this post was submitted on 13 Feb 2024
501 points (97.2% liked)

Technology

59323 readers
6099 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] books@lemmy.world 6 points 9 months ago (3 children)

Point a has always me me wonder, is that accurate? Are there actually people going through the code to make sure open source isn't malicious? I can barely read my coworkers code... Let alone a strangers.

[–] xor@infosec.pub 6 points 9 months ago

people are definitely going through the code on a project as popular as audacity...
less well known stuff is much less scrutinized, of course

[–] aidan@lemmy.world 3 points 9 months ago

Its way less work than going through the code to check for telemetry unless it is an intentionally hidden attack- just use Wireshark and check if there is network traffic other than checking for an update on program start.

[–] lemmeee@sh.itjust.works 2 points 9 months ago

If a project is popular people will make changes to it every day. But you can look at the repo and judge for yourself.