For several years now I’ve talked about open source software being an educated risk we’re all willing to take. Open source is the foundation of any successful company, it’s the driver of innovation, but it’s no free lunch.
Vital infrastructure relies on libraries maintained by a single individual, or maybe worse yet: a single vendor. Individuals or organizations may restrict the use of their technology or EOL versions of their software, posing real challenges to organizations and customers depending on that technology.
The response from industry to cautionary tales has been lackluster. Will European legislation (CRA, PLD, …) change that? Here’s to hoping!