The Xz backdoor and a near miss on the F-Droid app store show how the entitled attitude of some people in the open source community can be used to push malicious or insecure code.
If something is free Software, there is no supply chain. There is no security and no guarantees. For sure all these volunteers are mostly trying to deliver a good product, but they are offering free labor.
Saying “bullying is bad for the outcome of the product” is kinda ironic, as “not paying these devs” also is bad. This is just the extreme form
If something is free Software, there is no supply chain. There is no security and no guarantees. For sure all these volunteers are mostly trying to deliver a good product, but they are offering free labor.
Saying “bullying is bad for the outcome of the product” is kinda ironic, as “not paying these devs” also is bad. This is just the extreme form
This person has never worked in a company where customer service has full access to user’s passwords because no one bothered to hash them.
What? Its literally a transparent supply chain, and therefore much safer than the supply chain of non-free software.
https://www.softwaremaxims.com/blog/not-a-supplier