Have you audited any of it? Would you like to try gcc or systemd for that matter? By the time you go through 1% of it the code has changed already. How many times in the past years has tremendous security breaches been caused by FOSS and was discovered months after it was in effect, and some of this by coincidence, or corporate teams that review code.
The fact I haven’t doesn’t mean I can’t read auditors who have, who do keep track of these changes. Zero days are usually caused by things no one noticed, not things that were intentionally added by corporate overlords to spy or back door a FOSS app.
Have you audited any of it? Would you like to try gcc or systemd for that matter? By the time you go through 1% of it the code has changed already. How many times in the past years has tremendous security breaches been caused by FOSS and was discovered months after it was in effect, and some of this by coincidence, or corporate teams that review code.
The fact I haven’t doesn’t mean I can’t read auditors who have, who do keep track of these changes. Zero days are usually caused by things no one noticed, not things that were intentionally added by corporate overlords to spy or back door a FOSS app.