#XZUtils 5.8.1 (stable) has been released (#xz / #LZMAUtils / #LZMA / #LZMA2 / #DataCompression) https://tukaani.org/xz/

New blackdoor just dropped.

And did you also think that #xz lib is now much better secured and has much more contributes looking out for the project? I'm afraid not ... https://github.com/tukaani-project/xz/graphs/contributors

The #xz lib has its first major feature release since the backdoor ... Cudous to Lasse Collin for still being involved after all this ... https://www.phoronix.com/news/XZ-5.8-Released

#XZUtils 5.8.0 (stable) has been released (#xz / #LZMAUtils / #LZMA / #LZMA2 / #DataCompression) https://tukaani.org/xz/

How #NixOS and reproducible builds could have detected the #xz #backdoor for the benefit of all https://luj.fr/blog/how-nixos-could-have-detected-xz.html

NixOS and reproducible builds could have detected the xz backdoor

https://luj.fr/blog/how-nixos-could-have-detected-xz.html

How #NixOS and reproducible builds could have detected the #xz utils (#liblzma) backdoor for the benefit of all by @luj https://luj.fr/blog/how-nixos-could-have-detected-xz.html

Do you remember the xz supply chain attack (or backdoor) that happened one year ago and nearly compromised half the world? (I think you do)

I claim that we could have automatically detected this backdoor in NixOS thanks to reproducible-builds!

-> Go read about it in my blog post: https://luj.fr/blog/how-nixos-could-have-detected-xz.html

Boosts would be much appreciated!

https://companydata.tsujigawa.com/press-20250313-004/

株式会社STANDING OVATION（本社：東京都渋谷区、代表取締役CEO：荻田 芳宏）は、toC向けファッションアプリ「XZ（クローゼット）」およびtoB向けパーソナライズWeb接客SaaS「XZ-biz（クローゼットビズ）」を提供しています。
この度、2025年3月に「XZ（クローゼット）」のカレンダー機能に登録されたコーディネート数が累計1,000万件を突破しましたので、お知らせいたします。

■プレスリリース配信元-株式会社STANDING OVATION
https://companydata.tsujigawa.com/company/3010401109774/

#XZUtils 5.7.1 Alpha (dev) has been released (#xz / #LZMAUtils / #LZMA / #LZMA2 / #DataCompression) https://tukaani.org/xz/

#XZUtils 5.6.4 (stable) has been released (#xz / #LZMAUtils / #LZMA / #LZMA2 / #DataCompression) https://tukaani.org/xz/

Tein vähän #pakkaus-kokeiluja törmättyäni taannoin uuteen pakkaimeen, #Bzip3:een. Ainakin minun tiedostojeni #varmuuskopiointi-pakkaamisessa se hävisi pakkausteholtaan selvästi #XZ:lle, jota olen varmuuskopiointiin käyttänyt, ja pakkausnopeudeltaan selvästi #ZStd:lle, johon siirtymistä olin aprikoinut. #atkjuttuja

BZip3

在 Hacker News 上看到 BZip3 的連結：「Bzip3: A spiritual successor to BZip2 (github.com/kspalaiologos)」。

雖然名字看起來與 bzip2 有關，但看起來是不同的人弄出來的東西，不過有些經典的演算法有留下來用，像是 Burrows-Wheeler transform。

另外值得一提的是，bzip2 是 1996 年出的 (不過 1.0 大約是 2000 年時出的)，BZip3 的第一個 release 在 2022 年，這段時間也累積了不少有趣的演算法可以用。

無損壓縮中如果期望有比較的壓縮率，目前比較常用的應該是 LZMA 類的演算法 (差不多是 2001 年出現的)，用的工具通常會是 X

https://blog.gslin.org/archives/2025/02/02/12240/bzip3/

Dear People attending #FOSDEM

The maintainer of #XZ is still in need of true support after they were abused by someone who tried to viciously introduce a backdoor to potentially millions of servers and computers.

They opened a Liberapay account here: https://liberapay.com/Larhzu.
They only receive 13,55€/week for now…

You know XZ is crucial for lots of critical systems. Please tip them generously.and boost this message!

(Discovery borrowed from @Sylvhem)

NOTE : due to the local laws, as a Finnish, Larhzu cannot accept money from Finnish people.