What is Nostr?
Lars Marowsky-Brée 😷 /
npub1y2l…nuf9
2024-04-01 09:22:53

Lars Marowsky-Brée 😷 on Nostr: I can't wrap my head around how almost all of the #xz reporting focuses on the ...

I can't wrap my head around how almost all of the #xz reporting focuses on the failures of #opensource.
Yeah, sure, but ...

Good luck finding such an attack in proprietary code.
Via the cliché paid off/blackmailed employee, hacked dev servers/repos, or via capitalism's favorite cost-cutting measure: a remote "offshored" contracted temporary developer (or nowadays, embedded into some LLM output).

If anything, Open Source Security has *worked*.

#cypersecurity #OSS
Author Public Key
npub1y2l9en3y09nprm9yxt2e5edya7r6v6vzkq9xrh02cgj8srnf8cwq3znuf9