stop referring to vulnerabilities stemming from software using publicly-available package repositories cataloguing what amounts to a vast effort of free labor as “supply chain attacks”
providing free labor does not make one a supplier — a “supply chain” implies some form of economics where EVERY OTHER MODEL of a supply chain involves money changing hands
these attacks are against a communal resource, not a supply chain
Matthew Lyon /
npub1v2…tnwtf
2024-07-02 16:56:36
Author Public Key
npub1v29x60yszl8rrmjcquqqaa4qadea3yytqglpkpvllwvcffy8wtqsdtnwtfPublished at
2024-07-02 16:56:36Event JSON
{
"id": "bcaaa8faff36bcc5763657878409f329c40e9ba09b209ee79e2ec09dac2d14e9",
"pubkey": "628a6d3c9017ce31ee5807000ef6a0eb73d8908b023e1b059ffb9984a48772c1",
"created_at": 1719939396,
"kind": 1,
"tags": [
[
"proxy",
"https://hachyderm.io/users/mattly/statuses/112717948281447594",
"activitypub"
]
],
"content": "stop referring to vulnerabilities stemming from software using publicly-available package repositories cataloguing what amounts to a vast effort of free labor as “supply chain attacks”\n\nproviding free labor does not make one a supplier — a “supply chain” implies some form of economics where EVERY OTHER MODEL of a supply chain involves money changing hands\n\nthese attacks are against a communal resource, not a supply chain",
"sig": "2feacb188bd20d1c4171b76a628ab5ef4b5b92e8707d24c3a367086d065753bf934229c7bce1cd1380c9c0957bb876620e090b1d57a8463b690f770cd8f7423f"
}