- cross-posted to:
- hackernews@lemmy.smeargle.fans
- cross-posted to:
- hackernews@lemmy.smeargle.fans
Originally a thread on Twitter about the xz/liblzma vulnerability, when I finished typing it, I realized I had a real world slice of Open Source interaction that deserved more attention.
The article ends with “This is the way it works. It needs to change.” and the question then is, how? What can an ordinary user do? Or is it more about how large scale projects are run, in scope and ambition? Is it about money? More audits? What is the most pragmatic real world solution that would make a difference?