I really want to stress that everything I have said thus far about open source sustainability and the origins of the #xv problem are not *solutions*. My proposals are *mitigations*. This is not a problem that can be βsolvedβ. It is a complex of world-historic economic allocation problems that needs to be addressed in the midst of a ton of other parallel and interacting crises. None of these activities will solve the problem, but we must do something β a lot of somethings, actually β regardless.
Conversation
Notices
-
Glyph (glyph@mastodon.social)'s status on Saturday, 06-Apr-2024 06:40:59 UTC 
Glyph
- Santa Claes πΈπͺππ°π likes this.
- Santa Claes πΈπͺππ°π repeated this.
-
Glyph (glyph@mastodon.social)'s status on Saturday, 06-Apr-2024 06:40:58 UTC
Glyph
Anyone telling you that their product or service would have for sure stopped JiaT75 is bullshitting you. We can just make it gradually harder for this type of adversary, and this particular adversary appears to be extremely well-resourced, and they in particular will probably just try another vector.
*That said*, the vulnerability in the ecosystem caused by the chronic undervaluing of this type of infrastructure work is HUGE and can be easily improved by very modest investment.
Santa Claes πΈπͺππ°π likes this. -
Glyph (glyph@mastodon.social)'s status on Saturday, 06-Apr-2024 06:40:58 UTC
Glyph
Anybody proposing an SBOM or a scorecard here is fundamentally unserious though please just ignore them
Santa Claes πΈπͺππ°π likes this. -
Paul David (iamtherockstar@mastodon.social)'s status on Saturday, 06-Apr-2024 06:41:03 UTC 
Paul David
@glyph I am so tired of βtech fixes techβ diatribes. Itβs so easy to just ignore humanity entirely, because humanity is messy.
Santa Claes πΈπͺππ°π likes this.
All Chirp! content and data are available under the