Discussion
Loading...
Post
@jacques @bagder@gregkh I'd really love to have some public database that would help us all collectively make more efficient resource allocation decisions.
Let's take CVE-2025-38352 for example. CISA added it to the KEV because Google said that there is evidence of exploitation in the context of Android.
If you use CONFIG_POSIX_CPU_TIMERS_TASK_WORK=y the fix is not needed.
Linux distros aren't affected but release "fixes" anyway. https://forums.rockylinux.org/t/rocky-8-10-cve-2025-38352/19590/3
@jacques do you miss it? 😅
@msw yes and no. It was nice to have a sense of mission and doing good. Now my work focuses on making a rich guy even richer.
On the other hand: https://mastodon.chester.id.au/@jacques/113682317639998354
@jacques yes, maybe dealing with the realized capital expenses of infrastructure within the context of a firm are a little easier to wrangle in one's head compared to the abundant world of digital public goods such as FOSS.
To me, there are risks introduced through widely reused public-goods software that are, in theory, limitless, not just millions of dollars. Good things the benefits outweigh them.
And of course, making FOSS better makes those with the most resource excess richer too. 😅
@msw I mean technically trillions were on the line but I was only unemployment-prevention responsible for millions of it. The rest was personal purpose.
bonfire.cafe
A space for Bonfire maintainers and contributors to communicate
Automatic federation enabled