--- Log opened Fri Mar 29 00:00:09 2024
08:11 <@Dagmar> If they're firing 6% of the employees each year through no fault of their own, then you need to worry more about just finding somewhere else to work
08:12 <@Dagmar> That would get them into trouble with the state if it were looked at closely
08:12 <@Dagmar> It definitely amounts to a rolling layoff, and those people should get unemployment
13:38 < Evilpig> well that sucks.  another supply chain attack
13:39 < Evilpig> Also saw this while I was out grabbing groceries.  https://photos.app.goo.gl/b9MCwZgt9n8gUCRh8  zoom in on the logo and look closely
13:39 < PigBot> No Title (at photos.app.goo.gl) 
14:07 <@Dagmar> Evilpig: It's actually a pretty alarming attack because it was so damn subtle
15:10 < Synx_> man everybody be freaking out over the xz backdoor
15:46 <@Dagmar> It's kinda serious
15:46 <@Dagmar> 1. There was a high level of technical acumen involved
15:47 <@Dagmar> 2. It was a very subtle attack which looks like it was meant to make sshd accept someone else's magic rsa key
15:47 <@Dagmar> 3. It somehow made it into the tarball which is apparently generated automatically from the source, but it's not in the source itself
16:16 < Evilpig> it's the kind of thing that someone got into the build server to slip in
16:17 < Evilpig> I have a specfile that I wrote to build out openldap for work that generates a custom code patch and applies it from within the spec file itself
16:33 <@Dagmar> yeah the problem is that the bit of code isn't invoked except by some testing patches a dev put in
16:33 <@Dagmar> So that looks very sus
17:16 -!- Dagmar [1000@user/dagmarx] has quit [Ping timeout: 272 seconds]
17:16 -!- dagmar [1000@user/dagmarx] has joined #se2600
17:16 -!- mode/#se2600 [+o dagmar] by ChanServ
17:16 -!- dagmar is now known as Dagmar
17:17 <@Dagmar> Better.  I screwed up my mounts table and had to reboot to clear it
17:17 <@Dagmar> Pfft.
18:02 < Synx_> Dagmar, ya and the contributor has some other oss project history
18:03 < Synx_> Evilpig, Dell still has not made me the owner of record on that computer that is bios locked
18:03 < Synx_> i've submitted the fucking form 3 times now
18:15 < Synx_> I'm so fucked for retirement, how you all doing?
18:25 < Evilpig> i'm behind from where I should be but on a track
18:26 < Evilpig> about to dip into my retirement to buy a house, but taking that loan out to myself at 10% helps me immediately, guarantees me 10% ROI and I can write the interest off on taxes so it's a win all around
18:26 < Synx_> nice
18:27 < Synx_> im counting equity in property in my savings calculation but i suppose thats dangerous
18:27 < Synx_> i just get this general feeling that our generation is totally fucked, and those behind us even more so
18:31 < Synx_> could be my paranoia though
20:02 <@eryc> https://github.com/tukaani-project/xz/issues/100
20:02 < PigBot> GitHub · Where software is built (at github.com) https://tinyurl.com/22qb7rvw
20:50 < Synx_> is the repo gone?
20:56 < Evilpig> looks that way
20:57 < Evilpig> This repository has been disabled.
20:57 < Evilpig> Access to this repository has been disabled by GitHub Staff due to a violation of GitHub's terms of service. If you are the owner of the repository, you may reach out to GitHub Support for more information. 
23:36 < Synx_> so is this state actor satisfaction 
--- Log closed Sat Mar 30 00:00:10 2024