linuxmemes

21198 readers

96 users here now

Hint: :q!

Sister communities:

LemmyMemes: Memes
LemmyShitpost: Anything and everything goes.
RISA: Star Trek memes and shitposts

Community rules (click to expand)

1. Follow the site-wide rules

Instance-wide TOS: https://legal.lemmy.world/tos/
Lemmy code of conduct: https://join-lemmy.org/docs/code_of_conduct.html

2. Be civil

Understand the difference between a joke and an insult.

Do not harrass or attack members of the community for any reason.

Leave remarks of "peasantry" to the PCMR community. If you dislike an OS/service/application, attack the thing you dislike, not the individuals who use it. Some people may not have a choice.

Bigotry will not be tolerated.

These rules are somewhat loosened when the subject is a public figure. Still, do not attack their person or incite harrassment.

3. Post Linux-related content

Including Unix and BSD.

Non-Linux content is acceptable as long as it makes a reference to Linux. For example, the poorly made mockery of sudo in Windows.

No porn. Even if you watch it on a Linux machine.

4. No recent reposts

Everybody uses Arch btw, can't quit Vim, and wants to interject for a moment. You can stop now.

Please report posts and comments that break these rules!

founded 1 year ago

MODERATORS

poopsmith@lemmy.world

zephyr@lemmy.world

rtxn@lemmy.world

1581

Backdoors (lemmy.ml)

submitted 7 months ago by lemmyreader@lemmy.ml to c/linuxmemes@lemmy.world

115 comments fedilink hide all child comments

https://wetdry.world/@cyrus/112186279067271067

you are viewing a single comment's thread
view the rest of the comments

[–] sbv@sh.itjust.works 5 points 7 months ago (2 children)

OP is referring to a backdoor that was found. It apparently modified behaviour in a way that was noticeable to humans, suggesting that it was built by an unskilled adversary.

It's a safe bet that there are others (in FOSS) that remain undiscovered. We know that skilled adversaries can produce pretty amazing attacks (e.g. stuxnet), so it seems likely that similar vulnerabilities remain in other FOSS packages.

[–] MataVatnik@lemmy.world 1 points 7 months ago

Stuxnet was done by a literal army assembled by state actors with massive funding hoarding zero days. If an attack like that came at you there is very little you can do.

[–] communism@lemmy.ml 1 points 7 months ago* (last edited 7 months ago) (1 children)

It’s a safe bet that there are others (in FOSS) that remain undiscovered.

I agree, but I don't think that image (about survivors' bias) applies to the op meme then, as that would imply that it only seems like open source backdoors are convoluted because we've not found the simple/obvious ones

[–] sbv@sh.itjust.works 1 points 7 months ago

Survivorship bias or survival bias is the logical error of concentrating on entities that passed a selection process while overlooking those that did not. This can lead to incorrect conclusions because of incomplete data.

In this case, the selection process is discovering human-evident back doors. It fits by my reading.