that NO ONE , on the entire sol system even THOUGHT of moving to
@Contrulvideos20 күн бұрын
Good point 😂
@MrPhr0sty20 күн бұрын
This video is stupid. BECAUSE it was open source, the issue was quickly discovered! Meanwhile, MS creates Copilot.... LOL
@Nick-vd7cg20 күн бұрын
open source problem? Dont think so, microsoft has backdoors lol.
@armiks2220 күн бұрын
I think I'll switch to TempleOS.. Said nobody ever.
@hanuman920 күн бұрын
It's working just fine for me.
@SlyNine19 күн бұрын
Great for me too. If you define working as not installed.
@DudeSoWin19 күн бұрын
TempleOS is interesting from a BIOS point of view. It should have been the capstone to an open source ecosystem.
@sexigafelix17 күн бұрын
@@DudeSoWin it's also great for hymns, if you are into that kind of stuff.
@erizfolkz3120 күн бұрын
Nobody, i repeat, NFB "considering moving to templeOS". Nobody. 😂
@sexigafelix17 күн бұрын
lmao i was like is this a troll video ?
@sebestyentiberiu195720 күн бұрын
The J Dam Misile System.
@LinusKubuntus20 күн бұрын
Guy who implemented this malicious code is Indian - imagine my shock 😂
@erizfolkz3120 күн бұрын
Imagine all the pee polez.
@SlyNine19 күн бұрын
Wasist!
@LinusKubuntus20 күн бұрын
Good that they wait weeks or months before updating repositories on every self respecting distro. Everything needs to be checked for stability and safety both apps and drivers before it goes into repository.
@Contrulvideos20 күн бұрын
Good point!
@Lokpique20 күн бұрын
lol temple OS
@timothystafford776120 күн бұрын
The xz util backdoor was out about a month before it was discovered. To me, that shows the strength of open source.
@LinusKubuntus20 күн бұрын
Nonsense... First thing is that they have found the malicious code very fast. And second thing is that the software never goes into mainstream distros as soon as it shows up. It literally takes weeks or months before everything is checked and repository is updated. It applies both to apps and drivers. On Windows every bloody app is malicious and the OS is your biggest threat.
@DudeSoWin19 күн бұрын
It never made it to stable release.
@DavidFMayerPhD20 күн бұрын
Trophy active protection is REAL, BATTLE TESTED, and IN SERVICE.
@vkorchnoifan26 күн бұрын
Do we have an iron Beam to shot down ICBMs??
@Contrulvideos26 күн бұрын
Good question. We need to find out.
@DavidFMayerPhD20 күн бұрын
Not even on the horizon. Decades away at the earliest.
@Wombat-blueАй бұрын
Corny voice over, bad animation and a serious lack of real content...other than B roll of course. Terrible.
@ContrulvideosАй бұрын
Agree. Better content coming soon!
@ianrobbinsАй бұрын
I'm really getting tired of this AI generated bullshit.
@ContrulvideosАй бұрын
Thanks for your input. We’re working to improve our videos and use less ai in the content.
@joelhubeny7554Ай бұрын
Well most Humans are real stupid so if this AGI is slightly above mentally handicapped then I am not worried. In fact I am hoping to have an intelligent conversation for once with SUPER ULTRA GPT99 AGI. With the Robot adaptation could have a Hot intellectual Chat with a SEX toy. because it's not real hot woman involved.
@talismanskulls2857Ай бұрын
Pocket EMP, robo-soldier done. They spend so much money o try and make robots think like humans just to make humans think like robots.
@Rakibahamme0Ай бұрын
You know what? I am a regular viewer of your KZbin Channel. I have seen all your videos and your content qualities are very good. I learned lots of things from you. Your channel has great quality contents but still it is not delivering its right audiences due to SEO problems. You should focus on your SEO so that You can get a big fanbase. Thanks.
@Gnaritas42Ай бұрын
Absolute fucking garbage video, stop spamming us with AI trash
@PerqdАй бұрын
wow, this is really sh*t, nice 50cent army channel
@ContrulvideosАй бұрын
Thanks for your comment. Yeah, chinese 50cent army channel.
@josephknudson3237Ай бұрын
dont be shy, downvote if thats wat you think
@FifiSackeyАй бұрын
This twat is just reading off a wikipedia page
@charliejohn1949Ай бұрын
Where is this prision system implemented?
@howardtreesong4860Ай бұрын
Why are videos so goddamn awful these days?
@ContrulvideosАй бұрын
🤣
@ContrulvideosАй бұрын
We promise there will be better quality videos coming soon.
@JonNobleNobelOneАй бұрын
Everyone knows Orlando Anderson shot Tupac, it’s not a mystery.
@Italia.72Ай бұрын
First 🥱
@ContrulvideosАй бұрын
🤣
@YekiniBideminurudeen2 ай бұрын
Best
@YekiniBideminurudeen2 ай бұрын
AI revolution , best
@DefNation4Real2 ай бұрын
Hope in WRC FIA its possible too instead of Helicopter. But the Battery and versus weather conditions may dis'arm' it 😅
@Contrulvideos2 ай бұрын
Thank you so much for watching our video.💕 Don't forget to Like, Comment & Subscribe❤❤