this post was submitted on 31 Mar 2024
246 points (98.0% liked)
Open Source
31670 readers
325 users here now
All about open source! Feel free to ask questions, and share news, and interesting stuff!
Useful Links
- Open Source Initiative
- Free Software Foundation
- Electronic Frontier Foundation
- Software Freedom Conservancy
- It's FOSS
- Android FOSS Apps Megathread
Rules
- Posts must be relevant to the open source ideology
- No NSFW content
- No hate speech, bigotry, etc
Related Communities
Community icon from opensource.org, but we are not affiliated with them.
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
If anything it highlights how great open source actually is when it comes to security. People saw it and immediately flagged it.
Dude, the issue was found purely by coincidence, it very nearly made it through
Yes, but it didn’t. Has it made it through on closed software? Who knows?
My takeaway is more like: This one almost made it through and was caught by accident. How much more backdoors actually were not caught and made it through? I would bet some money on it being more than 0 :(
Yep for sure. But open source at least let's you examine every part of the ecosystem.
No software is perfect even if all contributors have good intentions and do all due diligence.
Throw some malice and there is a chance something will get through.
Yes, probabky, but also might be possible to now find.
Im not sure why it being caught by accident is a factor here.
If devs knew what the pitfalls were before coding, there wouldn't be security risks in software.
Hackers do the same thing. They pen test, and if by chance they find something, they exploit it.
Also this was a multi year effort that employed very complex knowledge. And still didn't get thru.
If it's multi year and very complex it's telling that this is what it takes. The bar is very high.