What is Nostr?
Jan Schaumann /
npub1kvy…edh2
2024-03-31 22:00:42

Jan Schaumann on Nostr: For anybody cynically going "haha, 'given enough eyeballs, all bugs are shallow" my ...

For anybody cynically going "haha, 'given enough eyeballs, all bugs are shallow" my ass", I'm willing to argue that the reverse engineering of the #xz #backdoor actually validates this claim.

We just didn't have enough eyeballs on this particular dependency, nor is it possible to have every commit in your dependency graph investigated. But once the issue was found, the community's focus moved like the 👁️ of Sauron; few teams could have done that work (as quickly, thoroughly, or at all).
Author Public Key
npub1kvy8enal7npw9ct28tc53d4r5fl7q7a3ua3gku22z8jlyec37f3snmedh2