This is included in the chromium source code which is public
xavier666@lemm.ee 4 months ago
Remember the rule of thumb -> if it’s not open-source, you are allowing the software to do whatever it wants to do.
No regulation, law, support group is going to help you. You are digging your own grave.
redditReallySucks@lemmy.dbzer0.com 4 months ago
vext01@lemmy.sdf.org 4 months ago
If it’s any software you didn’t write yourself or audit every line of…
For a typical Linux distro that’s tens of thousands of packages…
xavier666@lemm.ee 4 months ago
I am no expert on code-auditing. But I’m slightly at peace that there are 100s of experts looking at the code because it’s open-source. But i also understand mistakes can still happen. It’s not a perfect system, but it’s the best solution so far.
vext01@lemmy.sdf.org 4 months ago
There’s some truth to that, but bad actors have managed to slip things through in the past. It happened recently with xz.
I guess my point is that we put a lot of trust in strangers when we run any code on our systems. Open or not.
xavier666@lemm.ee 4 months ago
True. We can also not run code at all and be perfectly safe.
I wish there was a comparison. Number of 0days in open source and 0days in closed source for comparible projects and a measure for time to mitigate the 0days.
JackbyDev@programming.dev 4 months ago
I agree, but… This was in open source software. Chromium. Not just Google Chrome. github.com/…/422c736b82e7ee763c67109cde700db81ca7…