Question about how GrapheneOS protects against malicious insiders

vactorio

Hi there!

Through the xz backdoor incident, it was shown that even open source software can be vulnerable to sophisticated social engineering attacks.

I wonder, how is GOS prepared for such attacks?

Of course the circumstances are different: The project is active, with (I think) many people working on it.

GrapheneOS

vactorio GrapheneOS doesn't accept changes without heavily reviewing them and as people who contribute will attest we have high standards and it can be difficult to get changes included.

other8026

Locking until someone can provide a good answer to this question.

For now this discussion covers pretty much the same topic: https://discuss.grapheneos.org/d/11816-linux-community-had-a-reality-check