Firefox Vietnamese Language Pack Infected With Trojan

An anonymous reader writes "Wired.com is reporting that the Firefox browser has been unknowingly distributing a trojan with the Firefox Vietnamese language pack. Over 16,000 downloads of the pack occurred since being infected. This highlights a risk on relying on user-submitted Firefox extensions, or a lack of peer-review of the extensions, many of which receive frequent upgrades."

Downside of OSS

[elrous0]

I know this isn't going to be a popular opinion here, but two of the big downsides of open source software to me are the lack of documentation and the lack of quality control. Sure, OSS has THEORETICAL quality control (because anyone can review it), but how often does that REALLY happen? If someone slipped in a virus into some OSS program (especially easy if they distribute it as a binary), how long, if ever, would it be before anyone caught it?

I'm not saying commercial software is perfect in that regard (there have been cases of commerically distributed software containing malware too), but at least there is generally some level of quality control there.

Re:Downside of OSS

[RiotingPacifist]

The Downside is when the project gets too big, the number of users >>> developers so resources get stretched to try and satisfy the large number of users and the quality of the project drops.

Re:Downside of OSS

[jrumney]

In fact, it is more like less than one month, since the other two months is attributable to the delay in anti-virus vendors recognizing the trojan.

Re:Downside of OSS

[AshtangiMan]

So it's like when you park your car in your garage at night. In the morning you don't look in the trunk to make sure that i) no one put a hostage/ dead body in there; ii) no one removed a hostage/ dead body; or iii) the spare tire is in good working condition. While it is possible, and recommended that you do so, there is no guarantee that everyone does this.