I commented in my FOSDEM talk that FOSS is necessary but insufficient for security, and that we need an OCap/PoLA foundation; some recent malware examples like the event-stream takeover might be arguably still FOSS.
Well, here's more examples: malware appearing in FOSS browser extensions https://lwn.net/SubscriberLink/846272/37d25507fa3e9cd3/
@cwebber This is part of what I like about Haskell.
It isn't perfect OCap, but it's significantly closer than most other languages. The IO monad's too permissive, and there's `unsafePerformIO`. But otherwise I know what program data each function can read, and that it's only writing to it's return values!
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!