Re: Building packages with exact binary matches
On Fri, 28 Sep 2007, Martin Uecker wrote:
> You are seriously stating that is as easy to hide a trojan in the
> source code as in the binary?
Consider the fact that we've already had such a case, whereas we've
not (to my knowledge) distributed a trojaned binary. I'm not sure
which is easier to hide, but it seems that making a source trojan is
at least more frequent if not easier to create.
1: mICQ anyone? http://lists.debian.org/debian-devel/2003/02/msg00872.html
[A] theory is falsifiable [(and therefore scientific) only] if the
class of its potential falsifiers is not empty.
-- Sir Karl Popper _The Logic of Scientific Discovery_ §21