Damus
ARGVMI~1.PIF · 8w
I need everyone to understand that they're not going to solve the supply-chain-attack problem with AI, checklists, government regulations, million-dollar auditors, proprietary patent-pending fuzzy-log...
V profile picture
@nprofile1q... supply chain attacks are a lot harder if you know:
- what your dependencies even are.
- Why you are using them.
- Where you gt it from.
- Who you get it from.

Not that they can't still happen - it's just a lot harder if there is an *actual* dependency-dependant relationship beyond cargo dropping a mysterious loot box full of function calls on your head.