Enno T. Boland on Nostr: The worst conclusion I read from the #xz backdoor was to blame autotools. Yes there ...
The worst conclusion I read from the #xz backdoor was to blame autotools. Yes there are better build systems out there, but it's naive to believe that with cmake/meson/make supplychain attacks are avoidable.
Published at
2024-03-30 19:03:27Event JSON
{
"id": "cdbb40805d4114b63857abff767989b0ac748e186dc959be445871eb8849fddf",
"pubkey": "18e0c9a257f8aa91611e1a259f44dd71734d8492c855f00bc9d71bbc04f9a6f5",
"created_at": 1711825407,
"kind": 1,
"tags": [
[
"t",
"xz"
],
[
"proxy",
"https://chaos.social/users/Gottox/statuses/112186189906485494",
"activitypub"
]
],
"content": "The worst conclusion I read from the #xz backdoor was to blame autotools. Yes there are better build systems out there, but it's naive to believe that with cmake/meson/make supplychain attacks are avoidable.",
"sig": "1f4d71cc88803e80cb10724a2cc505b65cd6804ebb9e0bf3a82bd854a897a4659ecbf53ee9764b9496cf1d20e3b3f8ef0bae2cc2c76c329b27b3bade50b453fb"
}
