• 0 Posts
  • 5 Comments
Joined 1 year ago
cake
Cake day: July 5th, 2023

help-circle
  • For my personal devices:

    • Microsoft products from MS DOS 6.x or so through Windows Vista
    • Ubuntu 6.06 through maybe 9.04 or so
    • Arch Linux from 2009 through 2015
    • MacOS from 2011 through current
    • Arch Linux from 2022 through current

    I’ve worked with work systems that used RedHat and Ubuntu back in the late 2000’s, plus decades of work computers with Windows. But I’m no longer in a technical career field so I haven’t kept on top of the latest and greatest.





  • Good writeup.

    The use of ephemeral third party accounts to “vouch” for the maintainer seems like one of those things that isn’t easy to catch in the moment (when an account is new, it’s hard to distinguish between a new account that will be used going forward versus an alt account created for just one purpose), but leaves a paper trail for an audit at any given time.

    I would think that Western state sponsored hackers would be a little more careful about leaving that trail of crumbs that becomes obvious in an after-the-fact investigation. So that would seem to weigh against Western governments being behind this.

    Also, the last bit about all three names seeming like three different systems of Romanization of three different dialects of Chinese is curious. If it is a mistake (and I don’t know enough about Chinese to know whether having three different dialects in the same name is completely implausible), that would seem to suggest that the sponsors behind the attack aren’t that familiar with Chinese names (which weighs against the Chinese government being behind it).

    Interesting stuff, lots of unanswered questions still.