Hacker News new | ask | show | jobs
by knowitnone 488 days ago
except how "reviewed" is it? You maintain a package for years to gain trust and once you become trusted, you've introduced a backdoor that most people won't know about.
1 comments
LtWorf 488 days ago
That takes years of effort and if you get found out you get banned immediately. It's not a very common level of commitment for bad actors it seems.
link
aucisson_masque 488 days ago
There are different type of bad actors, some are ready to invest heavily, meaning time and money, some are there only to make a quick buck.
link
LtWorf 487 days ago
Ok. Can you point me one example that was in for a while before being caught?
link
TZubiri 488 days ago
Yeah sure washing your hands kills 99.99% of bacteria, but not 100%.

Why obsess over that 0.01% when surrounded by dark age skiddies who haven't discovered germ theory yet, focus the message: "wash your hands!"

link