The Xz backdoor and a near miss on the F-Droid app store show how the entitled attitude of some people in the open source community can be used to push malicious or insecure code.
One of the takeaways Imo is to consider bullies as potential security threats especially when they’re pushing to merge code. And for both developers and non-developers alike, to try to foster a culture of respect and avoid entitlement in git issues. Call it out when you see it and don’t dogpile.
One of the takeaways Imo is to consider bullies as potential security threats especially when they’re pushing to merge code. And for both developers and non-developers alike, to try to foster a culture of respect and avoid entitlement in git issues. Call it out when you see it and don’t dogpile.