Google is not "providing" money, they pay for community service of maintaining a vital pice of code which they use to make money. And not even for a fair price, given that they use it mainly to lure people into a walled garden of their proprietary, marginally ethical services. The may open source (some) of their code, but the data remains theirs, while external interoperability of their services is virtually non-existent.

Sometimes I think maybe Google purposely made Chromium difficult to compile. Certain source files in Chromium take upwards of 4GB of RAM to compile. How is that even possible? I compile the Linux kernel sources, and nothing takes more than maybe 200MB or 300MB of RAM to compile. The last time I compiled Chromium 90 on my Raspberry Pi 4, it took 4 or 5 days to complete.

There are literally tens of thousands of source files in Chromium. There is no way any one person could possibly audit this code base in their lifetime. Google could slip any number of backdoors and malware in an obfuscated way into the code, and nobody would be the wiser...

When Google talks about improving Linux security, I get the feeling they're most interested in making their Android devices locked down so hard that they can eventually make Google Play a walled garden just like Apple does on iOS. Where nobody gets to run unless Google (not the end user who supposedly owns the device) allows them in.

Ah no, you will find being opposed to Google is widespread, especially outside the USA.

There is a lot of Google hate here but on balance I'd rather use AOSP vs iOS, Chromium over IE, projectzero vs nothing, etc. The top domain used for kernel commits is .... gmail.com (265,133) the 13th is google.com (55,055) so thank you google for having some aspects less evil than the other large corperations. Now if they could just make a mamory safe cpu and os for the masses.

Thanks for the link, I didn't finish it all yet, but so far a good read. Also, someone gave an interesting and (I'd say) informative comment on the Windows NT kernel, in fact speaking highly of it. Anyway, learned a bit here, good stuff.

Awesome /s Because I totally trust Google /s of all people /s to help with Security /s

Bro I don't think my Google Smart Shower TM needs a webcam on it and I'm not sure how to feel about my Google Sleep Cam TM.

Google hates GPL-based software and wants to replace it with something that can be locked up. Who could've guessed?

This comment didn't make any sense to me, until I realized that you'd confused Google with Microsoft.

I trust Google's Linux contributions because it's about control. Google already has a lock on the browser and the main services in Android, so they don't need to compromise the OS to collect the personal data that is their lifeblood.

On the contrary, they depend on Linux being secure because they run it on their own systems and use it in their products. And if it's not secure, then that could be exploited by a competitor or worse, leading to either indirect or direct harm to Google.

Imagine if someone launched a mass ransomware attack on billions of Android phones at once, and demanded that Google pay them a few $ to unlock each one? That would destroy Android's popularity, overnight, and put Google in a very awkward position.

Another scenario is that someone hacks Google and steals some of their data troves. That creates new competitive pressure and could also blow up in a very public way, leading to new laws that restrict Google's activities.

So, yeah, regardless of how you feel about Google's morality and business practices, I do actually trust their work on the Linux kernel. For that matter I also feel Chrome and Android are reasonable secure (from others) and for the same reasons.

Those fears of exploitation didn't stop them from backdooring their own servers with PRISM and their own cloudy products with MUSCULAR for the NSA. How is it that they've suddenly grown this great concern about closing all possible exploits? Just as likely that they've continued the game and gotten a lot more crafty about using it for their own profit.

Compiling C++ (Chromium) is not the same as compiling C (Linux). C++ is a notoriously difficult language for compilers, and has always required more memory (and time) to compile with any family of compilers.