|
|
|
|
|
|
by matheusmoreira
1012 days ago
|
|
|
Funny you mention the CIA. Biden's CIA people are literally on record telling Bolsonaro to stop doubting the voting machines. That's what ultimately convinced me they are compromised. https://www.theguardian.com/world/2022/may/05/cia-director-b... When the software is compiled, it downloads libraries off the network and links them against the final binary before it is signed. Says so in the brazilian military's report. As far as I know, those libraries have not been audited. No one who has ever argued with me on this matter has ever provided evidence refuting this beyond shadow of doubt. I thought everyone on this site would be able to spot the supply chain vulnerability in there. After all, not rarely people post stories here of people getting hit by those very same vulnerabilities when some malicious actor hijacks some npm package or something. But no. The top comment is someone using authority as an argument. Just literally "these are very serious companies and people here". They got all these certificates, so all is well and we should just accept it. I can't even reply to the comment either for some reason. Sigh. The saddest part of all this is all the brazilians asking for source code on social media. Most of them don't know what source code even is. They don't know that source code doesn't matter if you can get malicious code linked into the binary. They don't know that only publication of the signed binary that actually ran on election day could prove anything. |
|
|