The XZ Utils backdoor, discovered last week, and the Heartbleed security vulnerability ten years ago, share the same ultimate root cause. Both of them, and in fact all critical infrastructure open source projects, should be fixed with the same solution: ensure baseline funding for proper open source maintenance.\n
Imagine if the governments were to fund open source projects when they need and as such the benefit is available to everyone if they have no money.
In such scenario all governments/citizens would have access to software that is good.
But but think about those poor (for profit) corporations. How can they ever afford to pay upper management million dolla paychecks without milking us dry :)
And think about the children
/s
Ohh yeah, gotta think about children’s safety online.
My country has non profits that lobby for citizens , I wonder if there is enough motivation in the community to set something like that for FOSS, I don’t think existing non profits (FSF, OSI) will want to deal with that kind of stuff .