Did One Guy Just Stop a Huge Cyberattack?
The New York Times
A Microsoft engineer noticed something was off on a piece of software he worked on. He soon discovered someone was probably trying to gain access to computers all over the world.
The internet, as anyone who works deep in its trenches will tell you, is not a smooth, well-oiled machine.
It’s a messy patchwork that has been assembled over decades, and is held together with the digital equivalent of Scotch tape and bubble gum. Much of it relies on open-source software that is thanklessly maintained by a small army of volunteer programmers who fix the bugs, patch the holes and ensure the whole rickety contraption, which is responsible for trillions of dollars in global G.D.P., keeps chugging along.
Last week, one of those programmers may have saved the internet from huge trouble.
His name is Andres Freund. He’s a 38-year-old software engineer who lives in San Francisco and works at Microsoft. His job involves developing a piece of open-source database software known as PostgreSQL, whose details would probably bore you to tears if I could explain them correctly, which I can’t.
Recently, while doing some routine maintenance, Mr. Freund inadvertently found a backdoor hidden in a piece of software that is part of the Linux operating system. The backdoor was a possible prelude to a major cyberattack that experts say could have caused enormous damage, if it had succeeded.
Now, in a twist fit for Hollywood, tech leaders and cybersecurity researchers are hailing Mr. Freund as a hero. Satya Nadella, the chief executive of Microsoft, praised his “curiosity and craftsmanship.” An admirer called him “the silverback gorilla of nerds.” Engineers have been circulating an old, famous-among-programmers web comic about how all modern digital infrastructure rests on a project maintained by some random guy in Nebraska. (In their telling, Mr. Freund is the random guy from Nebraska.)