Right... Airbus cannot possibly compete with Boeing. ARM cannot possibly compete with Intel. Siemens cannot possibly compete with... well, actually, I think Siemens dominates the industrial controls space and I can't think of a comparable US company.

And ASML? Nobody competes with ASML.

Your post is typical of Americans who somehow think the US can do everything better than anyone else. Meanwhile, the US is rapidly losing ground.

And while NL is geographically only a bit larger than New Jersey, it has about double the population and that's the metric that matters.

Maybe, or maybe not. Prior to Hitler's becoming chancellor in 1933, the NSDAP had a minority of seats in the German parliament, having actually dropped in seat count from the previous election, and they had only 33% of the popular vote.

History doesn't repeat exactly, but we can't be complacent.

You're being disingenuous; you know exactly what the issue is.

Perhaps because on average, European countries are amongst the happiest in the world? Certainly far happier than the USA.

Trump might be gone in 2029, but Trumpism and MAGA ideology will live on.

Open-source code is much safer the proprietary code. It can be audited, and in the specific cases of Linux and PostgreSQL, there are enough EU developers working on them to fork the project if the USA gets too insane.

To me, the most important things to do to mitigate risk are: (1) No dependence on proprietary US software, and (2) no dependece on US-based cloud services. I think that's the best we can do for now.

OVH is a large hosting provider in France that can compete with the likes of Google and Amazon for cloud services.

Alternatives for Oracle and MSFT are open-source: PostgreSQL and Linux respectively, and LibreOffice to replace MS Office. Even though Linux and PostgreSQL have a large developer community in the USA, the fact that they're open-source makes them a lot safer, and both projects also have a lot of EU developers who will be able to carry on if the USA goes rogue.

IBM is a special case; I don't know of serious alternatives to IBM mainframes.

No non-US organizations should rely on US-based proprietary software or US-based cloud services. The risks are simply too high.

My projects are not written in JS or Python. Perl and C. Some of the Perl modules are on CPAN where I don't have to worry about downloads, but the C ones are hosted on my server.

People can and do find my stuff just fine. The project pages are visible to everyone. Only the downloads are protected.

And I think password-protection or filling in of a form in order to download is a perfectly-acceptable technique for anyone to use.

No, I don't. While I don't want people abusing my server, I'm also not anti-social.

I say: Let them freak out. What are they gonna do about it?

I have a few open-source packages I wrote and maintain and I had to block downloads of one of them behind a form that required entering the answer to a question. CI systems from all over the world were just hammering my system.

I think this is the future: No more automated downloads. If you want automated access to packages, you'll have to download them once by hand and make your own mirror.

I've also had to password-protect my forgejo instance to block AI bots. The password is given right on the welcome page, but so far bots are not smart enough to recognize and use it.

It depends on your password manager. I use one that stores everything locally and never goes out on the network for anything, and it's about as good as it gets. Certainly, the slight risk from the extra software is more than outweighed by the ability to use strong and different passwords for every service.

Well, any effective throttling mechanism can also be used as a DoS vector.

That may not be how they breach them

While I agree that more software = more attack surface, in the specific case of a password keeper, I think that easily allowing high-entropy passwords increases security much more than using a password keeper decreases it.