On Wed, 22 Jan 2014 12:24:27 +1100 Russell Coker <russ...@coker.com.au> wrote:
> On Sun, 19 Jan 2014, Marco Saller <marcosal...@yahoo.de> wrote: > > i am not sure if this question has been asked or answered yet, please do > > not mind if i would ask it again. Is it possible that the NSA or other > > services included investigative software in some Debian packages? > > It is possible that a DD has betrayed the cause and willingly subverted a > package, in the past we had someone apply to become a DD who had a history of > doing such things. Fortunately they were caught and didn't become a DD, but > it's possible that someone else with similar ideas got through. This doesn't > make Debian any different to any other large project or organisation. > Getting > 1000+ people to work together and have no-one do crazy stuff is an impossible > problem to solve. Don't forget that the NSA itself was subverted in exactly that manner - someone joined pretending to be loyal to the organization, but was really intent on undermining it ... Celejar -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20140121211549.9dc627f78064e864c474c...@gmail.com