Nikolaus Rath <[email protected]> writes: > I think that's a pretty weak argument. Even if you assume that a > theoretical perpetrator originally joined Debian with good intentions > (i.e., without using a faked id in the first place), and that you are > actually able to sue in the relevant country, you'd still have a very > hard time proving any malicious intention (the developer may just not > have noticed the compromising code).
This seems like a good opportunity to point to http://underhanded.xcott.com/ for some really great examples of how to introduce a backdoor with plausible deniability. Best, -Nikolaus -- GPG encrypted emails preferred. Key id: 0xD113FCAC3C4E599F Fingerprint: ED31 791B 2C5C 1613 AF38 8B8A D113 FCAC 3C4E 599F »Time flies like an arrow, fruit flies like a Banana.« -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: https://lists.debian.org/[email protected]
