Trojan Source Code - Can we trust open-source anymore?
Talk 30 min
Cheuk Ting Ho
Recently, a paper titled [Trojan Source](https://trojansource.codes/) is published to demonstrate how a visibly valid contribution can contain malicious code by exporting the Unicode control characters. Some of these have been tested on Python and it works. How can it happen? Shall the Python and open-source communities be concerned?