this post was submitted on 26 Aug 2024
196 points (99.0% liked)
Open Source
31218 readers
266 users here now
All about open source! Feel free to ask questions, and share news, and interesting stuff!
Useful Links
- Open Source Initiative
- Free Software Foundation
- Electronic Frontier Foundation
- Software Freedom Conservancy
- It's FOSS
- Android FOSS Apps Megathread
Rules
- Posts must be relevant to the open source ideology
- No NSFW content
- No hate speech, bigotry, etc
Related Communities
Community icon from opensource.org, but we are not affiliated with them.
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Unfortunate that this happened, but at least they are forcing more transparency to try to minimize the ability to hide behind opaque code.
Without some sort of reproducible builds (which are really finnickey to actually get) this doesn't really help though. Adding some set of malicious patches before doing the binary release is trivial.
You don't need reproducible builds. You can get by if you trust whoever compiled it, like your distro's maintainers or the pidgin developers.