Hi all, I hope everyone in the Linux Interest Group are doing well and enjoying 2026 (so far).
Although I haven’t attended the monthly meetings for quite some time, I figured that you might be interested in this YouTube article that my brother forwarded to me, and consider it as a good discussion topic for a future session. (For those of you who take extra caution when presented with URLs in emails, you can also find this public posting on YouTube by searching for the “Veritasium” channel. - Ed) “*The Internet Was Weeks Away From Disaster And No One Knew <https://www.youtube.com/watch?v=aoag03mSuXQ>*” https://www.youtube.com/watch?v=aoag03mSuXQ >From my perspective, this story is a valuable cautionary tale about the dangers that exist within the internet and the open source community. Having spent much of the past decade working on Identity Management and Security projects, I am aware of the presence of “bad actors” on the internet who look for ways to compromise systems and leverage their skills for malicious intent. You may already be aware of the events described in this posting (or already viewed the YouTube posting), but the situation and circumstances are explained in a very user-friendly style that will appeal to both novice Linux users, seasoned system administrators, and technical enthusiasts with an interest in historical events. I hope the length of the video (52:59) is not too daunting. Those that prefer to “skip ahead” to the meat of the content can start around the ten minute mark. The YouTube description provides a chapter breakdown, but I have also listed a constructive timeline to highlight the sections that I think will appeal to the seasoned Linux readers in the group (see below). 0:00-8:45 = Historical background: Free Software Foundation and the Evolution of Linux 8:45-9:57 = Linus’ Law and the Open Source Movement 9:58-12:07 = The story begins with Lasse Collin from Finland… and someone named Jia Tan 12:08-17:55 = An explanation and history of SSH 17:55-18:39 = Jia Tan and Leveraging Dependencies… 18:40-23:41 = XZ and how data compression works 23:42-38:20 = Trojan Horses, Git Hub, and the Hack 38:21-43:15 = Understanding the Danger – Demoing the Hack 43:16-52:59(eof) = Canaries in the Coal Mine: Discovering the Hack, Andres Freund and Summary Anyway, I thought I would share this link with you, in case you aren't familiar with the story and might find the details enlightening. Otherwise, feel free to discard this email or add it to your "junk drawer". :-) Cheers, Ed
