• Rikudou_Sage@lemmings.worldEnglish
    27·
    1 day ago
    1. Write an open source malware
    2. Freely publish it everywhere because everyone assumes someone checked it, because it’s open source, you know?
    3. ???
    4. Profit
    • thevoidzero@lemmy.world
      1·
      12 hours ago

      That’s the thing though if it’s open source and 99.9% don’t check that 0.1% checking it will be enough.

      • Rikudou_Sage@lemmings.world
        2·
        12 hours ago

        The trouble with smaller open source software is that there’s no 0.1% checking it. And from time to time a small projects becomes widely used and everyone assumes someone already checked it; it’s a widely used open source software, after all.

        • thevoidzero@lemmy.world
          1·
          12 hours ago

          I think most early users do check further than open source licenses. It’s possible they’ll add things later, but if they add after it has enough users we have significant number of users to have some people check. And if the user base is small then they’re probably more involved, or are reading/modifying code for their use cases.

          Of course it’s not foolproof, but it has worked for a long time because of things like that

      • Rooster326@programming.dev
        1·
        12 hours ago

        By definition in order to have . 1% then the sample size must be greater than 1,000. The vast majority of open source projects will not get to this level.

        • thevoidzero@lemmy.world
          1·
          12 hours ago

          I think for a open source projects with such a low number of users, the first few users will definitely look further than “it’s open source”.