Skip to main content


The #xz vulnerability really has me feeling good about not living on the bleeding edge. I'm sure there's still some risk of a terrible backdoor somewhere in Debian or Ubuntu that hasn't been found yet, but at least there's a much higher chance of someone catching it before it bites me.

Only thing of mine that was affected was my Termux installations on my Android devices, something I never use for SSH anyway.

#xz
weird post. Some minor observations:
- not-bleeding edge won't protect from backdoors (often to the contrary)
- it's not about Debian (actually, Debian have found it for everyone) or Ubuntu
- probablility of catching inversely correlates to its age
- you may never know what's wrong until someone figures it out. For what we know your system can be full of backdoored stuff. 😁
Otherwise yes, it's lucky that it's been found out so fast, I can't even tell HOW lucky really.