Imagine a backdoor planted by a Russian asset. Linux could get removed from some list of approved OS that can be used in a government context.
Email-based filtering of maintainers is not even close to what could be considered adequate security measures. In fact, when CISO or OSS starts caring about the optics, it’s a red flag.
Email-based filtering of maintainers is not even close to what could be considered adequate security measures. In fact, when CISO or OSS starts caring about the optics, it’s a red flag.