Notices by Anil Dash (anildash@me.dm), page 13

@joshhunt @devs I’m proposing direct structural support in terms of resources and infrastructure from major for-profit tech companies to support open source projects and maintainers. Absolutely the big players could evaluate open source build chains just as they do their own code.

Behind your browser, the #internet is people.

Repeatedly, we see what happens when the humanity and fatigue of people maintaining critical infrastructure are exploited.

Most recently, with the discovery of the #XZ hack.

@dansinker @waldoj @brianboyer they’ve added more form fields to fill out!

@danhon As Dan Hon awoke one morning from uneasy dreams he found his voicemails transformed in his bed into a gigantic text file.

@chrisgeidner they should rethink their entire lives and careers

@paulca delighted to be participating. This is gonna be a good one.

In a city called The Dalles, in Oregon, USA, local people were worried that Google’s water use was soaring. As is so often the case, the city officials, who had given Google hundreds of millions in tax breaks, had no intention of letting anyone know how much water Google was using. It was up to a local paper, The Oregonian, to try and find out. They were forced to bring a case to court. City officials were ordered by Google to claim that Google’s use of scarce public water was a “trade secret”.

https://youtu.be/DROnNTmTIgY?si=8h_pnpWVLB2zqLvk

@by_caballero yep!

I’d asked this in hopes of identifying people who are currently early in their careers, but it’s interesting how many read it as asking who inspired them early in *their* career. https://me.dm/@anildash/112214630805398084

Who are the early-career people in tech that inspire you or give you hope with their work or their ideas?

There's been a ton of conversation about the xz exploit, but the real reason this kind of thing could even happen is because of *human* vulnerability, not a technology vulnerability. So we have to take a deep look at how we truly support the people who make open source happen. Here's the real, substantive investment @devs has been providing: https://www.fastly.com/blog/what-can-you-actually-do-to-reduce-the-threat-of-hacks-like-xz

@KimSJ @mrblissett yeah Facebook isn’t that bad at that kind of security.

@mrblissett @KimSJ I bet they will eventually, as soon as a vendor who can run one exists.

@roland @admin because the campaign uses his personal name and the institution uses his title, a convention started in the Obama era as a way of trying to respect the law separating campaigns from governance. (Which Trump obviously never cared about.)

@evan @atatassault alas no. After Twitter and others killed the necessary APIs, we decommissioned it so there wouldn’t be any security surface area to have to monitor.

@artemesia I expect they will.

@staringatclouds yep!

@artemesia I think you actually know exactly the point I’m making

@trabex it’s a first step.