On Thu, Nov 24, 2022 at 7:28 PM Andy Smith <a...@strugglers.net> wrote: > ... > I think the most obvious counter-argument is that it would be a waste of > effort and human assets to put exploits in open source software where > they stand a good chance of being found, while there is so much closed > source software (firmware, drivers, agents, …) and similar targets that > can be used instead. If you have a developer (or a whole corporation) in > your pocket, why do you want to burn them by having them put something > malicious in an open source project?
https://www.theregister.com/2003/11/07/linux_kernel_backdoor_blocked/ Jeff
