On Thu, Jan 27, 2022 at 10:12 AM David Crayford <dcrayf...@gmail.com> wrote: > > On 27/1/22 2:35 pm, ITschak Mugzach wrote: <deleted> > > > At Solarwind, twice the > > size of Rocket, the toxic code was injected during the build process, by > > someone(s) penetrated long before they started to interfere with code. BTW, > > the Solarwind attack was based on a vendor code, not open source. > > And how did the system get penetrated to inject the malicious code? > Social engineering? What I find disconcerting is that nobody noticed > malicous code in the code reviews and pull requests. > It was added after that part. It was only sent to users.
-- Mike A Schwab, Springfield IL USA Where do Forest Rangers go to get away from it all? ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN