"So I personally consider security bugs to be just "normal bugs". I don't cover them up, but I also don't have any reason what-so-ever to think it's a good idea to track them and announce them as something special." Linus Torvalds
I get the realities of open source projects but the whole industry built on top of it feels so haphazard. It's not related to the Linux kernel which is fairly sound when only running a server but Log4Shell has left a really bad taste in my mouth when it comes to the commercial exploitation of code mostly developed and maintained by volunteers.
"So I personally consider security bugs to be just "normal bugs". I don't cover them up, but I also don't have any reason what-so-ever to think it's a good idea to track them and announce them as something special." Linus Torvalds
deleted by creator
I get the realities of open source projects but the whole industry built on top of it feels so haphazard. It's not related to the Linux kernel which is fairly sound when only running a server but Log4Shell has left a really bad taste in my mouth when it comes to the commercial exploitation of code mostly developed and maintained by volunteers.
deleted by creator
Better but not necessarily adequate. Very difficult to make to the case to manager who pretend there is some free market competition in software.
deleted by creator
All of it boils down to the mythical tech support which is suppose to resolve any and all issues with understaffing. Added missing words sorry.