linuxmemes

20484 readers

1263 users here now

I use Arch btw

Sister communities:

LemmyMemes: Memes
LemmyShitpost: Anything and everything goes.
RISA: Star Trek memes and shitposts

Community rules

Follow the site-wide rules and code of conduct
Be civil
Post Linux-related content
No recent reposts

Please report posts and comments that break these rules!

founded 1 year ago

MODERATORS

[email protected]

986

Debian security amirite? (lemmy.world)

submitted 4 months ago by [email protected] to c/[email protected]

75 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 52 points 4 months ago (2 children)

Like the exact same thing can not happen in a closed source codebase. It probably does daily. Since closed codebases the due dilligence and reviews cost money, and nobody can see the state. They are intentionally neglected.
Open source nor closed source is immune to the 5$ wrench hack

[–] [email protected] 25 points 4 months ago

Can't decide which one is more relevant - the $5 wrench hack, or any sort of blackmailing.

XKCD 538 - Security

XKCD 416 - Zealous Autoconfig

[–] [email protected] 8 points 4 months ago

Exactly, if you are as big a Microsoft, you can't tell 100% if one of your developer's is actually being paid by a foreign government. Even if you say completely check the commits other devs make, there will still be deadlines when a code review is just "looks fine, next".