Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

And like most AV systems it seems to be a bigger threat than what it supposedly protects against. Seriously how is it acceptable to have one corporation push a live update and take down tons of critical services all over the world. Just imagine what a malicious actor could accomplish with such a delivery vector.


Indeed. The xz backdoor team must be kicking themselves: "We spent years getting our own vector into a tool, only for our world domination plans to be thwarted at the last minute ... we could have just bribed someone at CS!"




Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: