Comment by bolognafairy
1 month ago
No. That’s your bias as a nerd. There are countless well-publicised examples of ‘many eyeballs’ not being remotely as effective as nerds make it out to be.
1 month ago
No. That’s your bias as a nerd. There are countless well-publicised examples of ‘many eyeballs’ not being remotely as effective as nerds make it out to be.
can you provide a relevant example for this context?
That was an entire body of research at the University of Minnesota and the “hypocrite commits” weren’t found until the authors pointed people to them.
https://www.theverge.com/2021/4/30/22410164/linux-kernel-uni...
How long did the log4j exist?
https://www.csoonline.com/article/571797/the-apache-log4j-vu...
What was the other package that had the mysterious .?
And yet they were found. How many such exploits lurk unexamined in proprietary codebases?
4 replies →