Software Engineering Radio is a podcast targeted at the professional software developer. The goal is to be a lasting educational resource, not a newscast. SE Radio covers all topics software engineering. Episodes are either tutorials on a specific topic, or an interview with a well-known character from the software engineering world. All SE Radio episodes are original content — we do not record conferences or talks given in other venues. Each episode comprises two speakers to ensure a lively listening experience. SE Radio is brought to you by the IEEE Computer Society and IEEE Software magazine.
SE Radio 630: Luis Rodríguez on the SSH Backdoor Attack
Luis Rodríguez, CTO of Xygeni.io, joins host Robert Blumen for a discussion of the recently thwarted attempt to insert a backdoor in the SSH (Secure Shell) daemon. OpenSSH is a popular implementation of the protocol used in major Linux distributions for authentication over a network. Luis describes how a backdoor in a supporting library was recently discovered and removed before the package was published to stable releases of the Linux distros. The conversation explores the mechanism of the attack through modifying a function table in the runtime; how the attack was inserted during the build; how the attack was carefully staged in a series of modifications to the lz compression library; the nature of “Jia Tan,” the entity who committed the changes to the open source project; social engineering that the entity used to gain the trust of the open source community; what forensics indicates about the location of the entity; hypotheses about whether criminal or state actors backed the entity; how the attack was detected; implications for other open source projects; why traditional methods for detecting exploits would not have helped find this; and lessons learned by the community.
Brought to you by IEEE Computer Society and IEEE Software magazine.