|
|
Subscribe / Log in / New account

A backdoor in xz

A backdoor in xz

Posted Mar 30, 2024 10:54 UTC (Sat) by khim (subscriber, #9252)
In reply to: A backdoor in xz by DimeCadmium
Parent article: A backdoor in xz

> The question though is not "what pulls it in" but rather "what pulls it in without adding value"

Each patch add value to someone, or it wouldn't have existed. Sshd without PAM would be 100% useless to me because all machined that I use ssh with use authentication not supported by stock Debian.

Similarly someone who needs to pass certain certification needs selinux and so on.

That's the flip side of the story which made available open source in the first place: we have millions of users and even if 0.01% of them are developers it's enough to produce software for free.

Remove all that “crap” and suddenly there are not enough developers to drive that thing forward because there are not enough users.

There are no easy solution for that problem, unfortunately.

to post comments

A backdoor in xz

Posted Mar 31, 2024 1:27 UTC (Sun) by DimeCadmium (subscriber, #157243) [Link]

There's a difference between adding value to 1 person and adding value to everyone who uses some software, for example.


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds