Trojan Source Code - Can we trust open-source anymore?
Recently, a paper is published to demonstrate how a visibly valid contribution can contain malicious code by exporting the Unicode control characters. Some of these attacks has been tested on Python and it works. Shall the Python and open-source communities be concerned?
See more of my talks on YouTube.
Share this videohttps://cheuk.dev/videos/oia84akh8ic/
About Cheuk Ting Ho
After having a career in data science, Cheuk now brings her knowledge in data and passion for the tech community as the developer advocate. Cheuk constantly contributes to the open-source community by giving free talks and tutorials and organize sprints to encourage diversity contributions.