On Sunday, March 02, 2014 07:21:28 PM Chris Bannister wrote: > On Sat, Mar 01, 2014 at 11:53:28PM -0600, y...@marupa.net wrote: > > > > On Sun, 2014-03-02 at 10:55 +1100, Scott Ferguson wrote: > > > And then there's NSA (and the companies they outsource to) - they *do* > > > have an agenda that would be furthered by creating divisions and > > > uncertainty in Debian. They've made large investments in software hooked > > > to the existing init system - and while they'll have to retool to use > > > systemd it doesn't mean they have the same access required to replace > > > existing malware installations, additionally they would probably enjoy > > > seeing less people use Debian. > > > > The trouble is, how effectively can the NSA hook itself into open source > > software? How easily could they get backdoors into something without > > upstream noticing? Might be effective getting hooks into something > > downstream, but I don't see the NSA getting anything into something > > upstream without someone noticing, since patches are generally reviewed > > before integration. > > > > To sum up my thought on that, the NSA needs cooperation from someone > > OUTSIDE the NSA to get their hooks in. > > What! You mean that they want someone to "act" like Edward Snowdon?
Though I know you're making a joke, I'm really serious, I'm not certain how NSA spyware works in source code readily available to the public. Conrad -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/3182814.TKkp6ehV4I@twilight
