Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • World
  • Users
  • Groups
Skins
  • Light
  • Brite
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor
  • Default (Cyborg)
  • No Skin
Collapse
Brand Logo

CIRCLE WITH A DOT
  1. Home
  2. Uncategorized
  3. For the record, and since we are on the subject of supply-chain attacks:

For the record, and since we are on the subject of supply-chain attacks:

Scheduled Pinned Locked Moved Uncategorized
daemontoolsgithub
2 Posts 2 Posters 0 Views
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • jdebp@tty0.socialJ This user is from outside of this forum
    jdebp@tty0.socialJ This user is from outside of this forum
    jdebp@tty0.social
    wrote last edited by
    #1

    For the record, and since we are on the subject of supply-chain attacks:

    The person behind the 'daemontools' account on GitHub is unidentifiable, and certainly isn't Daniel J. Bernstein, me, @ska, Bruce Guenter, or anyone else well-known in the #daemontools world.

    The account has been inactive since 2013. If that account suddenly wakes up, it's not unreasonable to suspect that it has been compromised/become malicious.

    (M. Guenter is bruceg on #GitHub and is active there to this week.)

    cazabon@mindly.socialC 1 Reply Last reply
    0
    • jdebp@tty0.socialJ jdebp@tty0.social

      For the record, and since we are on the subject of supply-chain attacks:

      The person behind the 'daemontools' account on GitHub is unidentifiable, and certainly isn't Daniel J. Bernstein, me, @ska, Bruce Guenter, or anyone else well-known in the #daemontools world.

      The account has been inactive since 2013. If that account suddenly wakes up, it's not unreasonable to suspect that it has been compromised/become malicious.

      (M. Guenter is bruceg on #GitHub and is active there to this week.)

      cazabon@mindly.socialC This user is from outside of this forum
      cazabon@mindly.socialC This user is from outside of this forum
      cazabon@mindly.social
      wrote last edited by
      #2

      @JdeBP @ska

      It was my impression that the project that was backdoored was the Windows package Daemon Tools, which is unrelated to djb's daemontools. It's a CD/DVD/maybe floppy imaging program that can emulate having those virtual disks in a drive.

      1 Reply Last reply
      2
      0
      • R relay@relay.publicsquare.global shared this topic
        R relay@relay.mycrowd.ca shared this topic
      Reply
      • Reply as topic
      Log in to reply
      • Oldest to Newest
      • Newest to Oldest
      • Most Votes

      • Login
      • Login or register to search.
      • First post
        Last post
      0
      • Categories
      • Recent
      • Tags
      • Popular
      • World
      • Users
      • Groups