'Trust no one' is good enough for the X Files but not for software devs: How do you use third-party libs and stay secure, experts mull on stage
https://www.theregister.co.uk/2020/01/28/third_party_trust/
Enigma In a chilly conference room at the San Francisco's Hyatt Regency on Monday, legal and digital security pros convened at USENIX's Enigma conference to hold forth on security, privacy, and related matters.
Following a discussion panel on encrypted messaging, the talk turned to mitigating the risks that come with using third-party code, external vendors, and crowdsourced advice.