|
|
|
|
|
|
by andrewflnr
3467 days ago
|
|
|
This is a bit unfair. The threat that source auditing is supposed to mitigate is backdooring by well-funded attackers, and it (AFAICT) isn't very effective against those when they can just go down a level. Are there plausible attackers that really stopped by compiling from source, that can ship a malicious blob but can't ship malicious hardware? |
|
|