Techly NewsGet the app

Get the latest tech news

Verified curl


Don’t trust. Verify.

libcurl is probably an even more widely used software component and if infected, could potentially serve as an effective vessel to distribute evil into the world. curl downloads are normally distributed via a third-party CDN which we normally trust of course, but if it would ever be breached or similar, a modified tarball would be detected when the digital signature is verified. I maintain that planting a backdoor in curl code is so infuriatingly hard to achieve that efforts and energy are probably much rather spent on finding security vulnerabilities and ways to exploit them.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of Verified Curl

Verified Curl

« FNAC Darty to Seek M&A Targets as Debt Level Improves, CFO Says
SuiPlay 0x1 is an open Steam Deck-like gaming handheld with multiple game stores »