Excellent interview. Great contrast to the NYT article they start talking about. Evidence that we really need more tech experts that get into journalism and have the capability to conduct quality interviews. Bryan Cantrill is a good interviewer and asks good questions.
For the security of all and analogous to the Chaos Monkey principle, there ought to be a covert merry band of coders whose goal is to try to slip obsfucated benign commits into important FOSS projects under pseudonyms to maintain vigilance and offer teachable moments as a public service.
That's a bit like trying to sneak guns past the TSA without clearing your "security testing" with the higher-ups beforehand. Believe it or not, straight to jail.