>he trust only to open source software
>he read zero lines of code
>implying that /g/ know shit about code
>>55956349
fucking word mate
>implying arch ricing freetards can even read code
>>55956349
I'll have you know I've autistically went over every line of code in every single program, package and dependency in my entire Arch Linux install.
(No I didn't.)
>>55956349
>expecting one anon to go through software that has thousands or even millions of lines of code.
>>55956349
This is still reasonable, because as with eyes on the street, you don't have to be able to repel the attacker yourself to benefit from increased security.
Developers won't include shifty code when they know they might be watched.
>>55956349
I-it's ok if I only download EFF approved software, right?
>>55956451
>millions
maybe 1. besides, it's not like it's hard for someone, let alone a community, to identify blobs or malicious blocks in source code.
>>55956349
>Socially inept neckbeards will do it for me.
>Tryhard phd students will do it for me.
>Bored researchers will do it for me.
Literally no reason to browse all the source code...
>>55956349
>implying it matters if you self-audit when code is OpenSource and popular
There are other people to be autistic on my behalf in most cases.
However, I usually read at least some of the code in anything I use just by accident, since I'm compiling all my software from source anyways.
>>55956424
Show us your saucecode then, Mr.InternetCoolGuy.
>>55956589
This. If there was malicious code in something, there'd be a CCC talk about it.
I can't find a link about it, but there was one time a kernel dev got their Repo accessed or something and an equality check was turned into an assignment operator. It got fixed before it had a chance to even go near the official Repo.
>implying a hundred other people more qualified than me haven't audited the code
>>55956349
>He don't