We would need to audit the entire code base initially and then every commit afterward.
Also, any account on GitHub or elsewhere could be a double agent from any country’s intelligence agency that wants to insert obfuscated spying code or a backdoor. All the security flaws found in software and hardware could just be honest mistakes, but they could also be intentionally placed there. It’s a terrifying prospect but it’s true.
We would need to audit the entire code base initially and then every commit afterward.
Also, any account on GitHub or elsewhere could be a double agent from any country’s intelligence agency that wants to insert obfuscated spying code or a backdoor. All the security flaws found in software and hardware could just be honest mistakes, but they could also be intentionally placed there. It’s a terrifying prospect but it’s true.
deleted by creator
I want intelligence agents to keep their hands out of open source projects. There is a fundamental conflict of interest between the two.