What an Oxide and Friends last night! @bcantrill and I were joined by the one and only @AndresFreundTec to talk about his discovery of the xz backdoor. It’s an incredible story… so great to get into the details with Andres. Definitely check it out (or on the pod tomorrow).
I was really pleased by this background image so wanted to talk about it briefly. The concept was (of course!) simple: the (in)famous xkcd graphic with the thankless Nebraskan removed https://xkcd.com/2347/
Like all lazy people in 2024, I turned to Chat GPT for help. This didn't work out well. (Have I mentioned that I'm bad at Chat GPT?)
I should mention that we don't put a ton of time into Oxide and Friends (sorry!) so I try to bound these side-quests at least somewhat. Somewhat. I decided to find a physics simulator (like a lunatic) and SimPHY was the first one I stumbled onto that worked well enough. I roughed out the structure from the xkcd comic:
I threw it on the iPad that I "borrowed" from my older son and traced it in Procreate with his Apple Pencil. 100% it could have been better, but I already felt like a crazy person and wasn't sure it was going to work out
Then I threw the lines into Photoshop, applied the bucket tool, and ... good enough!
Check out the episode I made this for where we interview Andres Freund on his discovery of a backdoor in XZ—maintained by the metaphorical Nebraskan! https://youtu.be/jg5F9UupL6I
@ahl Wait, why is everyone referring to Andres as the Nebraskan? It was really more Lasse Collin, the sole maintainer of xz, who was an appealing target because he was sole maintainer of something the whole ecosystem depended on.
@ahl Regarding the announcement at the end about the book club: after hearing that the audiobook wasn't available in the US, I signed up for a libro.fm account, moved to Corfe Castle, Dorset, UK (looks like a nice place), and was easily able to change my account info in libro.fm to reflect the move.
@bbarker great tip. Thanks!