Risky Business #743 -- A chat about the xz backdoor with the guy who found it

On this week’s show Patrick and Adam discuss the week’s security news, including:


The SSH backdoor that dreams (or nightmares) are made of
Microsoft gets a solid spanking from the CSRB
Ukraine uses an old Russian WinRAR bug to hack Russia
Push-notifications and social-engineering combined-arms vs Apple
And much, much more.


We have a special guest in this week’s show, Andres Freund, the Postgres developer who discovered the backdoor in the xz Linux compression library.

This week’s show is brought …

adam backdoor bug business chat csrb discuss engineering found hack microsoft notifications old risky-business russia russian security social solid ssh ukraine week winrar xz backdoor