The backdooring of SquirrelMail
Posted Dec 20, 2007 12:17 UTC (Thu) by scarabaeus
Parent article: The backdooring of SquirrelMail
there have been several attempts to compromise source distributions over the years. Many of them have succeeded in getting bad code into high-profile packages. But none of these attacks - so far as we know - have escaped detection for any significant period of time
Well, yes - how do
you know that no such thing exists?? Anybody who has done it will surely be careful not to cause alarm when exploiting it.
BTW, it is also possible and likely that some developer somewhere has done a similar thing. I dimly remember one occasion a few years ago when such a developer backdoor was detected, can't remember any details though...
to post comments)