this post was submitted on 15 Jul 2023
1345 points (95.5% liked)

Technology

59402 readers
2741 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] joborun@lemmy.world 1 points 1 year ago (1 children)

Have you audited any of it? Would you like to try gcc or systemd for that matter? By the time you go through 1% of it the code has changed already. How many times in the past years has tremendous security breaches been caused by FOSS and was discovered months after it was in effect, and some of this by coincidence, or corporate teams that review code.

[–] EthicalAI@lemmy.world 1 points 1 year ago (1 children)

The fact I haven’t doesn’t mean I can’t read auditors who have, who do keep track of these changes. Zero days are usually caused by things no one noticed, not things that were intentionally added by corporate overlords to spy or back door a FOSS app.

[–] joborun@lemmy.world 1 points 1 year ago

Speck was pushed and provided by Google to linux, they added the content to the kernel having your naive belief, it was later found containing a backdoor to ALL systems, and Google raised their hands up and said it was passed to us by NSA. Is this what happened? Or did I dream all this up?

Facebook provided 0 FOSS, not a bit, suddenly they make an algorithm they "bought" including the author, and make it foss, to build it it needs google software, like a bush fire more than half of distributions adopt it and all data provided as comparative to xz are false, based on poor use of xz to make zstd appear better, while still admitting zstd can never attain the level of compression, but it is fast (ONLY when xz is run on a single thread while zstd is multithread by default). They claim xz sums are different when run on 1 cpu or many, still not true.

Just wait for that bomb to explode, the guy who wrote the code for zstd doesn't seem possible to have enough knowledge to write it, he appears as a front for something.

Things that smell like shit don't have to be actually tasted to be called shit.