Is going to Codeberg or sourcehut(or Forgejo, etc) not like switching from Pepsi to Coke(or Mr. Pibb, etc)? When people start flooding to those alternate hosting platforms, threat actors are going to start heading that way as well. Shark bites happen near the shore, because that is where the people are.
Also, I think the conditioning of people in society is underestimated. If a corporation tells its consumers that it remedied the situation, most will opt for familiarity, correct?
> threat actors are going to start heading that way as well
bad actors are not the problem, Github priorities and attitude are, so switching solves that. Will other providers have outages? Sure, sometimes. But you'll be able to find one that manages that better.
Will you, though? Compared to PyPi/VSCode, etc GitHub made platform-wide, security changes. Blue Team gets blamed often but you can't dodge an object you don't know is headed your way. The best you can do is mitigate it, and prevent further loss. If an organization exfiltrates data, you can't go back in time and get it back. Also, AI gets tossed around as excuse for things, but it really is finding some obscure vulnerabilities humans wouldn't have. https://fortune.com/2026/04/14/anthropic-mythos-reveals-secu...
Is going to Codeberg or sourcehut(or Forgejo, etc) not like switching from Pepsi to Coke(or Mr. Pibb, etc)? When people start flooding to those alternate hosting platforms, threat actors are going to start heading that way as well. Shark bites happen near the shore, because that is where the people are.
Also, I think the conditioning of people in society is underestimated. If a corporation tells its consumers that it remedied the situation, most will opt for familiarity, correct?
> threat actors are going to start heading that way as well
bad actors are not the problem, Github priorities and attitude are, so switching solves that. Will other providers have outages? Sure, sometimes. But you'll be able to find one that manages that better.
Will you, though? Compared to PyPi/VSCode, etc GitHub made platform-wide, security changes. Blue Team gets blamed often but you can't dodge an object you don't know is headed your way. The best you can do is mitigate it, and prevent further loss. If an organization exfiltrates data, you can't go back in time and get it back. Also, AI gets tossed around as excuse for things, but it really is finding some obscure vulnerabilities humans wouldn't have. https://fortune.com/2026/04/14/anthropic-mythos-reveals-secu...