Originally posted by birdie
View Post
I would say that they are not leaking stuff directly to MS (why would they be interested?), but rather making themselves much more vulnerable.
Military and intelligence services sometimes have special contracts that will allow them to audit the source code. Other than that, one can be sure that any day, anytime, some three letter agency has a few totally brand new zero-days laying around just in case, and the cost of developing another one would be pretty much negligible for them. That's the reason why we have heard of Stuxnet, Petya, WannaCry (related to Eternal Blue), etc but not so much on the Linux/BSD side. I am not saying Linux is exploit-proof, but it would be a lot costlier to develop some exploit for it and it might need to be much more specialized.
Originally posted by birdie
View Post
Comment