this post was submitted on 13 Aug 2024
-33 points (24.6% liked)
Technology
59589 readers
3148 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I have reviewed the tiniest fraction of code that I have ever used.
That's about 4500 software packages I have installed on one Linux system, to say nothing of other computing devices I've used or the other packaging systems in use on this system alone. I have probably looked at any portion of...I don't know, maybe 20 of those? And that's to work on a small portion of any one's codebase, certainly not to audit the software package.
Nobody using any kind of a remotely normal and modern computing environment, even if they are a software developer and know at least one programming language used by some of the software on their system and if they have the relevant domain knowledge to assess security concerns, has the realistic ability to conduct a review of the code that runs on their system, even in environments, like Linux, where the code is available.
It's like asking a mechanical engineer to validate the design correctness of every mechanical device they've ever used prior to using it.
So yes, is the answer. No matter the code; you happily run it
Are you trying to tell us that before installing anything on your computer, you read every single line of code in Ghidra? You must be a Gentoo user.
if you review the source of everything you run, you must have a very stressful life