>someone "contributes" to a project >code added on the new release >release submitter for reviewing on the main repositories >4 years later >some fat NEET decides that today is the day he will turn his life around >decides to clear out the todo list >skims through thousands of lines of code, barely noticing what's written >hits the "Reviewed" button
>code is now considered safe and functional >runs on millions upon millions of home computers and servers
Open source "security" is a joke. Do you ever wonder how much malware and backdoors are hidden in linux distros?
Ethan Gonzalez
>Do you ever wonder how much malware and backdoors are hidden in linux distros?
Go through it and find them yourself then
I'll wait
Asher Miller
What are you doing for dinner tonight?
Bentley Davis
>Do you ever wonder how much malware and backdoors are hidden in linux distros? Yes. Why not post how many you found yourself?
Brandon White
Heartbleed is the best example of this.
It's gotten to the point that security-through-obscurity actually works now.
Brayden Brooks
>t. Mactoddler
Asher Peterson
>Things you can't see don't exist ok
Btw thanks for proving my poing, literally NOBODY will bother actually reviewing so much code without compensation. Linux is as safe as running some binary you downloaded from piratebay
Christian Richardson
retard t.b.h
Adam Thompson
>Things you can't see don't exist
You're an idiot for thinking thats what I was implying.
What I was implying that if you have any hesitation thinking there may be any backdoors or malware you can go look yourself and be sure
>literally NOBODY will bother actually reviewing so much code without compensation
You have a very rudimentary understanding of how linux works to think that you have to review every single line of code
>Linux is as safe as running some binary you downloaded from piratebay
Except that you can actually for your self read through the source and understand what it does
Just because you're lazy doesn't mean people aren't and just because someone takes their security into their own hands for whatever reason doesn't make them a 'fat neet'
Jordan Flores
Everyone in Opensoresland thinks that other people are carefully reviewing the code, but everyone thinks that and no-one is actually reviewing the code! What a farce!
Christian Phillips
>Just because you're lazy doesn't mean people aren't ok
Luke Smith
>I poo on the street, therefore everyone does
Nathan Allen
too real man
Lucas Reed
>Linux is as safe as running some binary you downloaded from piratebay citation needed
Henry Stewart
this comment made me really want to go poo in the street
Logan Murphy
Hows that better than the closed source development process
>management with no experience in software development comes up with an idea >outsource the production to some sweatshop in india >check if the update works on their windows xp testing machine >it doesn't crash, push the update
David King
Closed-source code """"review"""" process:
>Some Pajeet gets assigned to develop a new feature >writes code for it, gets it pretty much working >manager asks for a status report >"Well, it's working, but it hasn't been reviewed and the tests aren't written yet..." >Manager: "fuck that shit, marketing is in a big hurry to get the next release out, ship it" >Pajeet commits his code
>code is now considered safe and functional >runs on millions upon millions of home computers and servers
Closed-source "security" is a joke. Do you ever wonder how much malware and backdoors are hidden in proprietary applications and OSs?
Brody Cook
The way you describe it makes it seems like it was made to "just work" which I am so inclined to agree with you
Evan Martinez
if anyone in here thinks that computers are in any way, shape or form even remotely perfect you are stupid, trusting open source software is stupid as trusting prop one. the only way to be sure is build atleast all the software/firmware yourself
Henry Rivera
Sure, you can build it yourself. But how would you know that, in the source, there isn't a stealthily hidden backdoor?
Jaxon Butler
> (You) >Sure, you can build it yourself. >But how would you know that, in the source, there isn't a stealthily hidden backdoor? im sorry, let me clarify: CREATE IT YOURSELF if you are going turbo autism anyway
Ethan Clark
BLOWN THE FUCK OUT
Michael Myers
I'm sure Intel, TI, IBM, and Google, all thought of this before buying big in to Linux the way a fish buys big in to water.
Gavin Price
Don't forget that you must also write the compiler yourself to have any confidence in the security of your newly compliled source code. www.win.tue.nl/~aeb/linux/hh/thompson/trust.html
