Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

You should always be careful with closed source software. You should also be careful with open source software, unless you're building from source and manually checking the source in each update isn't malicious, which let's be real, nobody does.


Plus, in theory you'd also need reproducible builds for everything because who knows what your compiler did to the source ;-)

Reality is, as you already implied: in practice you cannot "be careful" except avoiding obvious malware.

At SOME point you have to trust SOMEONE, unless you use TempleOS in which case you can trust whatever god you have.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: