It was a simpler time 🥲

The omniscient Boot requires lubrication!

What the fuck did I just read??

Used to be thousands of if-statements in a trench coat. But even that got offshored 😮‍💨

At this rate we’ll soon have a decentralized para-religious terrorist organization full of brainlets that got scared shitless after discovering Roko’s Basilisk and are now doing the cyber lord’s bidding in order to not get punished once AGI arrives

edit: change to non-mobile link

Nah not really…most of the time I’m at least doing a light metadata check, like who’s the maintainer & main contributors, any trusted folks have starred the repo, how active is development and release frequency, search issues with “vulnerability”/“cve” see how contributors communicate on those, previous cve track record.

With real code audits… I could only ever be using a handful of programs, let alone the thought of me fully auditing the whole linux kernel before I trust it 😄

Focusing on “mission critical” apps feels pretty useless imho, because it doesn’t really matter which of the thousands of programs on your system executes malicious code, no? Like sure, the app you use for handling super sensitive data might be secure and audited…then you get fucked by some obscure compression library silently loaded by a bunch of your programs.