Comment on Apple alerts users in 92 nations to state-sponsored / mercenary-spyware attacks
aniki@lemm.ee 7 months agoThere’s no “us” – just your dumbass.
Comment on Apple alerts users in 92 nations to state-sponsored / mercenary-spyware attacks
aniki@lemm.ee 7 months agoThere’s no “us” – just your dumbass.
le_saucisson_masquay@sh.itjust.works 7 months ago
Your dumbass should check XZ Backdoor.
It was open source, yet only blind luck led a Microsoft developer to uncover it. It would have gone in most Linux installation otherwise.
All because of an unpopular package that was maintained by a very few people.
aniki@lemm.ee 7 months ago
Which was an exception to the rule and found immediately because of open source but go on with your bad self.
bitfucker@programming.dev 7 months ago
Wait, they have figured out the source now? Can you give me the link for more reading on how they did it?
le_saucisson_masquay@sh.itjust.works 7 months ago
Exception to the rule ?? I’d argue you have no idea how many times it succeeded because that’s the point. We only know what failed, if this worked I have no doubt that companies running Pegasus which have hundreds of millions of dollar of budget every year can success.
Open source when not maintained properly is fundamentally flawed, there just need one weak element in the chain, one package maintained by a handful of people on their own time.
aniki@lemm.ee 7 months ago
You’re a clown
CrazyLikeGollum@lemmy.world 7 months ago
Do you know how many times Microsoft has had a supply chain attack inject a critical vulnerability into Windows? Or how many times a malicious insider at Apple has added a backdoor to iOS?
Nope, and you cant possibly know because those systems are closed.
With open source software you have the ability to audit the code for vulnerabilities. We have the ability to reasonably state that that incident was an exception to the rule because its so easy to see the available code and major security incidents tend to become major news.