I’m 95% sure SELinux has undiscovered spyware. It’s a front to get NSA code into libre projects. Are they still updating/maintaining it? If so it’s even harder to prove that it’s not malicious because any one commit could have obfuscated spyware.
We would need to audit the entire code base initially and then every commit afterward.
Also, any account on GitHub or elsewhere could be a double agent from any country’s intelligence agency that wants to insert obfuscated spying code or a backdoor. All the security flaws found in software and hardware could just be honest mistakes, but they could also be intentionally placed there. It’s a terrifying prospect but it’s true.
I’m 95% sure SELinux has undiscovered spyware. It’s a front to get NSA code into libre projects. Are they still updating/maintaining it? If so it’s even harder to prove that it’s not malicious because any one commit could have obfuscated spyware.
deleted by creator
We would need to audit the entire code base initially and then every commit afterward.
Also, any account on GitHub or elsewhere could be a double agent from any country’s intelligence agency that wants to insert obfuscated spying code or a backdoor. All the security flaws found in software and hardware could just be honest mistakes, but they could also be intentionally placed there. It’s a terrifying prospect but it’s true.
deleted by creator
I want intelligence agents to keep their hands out of open source projects. There is a fundamental conflict of interest between the two.