Unpopular opinion: The UMN security researchers that executed a successful supply chain attack on the kernel did a public service.
Can state actors get away with this too? Did they already?
We need serious reform in open source code review.
@lrvick The issue is real but they completely fucked up the execution of the test. The number one thing to do is get approval for testing which they didn't. They could've worked with the maintainers but chose not to. They totally deserved what they got.
Server run by the main developers of the project It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!