pull down to refresh
43 sats \ 7 replies \ @davidw 1 Apr 2024 freebie \ on: Inside the failed attempt to backdoor SSH globally — that got caught by chance security
Great write-up! & call to buidl. Things are definitely heating up.
Processing less user data & using fewer 3rd party dependencies needs to be a part of any software roadmap this next 2 years. Something I mentioned in The Privacy Pivot here on SN. In this case a lucky break and not much that could be done, but more vulnerabilities are around the corner no doubt.
It’s already a full time job to report on them it feels like.
"We should also acknowledge that open source developers are largely unpaid"
Let them use LN and they will be paid. I would send some sats for such backdoor discovery above, and imagine whole world too...
reply
Good model :)
reply
deleted by author
reply
because of much lower entry barrier for tipping like for example 500 sats
reply
deleted by author
reply
All you are doing is signaling that open source work is only worth fractions of a penny
lol,
and now multiply 500sats by number of users of SSH, or even only a generous part of them
reply
using fewer 3rd party dependencies
Looking at the JS community :S ... just don't run JavaScript.
It's going to be a wild ride from now on... and as always... it's not just "software", we are on top of magma in the "hardware" realm...
reply