I am not a security researcher, nor a reverse engineer. There’s lots of
stuff I have not analyzed and most of what I observed is purely from
observation rather than exhaustively analyzing the backdoor code.
Also, it may take 10 days to downgrade the package[2].
Yea, but the move to verify the path seemed somewhat funny at the time. As for the second part - it’s a shame, but expected: they need to re-compile like everything. So, I just decided to wait since all my machines are ssh-ible from VPN only
I wouldn’t be so sure it doesn’t affect NixOS[1].
Also, it may take 10 days to downgrade the package[2].
1 ↩︎
2 ↩︎
Yea, but the move to verify the path seemed somewhat funny at the time. As for the second part - it’s a shame, but expected: they need to re-compile like everything. So, I just decided to wait since all my machines are ssh-ible from VPN only