Email or username:

Password:

Forgot your password?
Top-level
Matthew Lyon

look, I get why y’all like the “supply chain” rhetoric, it helps you continue pretending that software security can be solved through capitalistic means

here’s the thing: I’ve run a manufacturing business before. I’m getting a second one going. Supply Chains are defined by an exchange of money for goods, with value-add steps in between. That’s it

Where’s the money, Lebowski?

Software packaging security is a social trust problem, which can’t actually be “solved” in a capitalist framework

4 comments
Urja

@mattly I agree with what you said, but after boosting it, decided that I want to do a little "Yes, and...".

As in, yes, and as long as we live in a capitalistic society, for people to be able to be trustworthy, they need to be able to eat. Thus I see why some people are trying to solve the money issue - but github forcing 2FA is not really helping with the money, so ehh.

Matthew Lyon

@urja I mean, I’ve long since given up on trying to encapsulate a nuanced opinion in 500 characters

Irenes (many)

@mattly yeah. glad to hear you got there! we do see a lot of reason to be hopeful that people are moving towards consensus that this corporate enclosure stuff really is a problem.

Go Up