12 years ago

Hiding malware in plain sight?

As a previous reviewer points out, it is likely that not all of the sourceforge binaries are safe. Some of it could even be malicious. But the saving grace is that open source software gets enormous pairs of eyes to look at the source code. A lot of those belong to people that are pretty thorough. People try to build and check if their binaries match the downloadable versions. Sources are reviewed for bugs, back doors, etc. Is it possible to hide malware in plain sight? Possible, but not probable.

It is perhaps easier to trust open source software more than proprietary software when it comes to back doors or even malware.

GPL is another story altogether.