> Where are the dozens of European tech winners? Seriously. They have the best education system in the world, strong social safety nets, cheap healthcare, and great lifestyles. Why have they not created innovative technologies that turn into worldbeating companies?
Maybe that is because there are US companies competing in the same space that are not held to the same regulations because of treaties like this one. It's hard to build a competitor to AWS, not just technically (although it very much is), but also business-wise - who would choose the unproven startup if you can go with the accepted best practise? By forcing US companies to equal footing, you give European startups more of chance. (Which is a Chinese playbook, too.)
IANAL, but GPL3 is compatible with selling the software (see Linux distros). However, it forces you to open up the complete source code and it allows the users to fork and recompile it as they see fit (but they must also open up their changes if they distribute it).
No, defense in depth is a best practice because you assume that each layer can fall. It is more practical to have many layers that are very secure than to have one layer that has to be perfectly secure.
They say this about sports, which is (usually) a zero-sum game: If I'm attacking, no matter how badly, my opponent cannot attack at all. Therefore, it is preferable to be attacking.
In cyber security, there is no reason the opponent cannot attack as well. So, my red team is attacking is not a reason that I do not need defense, because my opponent can also attack.
> or how neurodivergent is really is from much more common extroverted people.
Do you mean to say that neurodivergence is more common among extroverted people? If so, do you have sources for that? I have not yet heard of any relation between extra- (or intraversion) and neurodiversity.
I'm understanding your statement to mean that caring about something because of itself, without external motivation (like validation or money), is neurodivergent. So neurotypical would be to only care about something if you profit from you caring about it? Is that reading correct?
If so, I have to disagree vehemently. That is not my experience at all and feels extremely homo economicus and - to be honest - depressing. I want to care about things I like and that bring me joy, even if no-one pays me for that or validates my choice.
I've tried out some of the libraries, and it looks like they do calculate the difference between the installed version and the last (stable) release. If a dependency hasn't seen a release in ten years, those ten years don't count against the dependency drift. This is exactly what I would want.
However, they only check openly accessible (i.e. OSS) dependencies. If one of those hasn't seen a release in ten years, I would look for an alternative.
Maybe that is because there are US companies competing in the same space that are not held to the same regulations because of treaties like this one. It's hard to build a competitor to AWS, not just technically (although it very much is), but also business-wise - who would choose the unproven startup if you can go with the accepted best practise? By forcing US companies to equal footing, you give European startups more of chance. (Which is a Chinese playbook, too.)