Saw in the news recently that it was possible to radio an exploit to semi trucks in a way that could spread every time two trucks pass each other (default passwords, natch.) - and it’s just utterly unsurprising.
Having worked in product security, the biggest challenge we faced was upstream vulnerabilities in both closed and open source software. The biggest problem with FOSS is that its allure is the F part. No company wants to dedicate resources to patching vulnerabilities in software they don’t own, and no OSS developer wants to work for F500 companies for free.
Removed by mod
Saw in the news recently that it was possible to radio an exploit to semi trucks in a way that could spread every time two trucks pass each other (default passwords, natch.) - and it’s just utterly unsurprising.
Security teams have to get it right every time.
Hackers only once.
So, basically, you’re saying
systemd
is bad, we should stop using it. Right?/s
Systemd turned me into a newt!
A newt?
He got better
Having worked in product security, the biggest challenge we faced was upstream vulnerabilities in both closed and open source software. The biggest problem with FOSS is that its allure is the F part. No company wants to dedicate resources to patching vulnerabilities in software they don’t own, and no OSS developer wants to work for F500 companies for free.