Originally a thread on Twitter about the xz/liblzma vulnerability, when I finished typing it, I realized I had a real world slice of Open Source interaction that deserved more attention.

Originally a thread on Twitter about the xz/liblzma vulnerability, when I finished typing it, I realized I had a real world slice of Open Source interaction that deserved more attention.

  • @pmk
    12 months ago

    The article ends with “This is the way it works. It needs to change.” and the question then is, how? What can an ordinary user do? Or is it more about how large scale projects are run, in scope and ambition? Is it about money? More audits? What is the most pragmatic real world solution that would make a difference?