←back to thread

Open Source is one person

(opensourcesecurity.io)
433 points LawnGnome | 2 comments | 28 Aug 25 01:54 UTC | HN request time: 0s | source
Show context
poulpy123 ◴[28 Aug 25 11:02 UTC] No.45050692[source]
The title of the register article is completely disgusting

> Putin on the code: DoD reportedly relies on utility written by Russian dev

then in the article:

> Hunted Labs told us that it didn't speak to Malinochkin prior to publication of its report today, and that it found no ties between him and any threat actor.

replies(4): >>45051056 #>>45051324 #>>45051850 #>>45053194 #
actionfromafar ◴[28 Aug 25 11:54 UTC] No.45051056[source]
Aren't Russian developers on average more susceptible to the "wrench attack" though?
replies(3): >>45051090 #>>45051296 #>>45051816 #
ChrisMarshallNY ◴[28 Aug 25 12:22 UTC] No.45051296[source]
Many of them don't live in Russia.

Some of the best engineers that I've worked with (in the US and Europe) are Russian. I've also been quite impressed with other former Iron Curtain developers. A lot of Chinese folks I've worked with have been good.

I know that some nations are known for threatening the relatives of expats, to get them to work on their behalf. Not very nice.

But state-sponsored Russian (or other nations, as well) is definitely something to be concerned about. I suspect a number of folks are concerned about the influence of American programmers. The CIA is known for using fairly innocuous employees of NPOs. My father was one.

replies(1): >>45051620 #
1. kube-system ◴[28 Aug 25 12:58 UTC] No.45051620[source]
> Many of them don't live in Russia.

Well Malinochkin does. His GitHub profile says he is located in a suburb 30 minutes from the Kremlin.

Of course, there's a lot of smart software engineers in major cities all around the world.

replies(1): >>45051776 #
2. oneshtein ◴[28 Aug 25 13:15 UTC] No.45051776[source]
The FSB is looking for people they can recruit, even here, on HackerNews, too. Look at the HN news history. You will find stories about Russian history or culture. In comments, some people are expressing their fascination with Russia or its culture. This is how FSB identifies potential sympathizers, who are easy to recruit. Most likely, some of those, who expressed their sympathy under such news articles a year or two ago, are already recruited by FSB.