Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
chgs
6 months ago
|
parent
|
context
|
favorite
| on:
XZ Backdoor: Times, damned times, and scams
This article asserts some opsec failures - time zones switching when they shouldn’t etc.
It’s quite plausible that they didn’t manage perfect vpn usage every single time.
Karellen
6 months ago
|
next
[–]
Expert level opsec - very rarely make deliberate "mistakes" by having an inconsistent timezone, or tunneling through someone's compromised home device instead of a VPN, to throw adversaries on wild goose chases.
fullstop
6 months ago
|
parent
|
next
[–]
They also committed with a different email address and a different name once or twice. This may have been intentional, though, to misdirect.
netsharc
6 months ago
|
prev
[–]
I'm surprised they didn't set up guards to prevent mistakes like commits with the "wrong" timezones...
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
It’s quite plausible that they didn’t manage perfect vpn usage every single time.