The thing that people do not seem to realize is that Linux is big business mostly funded by major corporations and government entities. The myth of excentric computer nerd do-gooders donating their time and efforts to help others by perfecting the Linux Kernal or one of the many distributions would be funny if it were not so pervasive.
"By 2017 "Linux ran on 90% of the public cloud workloads and nine of the top 10 public cloud providers. On top of these, Linux also ran on 82% of the world’s smartphones and had a gargantuan market share of 99% on the supercomputer market."
https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/a-look-at-linux-threats-risks-and-recommendations.
Since that time Linux distributions and the kernel(s) itself have grown and further dominated much of the segments that they are focused on. It is just much fuzzier than that of most of the major entities that are the major contributors.
I have posted the Linux Foundation's current "Diversity & Inclusivity" statement to try and demonstrate that they are on the same wavelength as the big tech organizations that provide nearly all of their funding. If you look at the funding and income streams for all of the major Linux distributions you will find the same type of thing.
The scary thing about Linux distributions is that their ownership, contributors, and motives are more difficult to trace and figure out than those of Microsoft, Apple, Nvidia, Intel, Google and others. The related security concerns and determining who is actually responsible when bad actors manage to exploit or even contribute vulnerabilities are not clear.
I have done quite a bit of research on this over the years and it is always scary. Linux proponents here and just about everywhere else tend to be extremely naive when it comes to the security of their systems. The same major corporations and government agencies that they believe that they are thwarting by using Linux are typically major contributors to Linux development. And they are not doing it from the goodness of their heart... they are doing it because they expect to get a return on their investment.
Most if not all of the major Linux distributions have major multi-national corporations behind them. Who are you trusting your data with and who else might be contributing and exploiting vulnerabilities. This is a discussion that most people have little if any awareness of.
I will close with a link to this article that makes a few good points.
https://thenewstack.io/is-community-backed-open-source-software-worth-the-risk/
Didn't Earn It (DEI) is ruining everything but, there is _always_ a but, The Linux Foundation is _NOT_ Linux.
It's lipstick for a pig.
Most “humans” are lax on security if their environment is safe enough for electronic devices to be common.
Slackware user since 1994 or so.
Unlike most I do take full responsibility for my security.
That does not imply it is fantastic just that I take responsibility.
You paint fellow FR users with a wide brush and single yourself out for narrow brush treatment IMHO.
In other news 6.10-rc3 is available :-)