As well as FoSS projects.

Absolute opposite. The majority of successful attacks you see today are identity management and supply chain attacks. If you walk into any OCIO office supply chain will be a top 3 concern.

Oh no! Anyways,

🤣 should we get a list of foss projects that have had security issues? Or how about how someone slips some shit in upstream every few weeks it seems?

Stop this nonsense. You can hate Microsoft for legitimate reasons.

What’s your viable alternative? Everyone running their own CA and getting their own root certs trusted without centralization?

It blows my mind how many folks on Lemmy have no clue how the Internet is run. Just wow 🤯

You’re an idiot if you think you’re privacy would be better off without trusted root certs and businesss taking liability around protecting them 🤷‍♂️

Works fine for me and the billions of business using it 🤷‍♂️

Same thing for all the trusted certs at the os level.

Best option for non techies at home.

Which is why companies that are concerned use something like vault do keys via API, and rotate them often instead of default services.

Anyone who cares is perfectly able to encrypt the entire system via third party tools which includes many foss projects.

The default 15 years ago was fuck it. AWS is pretty much the only reason security on the web is as *good as it is. At least Russia and China don’t have free reign over your data 🤷‍♂️.