Risky Business #743 -- A chat about the xz backdoor with the guy who found it
On this week’s show Patrick and Adam discuss the week’s security news, including: * The SSH backdoor that dreams (or nightmares) are made [Read More]
Risky Biz News: Supply chain attack in Linuxland
news.risky.bizIn other news: AT&T confirms 2019 data breach; Canonical switches to manual reviews after flood of scam apps; HP leaves Russia.
Security for Data Engineers
Warning: amateur security writeup IT Security is fairly preoccupied with web application security. Not surprisingly, perhaps, but it leaves an empty space where I would have loved to see content intended for other audiences as well. So I am taking the recent XZ backdoor as an opportunity to think aloud about how data engineers need to think about security. What is different about data engineering 🔗Web development, by its nature, is about creating systems that answers to random requests from the internet.