Linked by Thom Holwerda on Wed 21st Sep 2011 22:06 UTC, submitted by kragil
Windows After the walled garden coming to the desktop operating system world, we're currently witnessing another potential nail in the coffin of the relatively open world of desktop and laptop computing. Microsoft has revealed [.pptx] that as part of its Windows 8 logo program, OEMs must implement UEFI secure boot. This could potentially complicate the installation of other operating systems, like Windows 7, XP, and Linux.
Thread beginning with comment 490348
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[7]: Comment by OSbunny
by lemur2 on Thu 22nd Sep 2011 11:02 UTC in reply to "RE[6]: Comment by OSbunny"
lemur2
Member since:
2007-02-17

I have to admit, I don't remember it ever happening.

Most attempts have tried to abuse the version control system. With the current popularity of git (which has checks in place) that route is going to be a less likely in the future.


I don't recall any attempt to corrupt the version control.

There have been a number of occasions when open source development servers have been hacked. Someone has guessed a password.

AFAIK, no-one has ever managed to get malicious code into the source codebase, even after they have managed to hack into the development server. Such an attempt to inject code would stand out like nobodies business.

It is just too hard to try to hide malicious source code in an open source project.

Such a thing has never been done. Not even close.

Reply Parent Score: 2

RE[8]: Comment by OSbunny
by Lennie on Thu 22nd Sep 2011 11:21 in reply to "RE[7]: Comment by OSbunny"
Lennie Member since:
2007-09-22

Actually, here is an example:

Someone did got into the BitKeeper servers and changed the code of the Linux kernel.

This is the part where he explains about the use of SHA-1 in the implementation of git:

http://www.youtube.com/watch?v=4XpnKHJAok8#t=55m13s

The BitKeeper break-in is part of the reason why git uses SHA-1. The part about the break-in is here:

http://www.youtube.com/watch?v=4XpnKHJAok8#t=59m16s

Here is a news site reporting on the incident:

http://linux.slashdot.org/story/03/11/06/058249/Linux-Kernel-Back-D...

Edited 2011-09-22 11:24 UTC

Reply Parent Score: 3