Hacker News new | past | comments | ask | show | jobs | submit login

At least Linux distributions usually compile from source. I wonder if the source was also modified, or only the binaries.

EDIT: I downloaded the Transmission 0.90 and 0.91 source code and took a look. The diff between them is quite small, with nothing suspicious being removed, and the 0.90 .tar.xz MD5 matches what Fedora used (according to http://pkgs.fedoraproject.org/cgit/rpms/transmission.git/com...). So, unless there was also a malicious source code change the developer didn't catch, Fedora's package should be clean.




> I wonder if the source was also modified, or only the binaries.

Personally, pending further information, I've removed Transmission from my machine.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: