Replies (7)

Rich Nost's avatar
Rich Nost richnost@nostrplebs.com 10 months ago
image
Peter Todd's avatar Peter Todd
10 years after I pointed out the risk of a Ripple backdoor due to Ripple not PGP signing their software or providing any other way to get it securely... there's a a Ripple backdoor due to an npm compromise. πŸ˜‚
GitHub
ripple-consensus-analysis-paper/paper.pdf at master Β· petertodd/ripple-consensus-analysis-paper
Contribute to petertodd/ripple-consensus-analysis-paper development by creating an account on GitHub.
image image image
View quoted note →
1 replies ↓
Peter Todd's avatar
Peter Todd pete@petertodd.org 10 months ago
In fairness, at the moment my python-bitcoinlib library isn't PGP signed for most users because PyPi made the idiotic decision to phase out PGP signatures. But my hands are tied on that; the entire software industry is incompetent.
1 replies ↓
The Daniel πŸ––'s avatar
The Daniel πŸ–– daniel@ghostr.org 10 months ago
What are the chances these are actually intentional bugs created and inserted into boring and ubiquitous software libraries by NSA agents. We know this is a thing they actually (and proudly) do.
BitcoinIsFuture's avatar
BitcoinIsFuture 10 months ago
It will be interesting to understand who is the attacker. NK doing a fine work again? They did quite well with Bybit.
OT's avatar
OT 10 months ago
Lucky it's worthless
bc21's avatar
bc21 10 months ago
Stay humble and stack zaps ⚑️
↑