• @[email protected]
    link
    fedilink
    1979 months ago

    To be fair, we only know of this one. There may well be other open source backdoors floating around with no detection. Was heartbleed really an accident?

    • lemmyreaderOP
      link
      fedilink
      English
      1009 months ago

      True. And the “given enough eyeballs, all bugs are shallow” is a neat sounding thing from the past when the amount of code lines was not as much as now. Sometimes it is scary to see how long a vulnerability in the Linux kernel had been there for years, “waiting” to be exploited.

      • @[email protected]
        link
        fedilink
        739 months ago

        Still far better than a proprietary kernel made by a tech corp, carried hardly changed from release to release, even fewer people maintain, and if they do they might well be adding a backdoor themselves for their government agency friends.

    • @xenoclast
      link
      359 months ago

      Yeah he didn’t find the right unmaintained project. There are many many many cs undergrads starting projects that will become unmaintained pretty soon.