• null@slrpnk.net
          link
          fedilink
          English
          arrow-up
          0
          ·
          7 months ago

          It’s not a dumb point so much as just naive – and its the lesson we learned from the xz backdoor.

          Sure the source code is out there for anyone to see, but are the right people actually looking?

    • lewdian69@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      7 months ago

      You’re manually reviewing the entire code of every open source product you use? Manually reviewing the code at every commit of every open source software you use?