The above text-replaced comic is a reference to the XZ vulnerability. XZ was an open source library (that is to say, a piece of code that is freely accessible to anyone), which was used by the Linux operating system.
A developer who was determined to be malicious spent years and years gaining trust with their innocuous code, getting to the point where it was included in many devices, and that updates to their code would automatically be sent out to new versions of Linux.
The developer proceeded to introduce malicious code into the trusted software, infecting newer versions of the Linux operating system. It was caught quickly. This introduced a new conversation to the open source community, as they have been relying on the ability to trust and vet its membership to avoid bad actors.
However, the above comic points out that trying to be a bad actor in the open source world required a LOT of effort AND was caught quickly, compared to the alternative. This is a comic reaffirming the security and value of open source.
