The Register recently published a story titled Putin on the code: DoD reportedly relies on utility written by Russian dev. They should be ashamed of this story. This poor open source developer is getting beat up now to score some internet points. It’s very upsetting.
But anyway, let’s look at some receipts.
If you’re not real smrt, it seems like pointing out an open source project is written by one person in a country you don’t like is a bad thing. It could be. But it also could be the software running THE WHOLE F*CKING PLANET is written by one person. In a country. But we have no idea which country. It’s not the same person mind you, but it’s one person.
Total nonsense.
A good open-source maintainer won’t act maliciously, even when underfunded, until they are forced to.
A FOSS project that is underfunded has its own problems. But if it becomes unmaintained, you can take over or react. The other risks are assessable.
Russia is an oppressive regime that continuously attacks other parties through hybrid warfare. Who knows what environment and pressures the maintainer is under? The more important the project is, the more value it has as an attack surface.
How can they think and publicize “nah, underfunded is more important”? And even going further than that, claiming the country is irrelevant?