Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
asvitkine
on April 2, 2024
|
parent
|
context
|
favorite
| on:
Timeline of the xz open source attack
How would that even work? Are distros expected to code their own alternative versions of open source libraries where they can't get the maintainers to send their IDs? Or what stops from forged IDs being used?
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
