this post was submitted on 04 Nov 2024
294 points (85.7% liked)

Technology

60058 readers
2807 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 2 years ago
MODERATORS
top 50 comments
sorted by: hot top controversial new old
[–] [email protected] 13 points 1 month ago (1 children)

It was the right move, but this needs to be expanded. Assume there are state actors from all of the major countries installing backdoors.

The digital war front will be getting hit from all sides. We need extreme paranoia to protect all of the innocent bystanders. Don’t assume even your own country is trustworthy in this.

[–] [email protected] 6 points 1 month ago (1 children)

Don’t assume even your own country is trustworthy in this.

My country is one of the world leaders in mass spying software development and even gave themselves the right to basically do deep packet inspections on everything going through it a long time ago, so...

[–] [email protected] 4 points 1 month ago (1 children)

I’m pretty certain my country banned Kaspersky because they kept outing western backdoors and malware. And I would bet my life that Windows has supported free use government backdoors since at least Windows 10.

[–] [email protected] 2 points 1 month ago* (last edited 1 month ago)

I think you made a typo, did you mean Windows 1.0 😝

[–] [email protected] 45 points 1 month ago

One notable software business professional interviewed by RBC thought that the West’s decision would “adversely affect the life of the developer community, mutual trust within it, and therefore the quality of the product.”

It was Russia and other autocracies etc. that diminished the trust by actually financing developers for multiple years to first earn trust and finally introduce backdoors into open source software, as demonstrated by the XZ utils backdoor.

In open source projects, maintainers need to have some initial trust into each contributor, and let this trust naturally grow with time and contributions. They cannot perform intensive background checks on everyone before accepting a patch.

While it is easier to uncover backdoors in open source software, there is no good way to defend and prevent against this kind of attack in this type of development process. All open source projects can do is trying to take away some trust from people within higher risk groups. This of course might lead to discrimination.

load more comments
view more: next ›