How a Hacker Saved The Internet

Andress is running some routine software tests at first everything looks pretty normal but then he spots something this peak here is not a typical CPU load not a huge problem but it's annoying plus he can't make sense of it right away little does andrees know that this is not just some random bug it's a cleverly hidden back door one that's been planted over years by hostile forces possibly state sponsored hackers now it's set to spread globally and give the perpetrators access to millions of servers around the world to the systems of hospitals companies and entire governments a master key to the internet and everything connected to it right in the hands of criminals Andre doesn't know about any of this yet but he's about to literally Save the Internet Fern to understand this story we first need to take a little detour into software engineering and a very particular little piece of code a lot of software out there is company-owned like word which belongs to Microsoft only Microsoft employees can tweak and further develop that software but then and their software that is open source it works kind of like Wikipedia the source code is out in the open for anyone to see and use basically anyone can contribute and suggest changes that has led to the creation of many programs that are fundamental to our digital infrastructure while anyone can pitch in on open source projects there are usually a few people in charge these so-called maintainers have the final say on the code and review any changes before they get implemented Lassa Colin is one of these maintainers he has been working for years on the Linux tool xed utils Linux is the most widely used open source operating system in the world you may not be running Linux directly on your own computer but it Powers most of the world's servers main frames and every single one of the top 500 supercomputers XZ is a data compression format included in pretty much all major Linux distributions a Linux distribution is like a full package of all the essential programs your computer needs to run different disos are designed for different purposes exit UTS compresses and packages data Su can be transferred and stored faster it's kind of like zip files Colin developed the tool back in 2005 as its maintainer he has been in charge of all changes to exed U tools ever since he reviews suggested edits and then approves them or not once the approved changes are in place a new version of exit uols can be included in Linux dros but lately that process has hit a bit of a snack two volunteer developers are not happy with how Colin has been handling his maintenance duties they feel like he's way too slow in responding to change requests and messages then his ANS is clearly frustrated when he asks for updates I asked a question here a week ago and have not heard back jiga Kumar also seems fed up with how slow things are moving with your current rate I very doubt to see 5 4 Zero release this year the only progress since April has been small changes to test code he even suggests that they might need a new maintainer Dennis you are better off waiting until a new maintainer happens or Fork yourself submitting patches here has no purpose these days the current maintainer lost interest or doesn't care to maintain anymore Lassa Colin appears to be struggling with the workload after all his work on exet utils is just an unpaid hobby but and and Kumar clearly want someone who can dedicate more time to the project and respond faster to their suggestions in response to Kumar's message Colin writes I haven't lost interest but my ability to care has been fairly limited mostly due to long-term mental health issues but also due to some other things he also says recently I've worked off list a bit with Gaton on XA utils and perhaps she will have a bigger role in the future we'll see gatan first pops up under developer platform GitHub in January 2021 for over a year she contributes to other projects then in 2022 she starts submitting changes for xed utils from that point on she becomes a regular contributor tan is dedicated and polite she writes friendly messages and helps out wherever she can nice job to both of you for getting this feature as far as it is already let me know your thoughts on these patches when you have a chance is it good enough or did I add bad bugs just trying to do my part as a helper elf maybe after getting all those annoint messages from anent Kumar Colin is just relieved to finally have some help someone to lighten the load and actively push the project at one point Colin explains that a maintainer needs the skills time and interest to really stay committed to the software and gatan seems to check all those boxes back then Colin doesn't realize that something is seriously off about [Music] her this video hopefully offers a glance into the fascinating world of programming if you're getting inspired by the story why not learn more about the subject enter brilliant our favorite Hands-On learning platform brilliant does an incredible job at breaking down major future skills like coding Ai and math to interactive and super engaging lessons for example to be able to code you want to get into python one of the key programming languages out there brilliant will get you coding from day one with their build-in drag and drop editor you work through Essential Elements like Loops variables and conditionals and learn to develop a programming mindset and as you progress you'll already start building actual programs that can form the basis for proper games or apps if that's not your thing there are so many other courses on countless subjects um brillian you'll definitely find something that interests you all of their courses help you in developing problem solving skills in a diverse range of subjects our viewers can now try everything brilliant has to offer free of charge for 30 days scan the QR code or visit brilliant. org Fern to start your trial and get 20% off your annual premium subscription in June 2022 tan gets promoted to co-maintainer she takes on more and more control of the project over the course of the year she starts editing exad utils on her own and in March 2023 she changed ches the contact mail at osas a service that helps identify bucks in open source projects from now on security alerts are no longer sent to Colin but exclusively to tan shortly after a new user named Hans Jansen submits a change request for xit and ton approves it 9 months later March 2024 Jansen sends a message to the Debian project Debian is a wh spread Linux based operating system known to be stable and secure Jansen wants the Debian team to include a new version of exit utos in an upcoming Debian version saying it will fix a specific bug two other users chime in to praise the fix korin and miso eater and when another user raises concerns korin is clearly annoyed and quickly shuts them down instead of having a policy debate over who is proper to do this upload can this just be fixed shortly after the dean project integrates the new version of exet UT into a preliminary version of their operating system called Sid around the same time Andre's FR is working as a developer at Microsoft he has also been actively contributing to an open-source project he has just downloaded the latest version of Sid to run some tests for his project Sid is not for public release and marked as unstable and insecure developers contested for bucks before new features get officially integrated and during his tests andrees notices something strange something is taking up way too many resources in SSH ssh is used to remote access Linux machines why is SSH draining such a crazy amount of CPU something is off he also notices a considerable drop in performance a lack of 500 milliseconds that's half a second something nobody else would ever notice but andr does so he takes a closer look at SSH and realizes that the delay is related to exed utos on many Linux distributions SSH has a dependency on xed utos that means that certain xet functions are invoked when SSH is executed Andre digs deeper into xet utos and discovers that someone has slipped in a malicious piece of code and this code allows at someone to sneak into the system via SSH it's a back door this back door is so well hidden that no one caught it while reviewing and testing the code a phenomenal scary attack but this disguise is slowing the malicious code down and it's that exact delay that Andre FR has noticed when starting SSH on March 27 he sends an email to inform the Debian security team about his findings to few days later he goes public he publishes a post on madon the malicious code is hidden in two versions of XZ utils and Andres also has a hunch as to who might have planted it g tan she had secretly added the back door to a version of exit uols just before Andre found it when Andre makes his findings public all hell breaks loose did one guy just stop a huge Cyber attack this may be one of the biggest stories un year curiosity may have saved us from a devastating Cyber attack the US cyber Defense Agency issues an emergency security alert luckily the tempered software hasn't spread far yet but it has already infiltrated test versions of several major Linux distros meaning it was just on the verge of massive deployment an army of developers and cyber Security Experts jump into action within just a few hours they buildt a fix to neutralize the back door had it actually made its way into the code of multiple operating systems the consequences could have been catastrophic the attackers could have gained unauthorized remote access to countless systems it would have been the master key to hundreds of millions of computers and servers around the world Linux operating systems are used in schools universities and hospitals the White House the House of Representatives and the Senate all use Linux in one Fell Swoop the attackers could have taken down critical Services across the globe they could have spread malware or stolen sensitive information there's no other way to put it the world dodged a major bullet thanks to Andre fr the silver back gorilla of nerds the internet's final boss the Microsoft developer is praised like a hero and naturally his story becomes a meme even Microsoft CEO SAA Adela gives him a shout out for his efforts everyone is relieved disaster has been averted the shock is where wearing off but the real question remains who did this who is really behind Gan Andre's FR doesn't believe this was the work of just one person he suspects gatan had backup these users are suspected of being involved it looks like ANS and Kumar deliberately put pressure on lass Collin to clear the way for gatan then Jansen Koran and Mizu pushed the update through this whole attack was a master class in Social Engineering that's when attackers manipulate people into doing something they shouldn't like making you accidentally give up a password or holding a high security door for someone who appears to be pregnant the alleged group behind gatan was insanely clever infiltrating exed U tools took not only technical skill but a ton of patience remember gatan spent an entire year building trust by contributing to other projects before even suggesting changes for exed utils then another 2 years passed before she slipped in the back door experts think this was likely the work of state sponsored hackers but what state would that be there's no trace of gatan online at first glance Gia Chong tan seems Chinese the timing of the posts lines up with the UTC Plus 8 time zone but that might just be a smoke screen to hide the Hacker's true identity and location would someone who spends years crafting such an integrate Plan Building trust and slowly gaining control really leave such obvious breadcrumbs faking time zones isn't hard what if the people behind Jatan simply change the time zone on their computer to UTC Plus 8 before each contribution at least that's what an analysis of her account suggests the same analysis shows that gatan has worked through major Chinese holidays that's weird and it's even weirder that the account was silent on Christmas and New Year's which are just regular business days in China plus if Gia really lived in the UTC Plus 8 time zone she would have always been working through the night the analysis suggests that gatan might actually reside in Eastern Europe there seemed to be a couple of incidents where they forgot to forge the time zone there were three commits made in UTC plus 2 and six in UTC plus 3 now if we assume gatan lives in one of those time zones she would have typically started working at 9:00 a. m.

and clocked out by 5:00 p. m.