Notepad++ just lost the trust of our company due to their updater hack by the Chinese government. Everyone was instructed to uninstall it and move to alternate options.
Yes, because if you read the release it was a fault at the underlying provider which they were already moving away form.
Also, you can not stop a proper state sponsored threat actor so leaving an org because they were hit is stupid when they are open about what happened and how they have made actual changes to minimise it from happening again.
Ok, so, do you agree with it? Or do you think that Notepad++ has demonstrated a good commitment to doing the right thing that means it’s still just as worthy of recommendation as it was last month?
I don’t know enough to make a decision on it.
I will follow the rules of my work place when working and look into it more before I make the choice between continuing to use it on my personal time. I haven’t had much free time lately, so that is still on the to do list.
Notepad++ just lost the trust of our company due to their updater hack by the Chinese government. Everyone was instructed to uninstall it and move to alternate options.
Are you sure you still want to support them?
Yes, because if you read the release it was a fault at the underlying provider which they were already moving away form.
Also, you can not stop a proper state sponsored threat actor so leaving an org because they were hit is stupid when they are open about what happened and how they have made actual changes to minimise it from happening again.
Not my choice. But higher ups.
This is why I asked are you sure.
I’m still using it on my personal pc.
Ok, but your comment pretty clearly expressed an implied agreement with that choice.
That’s you reading meaning into my words.
I stated facts about what had happened and asked whether that matters to the recipient.
Ok, so, do you agree with it? Or do you think that Notepad++ has demonstrated a good commitment to doing the right thing that means it’s still just as worthy of recommendation as it was last month?
I don’t know enough to make a decision on it.
I will follow the rules of my work place when working and look into it more before I make the choice between continuing to use it on my personal time. I haven’t had much free time lately, so that is still on the to do list.
Yes. How an org reacts to security incidents is one of the gauges I use to see if a project should be supported.
I’m not following, are you being sarcastic?
No. Would you support a project that has a security issue like what N++ had but said nothing?
Oh! Sorry, fever brain. I thought you were referring to my company as the organisation.
Yes, I agree. That is an important representation of the trustworthyness of an organisation.
All good mate.