Comment by jokoon

I'm pretty confident the NSA has been doing this for at least two decades, it's not a crazy enough conspiracy theory.

Inserting backdoors in the form of bugs is not difficult. Just hijack the machine of a maintainer, insert a well placed semicolon, done!

Do you remember the quote of Linus Torvalds ? "Given enough eye balls, all bugs are shallow." ? Do you really believe the Linux source code is being reviewed for bugs?

By the way, how do you write tests for a kernel?

I like open source, but security implies a lot of different problems and open source is not always better for security.