5 replies to this topic

[ki4jgt]

Question: What prevents a programmer from installing a back door into their program and then editing it out of the source code after they compile it?

[WingedPanther]

Absolutely nothing, other than the ability of other people to compile it themselves.

[ki4jgt]

True, but what do most people do? They download it directly from the site. So, have there ever been any cases of this, or has anyone ever been caught?

[Alexander]

This is not so much about "open source", anybody can claim the compiled executable is the source that is showed, but I only compile from source, package managers only compile from source, because there is a very diverse amount of computer architectures and operating systems, running a compiled executable compiled on system "A" does not mean that it will run relatively bug free on yours, all the better to compile it from source.

[WingedPanther]

Put a different way, if given the source code to a project, how many people just run make, make install versus actually inspecting the code? It's an issue, but it beats the heck out of some of the alternatives, like downloading freeware with malware bundled in, or having things like Windows calling home periodically to determine if it thinks you're still legal.

[ki4jgt]

That one's true. I don't know, It just popped into my head the other day. "hey, what if these developers made programs that were claimed to be safe, but weren't 100%"