well, name an example of a thing that can never change then.
"research alternatives" meaning what exactly? You think open source is somehow not susceptible to the same issue, plus all of the malicious updates?
well, name an example of a thing that can never change then.
"research alternatives" meaning what exactly? You think open source is somehow not susceptible to the same issue, plus all of the malicious updates?
Security focused FOSS does signed commits, signed reviews, full source bootstrapping, and reproducible builds.
Proprietary software solutions are unable come close to that level of accountability.
Not all published source code is secure but all secure software has published source code.