Comments by "" (@diadetediotedio6918) on "revealing the features of the XZ backdoor" video.

  1. The sad part is the "it is about open source", people are just trying to turn a highly sophisticated attack that could had affected ANY kind of system into a political argument to dismiss open source, as they always do.
    3
  2.  @draken5379  ["But that is vastly more work/time and secure than letting people who created a github account a week ago to contribute to key aspects of the worlds infrastructure. Like jesus."] Tell me you don't know what was the case without telling me that you don't know how was the case
    1
  3. This has nothing to do with "simplicity of software" but whatever
    1
  4.  @DaveBucklin  I hope, BSD is such a great system
    1
  5. This remembers me, 1 month comment of mine about people commenting Rust do "not having" dynamic linking as a security flaw: ["I've seen some people talking about how this is a problem for a security standpoint as well (as if we ship our code statically linked with a library which contains safety vulnerabilities then all of our programs will need to be updated individually to fix it). But this appears to be a one-sided reasoning, because it can work the other way around as well. You can have a bunch of working programs that relies on the same safe package, then it became vulnerable and suddenly all the programs in the system that shares are in risk as well instead of just the ones that had it updated (which means more chances for a potential attacker to explore the vulnerability as most programs in a system tends to be sparsely used)."] HAH
    1