

Ask HN: is Nginx trusted? - hoodoof

Given that it&#x27;s developed in Russia, does the Russian equivalent of the NSA have code in there?
======
tptacek
No, the Russians have mot backdoored nginx.

~~~
clubhi
mot is russian for secretly

~~~
tptacek
It's American for "I am typing this on an iPhone keyboard".

~~~
hadoukenio
Which is made in China.

------
misframer
The source code is available, so theoretically you could check.

~~~
hoodoof
That might not be enough......
[http://en.wikipedia.org/wiki/Underhanded_C_Contest](http://en.wikipedia.org/wiki/Underhanded_C_Contest)

------
mattwritescode
I think you probably have to worry more about the general security of your
servers. Its really quite easy to do something stupid which can leave you
exposed.

Im sure the russians have better things to be doing rather than looking at you
(no offence).

------
airjd
I just use it to proxy my static resources.

