• @psmgx
    link
    English
    338 months ago

    Sounds like a concerted effort by a reasonably competent state actor. The +0800 timezone offset implies parts of Asia and is a small but crucial detail, esp given the commit times. In other words, China, Malaysia, Korea, etc. – somewhere in Asia.

    OTOH the author even concedes identity theft or smart attempts to discredit and point at Asia. Still, is on par for Chinese and NK actors.

    • @[email protected]
      link
      fedilink
      English
      23
      edit-2
      8 months ago

      It could also be the opposite, someone trying to act like one of the Asian countries. The article lists the UTC times for the commits at 12-17, which would correspond to 8AM-1PM EST or 5-10AM PDT. That also could be fudged, or it could be a relatively new US spook working primarily in the mornings. Or if it’s someone in Asia, that’s 8PM-1AM, which is the perfect time for an evening hacker.

      It’s really not clear who’s behind it.

      I’m guessing an independent hacker in Asia because a state actor would probably just exploit existing bugs instead of adding new ones, and they certainly wouldn’t do something as obvious as “safe_fprintf -> fprintf.” I’m guessing this is all one individual trying to create business for themselves.

    • @[email protected]
      link
      fedilink
      English
      28 months ago

      In other words, China, Malaysia, Korea, etc. – somewhere in Asia.

      The Shadow Broker’s leaks showed that state actors had whole tool suites to ensure that the product appeared like it was coming from a different location. Given that those tools have been leaked since 2016 and the concept is even older; relying on metadata like timezones, character set, etc… to make determinations about location is unreliable at best.

    • @[email protected]
      link
      fedilink
      English
      18 months ago

      I’m not really convinced. I haven’t seen anything outside the capabilities of a talented individual, and such an exploit would be worth a lot of money, so the motivation is there.

  • @fluxion
    link
    English
    168 months ago

    It’s so disgusting to think that Jigar Kumar guy pressuring the original maintainer was Jia himself just manipulating his way into a maintainer role.

    I hate people sometimes.

    • @[email protected]
      link
      fedilink
      English
      78 months ago

      It may not have a been a single person in the first place. “Jia” may have just been a front for multiple people or a team of people working together to facilitate the whole situation.

  • Pika
    link
    fedilink
    English
    98 months ago

    this is insane that it lasted as long as it was before found. I’m glad that was quickly resolved before it hit stable.