Trojan Source Malware - Can we trust open-source anymore?

12 May 2022

Recently, a paper is published to demonstrate how a visibly valid contribution can contain malicious code by exporting the Unicode control characters. Some of these attacks has been tested on Python and it works. Shall the Python and open-source communities be concerned?

If you want to catch me streaming live, follow me on Twitch.

Share this video

https://cheuk.dev/videos/cm5li5u9-ee/

---

About Cheuk Ting Ho

After having a career in data science, Cheuk now brings her knowledge in data and passion for the tech community into TerminusDB as the developer relations lead. Cheuk constantly contributes to the open-source community by giving free tutorials on Twitch and organize sprints to encourage diversity contributions.