A Developer Altered Open Source Software to Wipe Files in Russia

[Minimalist]

Content source

https://www.wired.com/story/developer-altered-open-source-software-to-wipe-files-in-russia/

The developer of a popular open source package has been caught adding malicious code to it, leading to wiped files on computers located in Russia and Belarus. The move was part of a protest that has enraged many users and raised concerns about the safety of free and open source software.

 

[Andy Ful]

Hard times can issue hard reactions.

 

[ItsReallyMe]

How could someone protect from this?

 

[Minimalist]

How could someone protect from this?

To review the source code an compile on their own. Off course for those, that know how to do it. For others it's probably best to wait for a while and don't try to be the first trying out new versions.

 

[ItsReallyMe]

To review the source code an compile on their own. Off course for those, that know how to do it. For others it's probably best to wait for a while and don't try to be the first trying out new versions.

am I protected if I have CF/CS config with HIPS!

 

[Virtuoso]

This shows that Open source software is not an Utopia with rainbows and unicorns which is usually how the evangelists portray it to be.

 

[ForgottenSeer 72227]

This shows that Open source software is not an Utopia with rainbows and unicorns which is usually how the evangelists portray it to be.

I think part of the issue is there is a big misconception that security researchers are some how reviewing all opensource projects, which really isn't the case. Big/popular projects sure, but not every single one. To be fair though, closed sourced isn't any better...if someone wants to be malicious, they will, regardless if it's opensource, or closed source. I just look at the situation as terrible regardless...