[SAI_Peregrinus]

I'd say the backdoor could have been hidden in another build system, even Makefiles. But it would have been much more difficult to hide.

[felipec]

Of course, everything is possible. But the design of autotools and the obfuscation of m4 scripts made it much more easy to sneak in.

[SAI_Peregrinus]

Oh, I'm not debating that. I'm taking issue with the line "If the xz project had not been using autotools, installing the backdoor would not have been possible. It’s as simple as that." It would have been possible but more difficult. Probably much more difficult. Autotools is a flaming mess of bad ideas, I've migrated projects' build systems off of it before and will continue to try to do so every chance I get.