Cats, Pastry, DIY, Webdev, Photography. Trans rights now! Fuck all nazis.
- 0 Posts
- 1 Comment
Joined 2 years ago
Cake day: June 13th, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
Cats, Pastry, DIY, Webdev, Photography. Trans rights now! Fuck all nazis.
They do try, but many vigilant members of the FOSS community do their best to find out what’s being done and prevent it.
You can read this summary of the attempt to inject a malware payload into a widely used compression tool that is used when remotely accessing servers: https://www.theverge.com/2024/4/2/24119342/xz-utils-linux-backdoor-attempt
It was a close call with potentially dramatic consequences, where a bad actor took 2 years to progressively gain reputation and rights to a key FOSS project, and one performance obsessed engineer to find out what they did and undo everything.
The big difference between FOSS and closed source software is that FOSS gives the possibility to audit the code, whereas binary analysis / retro engineering is much harder.