the recent #XZ disaster has prompted me to reread my own article from two years ago next month on "Free Software Unions". While I'd put some of the details in there differently today, I think the core point still stands: that free software maintainers are vulnerable to exploitation, both from Big Tech and, as is now evident, malicious attackers. And that the only way to protect them is to join into mutual support, solidarity groups.


See: babka