• Wooki@lemmy.world
    link
    fedilink
    arrow-up
    49
    arrow-down
    1
    ·
    edit-2
    7 months ago

    No, its the exact opposite.

    Supply chain conpromise is a level of risk to manage not unique to FOSS. Ever heard of sunburst? It resulted in a lot of Microsofts cloud customers getting wreaked all because their supply chain was compromised.

    Do people continue to buy into 365 and Azure? Yes. Without care.

    So will this hurt open source projects? Not at all, in fact it will benefit them, highlight just why source code SHOULD be open source and visible to all! We would have had very little to no visibility and capability to monitor closed source. Let alone learn, improve and harden how projects can protect against this increasingly more common attack.

    • oce 🐆@jlai.lu
      link
      fedilink
      arrow-up
      15
      ·
      7 months ago

      Yeah, I agree but I know some companies will have stupid thoughts like “a company employee is less likely to do that” or “at least we have an employment contract to back us up legally”.