In the past, security expertise has been a luxury reserved for organizations with large security teams. Open source maintainers—whose software underpins much of the world's critical infrastructure—have historically been left to figure out security on their own.
大多数人认为开源社区有足够的安全能力和资源来维护关键基础设施。但作者明确指出开源维护者一直被单独应对安全问题,暗示了开源安全状况比普遍认为的要脆弱得多。