{"id":1461,"date":"2026-03-08T11:42:30","date_gmt":"2026-03-08T17:42:30","guid":{"rendered":"https:\/\/www.netjeff.com\/wp\/?p=1461"},"modified":"2026-03-08T11:51:35","modified_gmt":"2026-03-08T17:51:35","slug":"the-2024-almost-backdoor-into-linux-servers","status":"publish","type":"post","link":"https:\/\/www.netjeff.com\/wp\/?p=1461","title":{"rendered":"The 2024 almost-backdoor on the Internet"},"content":{"rendered":"\n<p>Veritasium recently released an excellent <a href=\"https:\/\/www.youtube.com\/watch?v=aoag03mSuXQ\"><strong>video<\/strong><\/a> about the almost-backdoor into OpenSSH in 2024. The attackers (Russia? China?) would have had a secret backdoor into the majority of servers worldwide. The Internet came within several weeks of this disaster. <\/p>\n\n\n\n<p>The video provides lots of context, in addition to the almost-backdoor, including: history of the \"open source\" movement; background on Linux; remote access encryption &amp; OpenSSH; and how compression works.  <\/p>\n\n\n\n<p>If you're already familiar with all that, you can <strong>skip 20 minutes<\/strong> of this hour long video.  Start <a href=\"https:\/\/www.youtube.com\/watch?v=aoag03mSuXQ&amp;t=552s\"><strong>at 9:12<\/strong><\/a>.  When it gets to about 12:00 (about encryption), skip ahead <a href=\"https:\/\/www.youtube.com\/watch?v=aoag03mSuXQ&amp;t=1406s\"><strong>to 23:26<\/strong><\/a> and watch the rest of the video.<\/p>\n\n\n\n<p>If you want to learn more, start with \"<a href=\"https:\/\/en.wikipedia.org\/wiki\/XZ_Utils_backdoor\">XZ Utils backdoor<\/a>\" on Wikipedia.<\/p>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Veritasium recently released an excellent video about the almost-backdoor into OpenSSH in 2024. The attackers (Russia? China?) would have had a secret backdoor into the majority of servers worldwide. The Internet came within several weeks of this disaster. The video provides lots of context, in <a class=\"more-link\" href=\"https:\/\/www.netjeff.com\/wp\/?p=1461\">Read More &#8230;<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3,10,4,5,1],"tags":[],"class_list":["post-1461","post","type-post","status-publish","format-standard","hentry","category-programming","category-risk","category-security","category-tech","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/www.netjeff.com\/wp\/index.php?rest_route=\/wp\/v2\/posts\/1461","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.netjeff.com\/wp\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.netjeff.com\/wp\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.netjeff.com\/wp\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.netjeff.com\/wp\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1461"}],"version-history":[{"count":5,"href":"https:\/\/www.netjeff.com\/wp\/index.php?rest_route=\/wp\/v2\/posts\/1461\/revisions"}],"predecessor-version":[{"id":1468,"href":"https:\/\/www.netjeff.com\/wp\/index.php?rest_route=\/wp\/v2\/posts\/1461\/revisions\/1468"}],"wp:attachment":[{"href":"https:\/\/www.netjeff.com\/wp\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1461"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.netjeff.com\/wp\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1461"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.netjeff.com\/wp\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1461"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}