Tampering with open source software | Smart Thinking Solutions

Recently the security of open source software has been questioned, particularly with respect to Linux vulnerabilities that have a huge impact due to Linux’s use as internet infrastructure. When volunteer coders are keeping the software secure – who takes responsibility. Steps have started to be taken to increase the security of these open source package – such as this investment through the Linux Foundation:

Addressing Linux vulnerabilities – Smart Thinking Solutions

However it has now been discovered that malicious code has been introduced to open source software, by a trusted developer:

Sabotage: Code added to popular NPM package wiped files in Russia and Belarus | Ars Technica

This was targeted at computers in Russia and Belarus – but once the code is there, in open source software, what is to stop another “developer with a cause” targeting it at UK computers?

Do you want to know more?

Advice from the National Cyber Security Centre – actions to take when the cybersecurity risk is high (Russia Ukraine Conflict) – UPDATED 22 March 2022

Cookie	Duration	Description
IDE	1 year 24 days	Google DoubleClick IDE cookies are used to store information about how the user uses the website to present them with relevant ads and according to the user profile.
test_cookie	15 minutes	The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.