• BestBouclettes@jlai.lu
    link
    fedilink
    arrow-up
    40
    arrow-down
    6
    ·
    8 months ago

    If anything it highlights how great open source actually is when it comes to security. People saw it and immediately flagged it.

        • ErilElidor@feddit.de
          link
          fedilink
          arrow-up
          19
          ·
          8 months ago

          My takeaway is more like: This one almost made it through and was caught by accident. How much more backdoors actually were not caught and made it through? I would bet some money on it being more than 0 :(

          • trolololol@lemmy.world
            link
            fedilink
            arrow-up
            2
            ·
            8 months ago

            Yep for sure. But open source at least let’s you examine every part of the ecosystem.

            No software is perfect even if all contributors have good intentions and do all due diligence.

            Throw some malice and there is a chance something will get through.

          • Croquette
            link
            fedilink
            arrow-up
            2
            arrow-down
            1
            ·
            8 months ago

            Im not sure why it being caught by accident is a factor here.

            If devs knew what the pitfalls were before coding, there wouldn’t be security risks in software.

            Hackers do the same thing. They pen test, and if by chance they find something, they exploit it.

      • trolololol@lemmy.world
        link
        fedilink
        arrow-up
        9
        ·
        8 months ago

        Also this was a multi year effort that employed very complex knowledge. And still didn’t get thru.

        If it’s multi year and very complex it’s telling that this is what it takes. The bar is very high.