Post B5BoCE0mlFjiANvKJk by kyle@mastodon.kylerank.in
 (DIR) More posts by kyle@mastodon.kylerank.in
 (DIR) Post #B5BoCCw8l2QUpgk6RE by joshbressers@infosec.exchange
       2026-04-11T16:02:04Z
       
       0 likes, 0 repeats
       
       I wrote a blog postOpen source was never about trusthttps://opensourcesecurity.io/2026/04-never-about-trust/There's been a lot of really crazy events happening around open source for the last few months. But it's probably all going to be OK
       
 (DIR) Post #B5BoCE0mlFjiANvKJk by kyle@mastodon.kylerank.in
       2026-04-11T16:17:43Z
       
       0 likes, 0 repeats
       
       @joshbressers Thanks for the blog post! I also have more of an optimistic than pessimistic take on current events. I think we soon may actually be in a world where "many eyes make bugs shallow" will actually apply to security bugs.The key will be for orgs like Linux Foundation to fulfill their role as liaison between these tech companies w/ embargoed access to these modes (and their 0-days) and core OSS projects that need support during this initial flood.
       
 (DIR) Post #B5CEAR5vkHsCyJ8b8C by joshbressers@infosec.exchange
       2026-04-11T21:08:43Z
       
       0 likes, 0 repeats
       
       @kyle I'm not very optimistic the existing foundation want to do thisWhat you describe is a very new and different model from how any foundations work today. I don't think any of them have the fortitude or forsesight
       
 (DIR) Post #B5CGWgPxegLgm5F7fU by kyle@mastodon.kylerank.in
       2026-04-11T21:35:12Z
       
       0 likes, 0 repeats
       
       @joshbressers Yeah I'm not sure whether they will be able to adapt their Alpha/Omega program to this. I mention them because they came up in the articles I read about Project Glasswing so I'm hoping whoever is at the helm at OpenSSF is bringing the right people in, or if not, (and they see this thread) there are plenty of us here in the community that have the will, expertise, and foresight to point in the right direction.