

Ruby Rogues Podcast - Security Exploits with Patrick McKenzie - guy_c
http://rubyrogues.com/093-rr-security-exploits-with-patrick-mckenzie/

======
guy_c
Patrick on the RubyGems exploit, "The ultimate nightmare scenario would have
been ... to put back doors or root kits into commonly used Gems. And then,
anybody who types bundle update, or Gem install anything for a period of weeks
or months before it’s discovered, would have their machines rooted. That’s the
ultimate nightmare apocalypse for the Ruby community kind of disaster. I think
we missed that by minutes. It was a very close thing. I hate to sound overly
dramatic. But it’s kind of like Cuban missile crisis level, as far as software
is concerned, right?"

