Possibly linuxXZ backdoor in a nutshell
refreezeI have been reading about this since the news broke and still can’t fully wrap my head around how it works. What an impressive level of sophistication.
rockSlayerAnd due to open source, it was still caught within a month. Nothing could ever convince me more than that how secure FOSS can be.
Yea, but then heartbleed was a thing for how long that no-one noticed?
The value of foss is so many people with a wide skill set can look at the same problematic code and dissect it.