Ancestors

Toot

Written by Florian Neumann :verified: on 2024-04-05 at 11:03

I am reading a lot of takes about the backdoor in the last days.

There is nothing special about this attack-vector or approach in general*.

Our wholesome software-universe is a chaotic system of dependencies. No matter which language or compute-layer we're talking about.

The issue is no question about open-source vs proprietary or shared vs static libraries. It should make you think about awareness and your room and ability to maneuver.

Are you in direct or indirect control of the level of awareness of security relevant events regarding components you use?

And are you in direct or indirect control of the usage of components you use?

) i am not talking about the strategic efforts that were taken. But this is common, just to remind f.e. of the Crypto AG (https://en.m.wikipedia.org/wiki/Crypto_AG)

=> More informations about this toot | More toots from floriann@infosec.exchange

Descendants

Proxy Information

Original URL: gemini://mastogem.picasoft.net/thread/112218274641731874
Status Code: Success (20)
Meta: text/gemini
Capsule Response Time: 255.459842 milliseconds
Gemini-to-HTML Time: 0.432659 milliseconds

This content has been proxied by September (ba2dc).