I carry around a messenger bag with lip balm, wet wipes, earplugs, earbuds, bandages, sunscreen, sunglasses, a respirator, a hairbrush, a phone charger, a flashlight, and a reusable shopping bag.
tedgravy
As a packager, I totally relate to this: we generally don't have the resources to follow the upstream development of the projects we rely on, let alone audit all the changes they make between releases. Open source software still has security advantages — we can communicate directly with the maintainers, backport security fixes and immediately release them to users, fix bugs that affect the distribution, etc. — but I agree that it's not a silver bullet.
If their apprenticeship program goes well, it might allow thousands of people to lift themselves out of poverty, especially if the pay is fair. I hope that's the case.
That's pretty interesting, but it's also unfortunate for the people who got infected. Maybe requiring the JAR files to be signed by the authors help mitigate this type of attack.
Some people seem to be blessed with the ability to naturally speak a language based on input practice alone, but I think that most people need to practice input (listening, reading) and output (speaking, writing) separately. The thing that helped me the most (at least for French) was starting a journal in my target language and adding to it every day, but anything probably works as long as it gets you writing or speaking.