KidM to [email protected]English • 2 days agoVSCode extensions with 9 million installs pulled over security riskswww.bleepingcomputer.comexternal-linkmessage-square8fedilinkarrow-up150arrow-down10cross-posted to: [email protected]cybersecuritytechnology
arrow-up150arrow-down1external-linkVSCode extensions with 9 million installs pulled over security riskswww.bleepingcomputer.comKidM to [email protected]English • 2 days agomessage-square8fedilinkcross-posted to: [email protected]cybersecuritytechnology
minus-square@[email protected]linkfedilinkEnglish2•22 hours agoBecause people will do the work for them, so why enforce their TOS when they can just say YMMV and have absolutely zero liability if someone’s extension sells your corporate code to the dark web
minus-square@[email protected]linkfedilinkEnglish2•edit-222 hours agoYou can still have zero liability with a simple automated check. A theme is just JSON, so if it’s in the theme category, run it through a JSON parser. That would take a bad developer a day to do.
Because people will do the work for them, so why enforce their TOS when they can just say YMMV and have absolutely zero liability if someone’s extension sells your corporate code to the dark web
You can still have zero liability with a simple automated check. A theme is just JSON, so if it’s in the theme category, run it through a JSON parser.
That would take a bad developer a day to do.