←back to thread

An intro to DeepSeek's distributed file system

(maknee.github.io)
621 points sebg | 1 comments | 17 Apr 25 12:50 UTC | HN request time: 0.205s | source
Show context
mertleee ◴[17 Apr 25 14:40 UTC] No.43717579[source]
What are the odds 3fs is backdoored?
replies(2): >>43717673 #>>43719993 #
huntaub ◴[17 Apr 25 14:46 UTC] No.43717673[source]
I think that's a pretty odd concern to have. What would you imagine that looks like? If you're running these kinds of things securely, you should be locking down the network access to the hosts (they don't need outbound internet access, and they shouldn't need inbound access from anything except your application).
replies(1): >>43719290 #
xpe ◴[17 Apr 25 16:42 UTC] No.43719290[source]
> I think that's a pretty odd concern to have.

Thinking about security risks is an odd concern to have?

replies(1): >>43719353 #
huntaub ◴[17 Apr 25 16:48 UTC] No.43719353[source]
I think that worrying that a self-hosted file system has a backdoor to exfiltrate data is an odd concern. Security concerns are (obviously) normal, but you should not be exposing these kinds of services to the public internet (or giving them access to the public internet), eliminating the concern that it's giving your data away.
replies(3): >>43720196 #>>43720467 #>>43745423 #
1. antonvs ◴[20 Apr 25 18:13 UTC] No.43745423[source]
Backdoors in self-hosted systems are one of the major state-level attack vectors, and there are many known examples of this.

The idea that "you should not be exposing these kinds of services to the public internet (or giving them access to the public internet)" is naive. Aside from the fact that this requires every user to show that level of diligence - a completely unrealistic expectation - if a system is backdoored, it can also have means of exfiltrating data beyond just sending it out on the public internet.

And then there's the obvious point that if you suspect a device is compromised, it's completely irresponsible to use it anyway and assume that you're going to be able to prevent unauthorized access.

As some examples, there are documented concerns about Huawei/ZTE routers, which have been banned in Australia, New Zealand, Japan, Taiwan and the US for that reason. Unauthorized third-party code was found in Juniper Networks firewalls. Fortinet had hardcoded admin credentials in its firewalls and VPNs - probably a self-inflicted mistake, but still useful to attackers. Similarly, Western Digital NAS devices had a hardcoded backdoor account. D-Link routers had such a backdoor in their device web interface. There are many more examples like this.

Snowden revealed some of the US government activities in this area. The US, Russia, China, North Korea and other countries have all been involved in attacks involving BIOS/UEFI firmware, router firmware, NAS, and manufacturing supply chains. Covert exfiltration has been involved in many of these cases, using techniques other than transmitting over the internet.

And of course there was the recent (reported late 2024 Salt Typhoon attack by China on US and other Western telecom networks, which relied on these kinds of techniques, and gained access to large amounts of data, including audio and text of targeted people.