Unfortunately, Russia would not hesitate a second to use these Russian maintainers to include some shady stuff into Linux. Russia used everything they can to their advantage.
Now, we can wait for that to happen and have all sorts of issues when some backdoor gets distributed on a massive scale on a lot of Linux systems, or we can be realistic about the situation and take action before that.
I would not trust anyone from China to work in FOSS either, since they are exactly the same.
Yeah better discriminate based on nationality /s. But why stop at that? Poor people are too easily bribed can’t have them. I hear the CIA recruits from top US universities, can’t trust those college grads either. Anyone belonging to some homophobic church or religious group? Better not what if they’re closeted gay and get blackmailed? Anyone in a monogamous relationship should be excluded for the same reason, if you think about it. *tips forehead*
If we follow through with it, I would absolutely never ever trust anyone from the US, for example. US is very much known for cyber espionage and shady operations, and could absolutely backdoor Linux.
This is all power play, and it comes from a very certain direction amidst this political struggle.
You want your open source code not to have backdoors? Review it meticulously. This is really the only way, and the one an entire open-source community relies on - pretty successfully, by the way.
by this logic it turns out that the code quality control system is built in such a way that if someone has malicious intent and wants to add malicious code, but is not affiliated with dubious structures, then he will easily succeed? Hey, what about enough eyeballs and shallow bugs?
Unfortunately, Russia would not hesitate a second to use these Russian maintainers to include some shady stuff into Linux. Russia used everything they can to their advantage.
Now, we can wait for that to happen and have all sorts of issues when some backdoor gets distributed on a massive scale on a lot of Linux systems, or we can be realistic about the situation and take action before that.
I would not trust anyone from China to work in FOSS either, since they are exactly the same.
Yeah better discriminate based on nationality /s. But why stop at that? Poor people are too easily bribed can’t have them. I hear the CIA recruits from top US universities, can’t trust those college grads either. Anyone belonging to some homophobic church or religious group? Better not what if they’re closeted gay and get blackmailed? Anyone in a monogamous relationship should be excluded for the same reason, if you think about it. *tips forehead*
If we follow through with it, I would absolutely never ever trust anyone from the US, for example. US is very much known for cyber espionage and shady operations, and could absolutely backdoor Linux.
This is all power play, and it comes from a very certain direction amidst this political struggle.
You want your open source code not to have backdoors? Review it meticulously. This is really the only way, and the one an entire open-source community relies on - pretty successfully, by the way.
by this logic it turns out that the code quality control system is built in such a way that if someone has malicious intent and wants to add malicious code, but is not affiliated with dubious structures, then he will easily succeed? Hey, what about enough eyeballs and shallow bugs?
If only there was some sort of review process for code to get into the kernel…
@MrAlternateTape @fireshell <sarcasm>But Stuxnet proves nobody in the United States would do that.</sarcasm>