|
|
|
|
|
|
by gruez
1607 days ago
|
|
|
>And actually a level above that is AOSP which is maintained by Google. How do you think the CVEs get discovered? What about CVEs in the qualcomm specific code? How do you know that the amateur kernel developers wouldn't fall prey to c footguns and introduce new vulnerabilities? Don't get me wrong, this is strictly better than the current state of affairs where there's zero patches, but I think people are underestimating how much effort it takes to keep a huge codebase patched. |
|
|