Pretty much proof that OSS != automatically more secure. And proof that OSS proj... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		shortsunblack on March 29, 2024 \| parent \| context \| favorite \| on: Backdoor in upstream xz/liblzma leading to SSH ser... Pretty much proof that OSS != automatically more secure. And proof that OSS projects can get backdoored. See this for more ideas on this issue: https://seirdy.one/posts/2022/02/02/floss-security/

derkades on March 30, 2024 [–]

The malware was hidden inside an opaque binary. If anything, this shows that we need more open source and more reproducibility.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact