Developer Sabotages Open-Source Software Package

The #1 community for Gun Owners of the Northeast

Member Benefits:

  • No ad networks!
  • Discuss all aspects of firearm ownership
  • Discuss anti-gun legislation
  • Buy, sell, and trade in the classified section
  • Chat with Local gun shops, ranges, trainers & other businesses
  • Discover free outdoor shooting areas
  • View up to date on firearm-related events
  • Share photos & video with other members
  • ...and so much more!

    • Register Log in
    N

    noloader

    Jeff Not G
    MDS Supporter
    Apr 3, 2022
    101
    Pasadena, MD
    I found this kind of interesting in a morbid sort of way: Developer Sabotages Open-Source Software Package.

    A developer has been caught adding malicious code to a popular open-source package that wiped files on computers located in Russia and Belarus as part of a protest that has enraged many users and raised concerns about the safety of free and open source software.
    The application, node-ipc, adds remote interprocess communication and neural networking capabilities to other open source code libraries. As a dependency, node-ipc is automatically downloaded and incorporated into other libraries, including ones like Vue.js CLI, which has more than 1 million weekly downloads.
    […]
    The node-ipc update is just one example of what some researchers are calling protestware. Experts have begun tracking other open source projects that are also releasing updates calling out the brutality of Russia’s war. This spreadsheet lists 21 separate packages that are affected.
    One such package is es5-ext, which provides code for the ECMAScript 6 scripting language specification. A new dependency named postinstall.js, which the developer added on March 7, checks to see if the user’s computer has a Russian IP address, in which case the code broadcasts a “call for peace.”
    Click to expand...
     
    M

    Melnic

    Ultimate Member
    MDS Supporter
    Dec 27, 2012
    15,370
    HoCo
    Tit for tat shall follow

    Would have been better if they just informed the user of the war and not to believe Putin who is a lier


    Sent from my iPhone using Tapatalk
     
    V

    Vodnik4

    Between two waters
    Jan 8, 2021
    60
    Slower, lower MD
    As anti-Putin as I am, this is a bit too far.
    Now everyone will start adding their personal agenda to the code.
    Just imagine getting bombarded by trans propaganda if your IP is from a “red” state, etc.
     
    Bullfrog

    Bullfrog

    Ultimate Member
    Oct 8, 2009
    15,323
    Carroll County
    Vodnik4 said:
    As anti-Putin as I am, this is a bit too far.
    Now everyone will start adding their personal agenda to the code.
    Just imagine getting bombarded by trans propaganda if your IP is from a “red” state, etc.
    Click to expand...

    Or to give the libs something to be concerned about, your IP stack kicking you off the net if it detects a query about finding an abortion provider.
     
    You must log in or register to reply here.

    Users who are viewing this thread

    Total: 2 (members: 0, guests: 2)
    Ardent Firearms Training

    Latest posts

    Forum statistics

    Threads
    275,552
    Messages
    7,286,145
    Members
    33,476
    Latest member
    Spb5205

    Latest threads

    Top Bottom