I mean ever since XZ binaries are a no go. Like the trust is gone, the bridge is burnt, unless there’s like an insanely good reason, anything this heavy in BLOBs ought to be treated as suspect. Benefit of doubt isn’t coming back.
I mean ever since XZ binaries are a no go. Like the trust is gone, the bridge is burnt, unless there’s like an insanely good reason, anything this heavy in BLOBs ought to be treated as suspect. Benefit of doubt isn’t coming back.
In all fairness paranoia is important in things like finding someone trying to slip a backdoor into xz. Going by the most recent Windows 11 update, Microsoft seems to be “we’ll fix it in production”.