Reply to post: Fear mongering

Hidden Linux kernel security fixes spotted before release – by using developer chatter as a side channel

rcxb Silver badge

Fear mongering

I don't find the fear mongering about kernel maintainers credible. First, they are very few, highly trusted individuals. Second, the results of their activity is available for all to see after the fact. You don't need to see a log of every commit to notice a backdoor in source code, and I'm not even sure logs would be much help in that regard... it's all too easy to split such code across multiple commits, all of which look innocuous in isolation. The final output is by far the most important part to have available.

As for security patches... Maybe. That's a weird level of sophistication: Script-kiddie who puts in the effort to set-up major data mining and analysis to get an exploit that might be secret for a couple months. It should be fixable if ever exploited, with private branches of repos containing security-fixes, shared only between senior kernel devs and major distro maintainers.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021