- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Speaking as a member of the cyber security community. Aside from the major annoyance of it all. Your playing with fire and you should stop.
Allow me to put this on the record so a proper "I told you so" can happen at a later date.
And please don't suggest to me that vetting the apps fixes any inherent issues.
I'm well aware that's what Verizon thinks is a solid plan.
It should be noted that even well intentioned developers can end up with a poisoned code base by nefarious actors.
That's the nature of modular design in modern coding. Particularly with open sourced libraries.
And if you take the vetting process away from the consumer as a larger group (many of which are seasoned veterans of the cyber security industry) than you introduce a massive amount of inherent risk to both company and public.
If Verizon where to unwittingly install malware from a foreign actor to all the phones under it control in America. Can you even fathom the amount of untold devastation it could cause?
Some people might even target this program intentionally.
May of these libraries originate from countries with "loose decrocacys" where state actors could commandeer your code base. All i would need to do is get my code in glibc for example and i'm off to the races.
Here's some state hired associates to help you remember your github password.