Friend who is not a software person sent me this tweet, which amused me as it did them. They asked if "runk" was real, which I assume not.
But what are some good examples of real ones like this? xz became famous for the hack of course, so i then read a bit about how important this compression algorithm is/was.
There is a guy named Arthur David Olson who maintains a small database of all the time zones in the world, including things like leap seconds and such. It's used by everybody and it is updated several times a year. See here:
I bet he's paid nothing to do it. Then one day, when a timing attack happens that can be traced to the DB, some knobhead CTOs and tech influencers will start talking about "securing the supply chain". They'll want other such bullshit and responsibilities to be shoved unto volunteers.
It would make sooo much more sense for the ISO to set something up, and make governments each responsible for keeping it updated, since they're the ones doing the changing.
Require all participants to amend their law/regulations, so there's a note to prompt whoever is in power and changes it next.
I'm sure some places would still neglect to do it... Haha
Wasn't there also very recently a whole thing about the single guy who maintains the NTP spec threatened to retire so he could get a "real" job, which caused a gigantic internet-wide panic as pretty much everything we do relies on computer's clocks being perfectly synced?