But looking at Debian funding only is rather pointless. If you have a few names there such as google, Lenovo and AWS - that's largely irrelevant. "Upstream" donations to the Linux Foundation and other projects are much more relevant for example, and apply to all Linux distributions and Linux based OS. systemd, as another example, is a IBM/Red Hat funded and developed project, which has a clear business agenda. IBM/Red Hat develop software for their own business case. It's hardly any different to Microsoft doing the same, the difference is mainly in the "open source" development and the licence.
Those corporations are very much in control, they are steering things, their reps are on the board of directors and technical advisory board of the Linux foundation. You may want to "trust" Debian and not trust Microsoft for example - but you first have to consider this:
https://www.linuxfoundation.org/our-mem ... erpower-2/
Microsoft and Oracle are at the top, in the platinum members category - two corporations with a history of hostility to open source. If you don't trust Microsoft and don't use Windows and use Linux because of that, that could present you with a problem...
The board of directors always has a mix of Facebook, Oracle, Microsoft and IBM reps among others...
https://www.linuxfoundation.org/board-of-directors/
I don't trust Facebook, Oracle, Microsoft or IBM - this is no different.
The technical advisory board currently has 4 google reps on it:
https://www.linuxfoundation.org/technic ... ory-board/
I also certainly don't trust google.
Linux is the kernel for Android - which along with the enterprise server and embedded markets, is "Linux". Hobbyist desktop users running distributions, are a tiny percentage in comparison - not even registering on the scale.
Linux is a business and corporations are firmly in control. Pretending that these highly paid people and massive donations are about "charity" is just laughable naivety. Corporations don't pour millions into projects like Linux because it's nice to do so, and they don't pay their own developers to work on it as a hobby.
The "open source" nature of the code doesn't matter. You're trusting others to audit - many of the "auditors" are google, AMD, Intel, Microsoft, etc software engineers...
Torvalds famously admitted some years that the Linux kernel code base was too large and complex for humans to audit. Unless you audit every line yourself and have to skill to understand every line - which Torvalds admitted that even they don't... you have to either blindly trust the Linux kernel or stop using it. In trusting the Linux kernel, you're placing trust in FAANG, Microsoft, IBM and "Big Tech" as a whole - there's no getting away from that.
Old article:
https://www.linuxfoundation.org/wp-cont ... t-2017.pdf
To summarise - it's already mostly corporate contributions and promising "volunteers" get bought off anyway. So while GPL prevents someone taking the code and closing it off and selling it as a product - it does nothing to prevent the paying off of key developers to effectively put most important "open source" development on the corporate payroll.The top 10 contributors, including the groups “unknown” and “none,” make up just over 54 percent of the total contributions to the kernel; that is up slightly from the previous version of this report. It is worth noting that, even if one assumes that all of the “unknown” contributors are working on their own time, well over 85 percent of all kernel development is demonstrably done by developers who are being paid for their work. Interestingly, the volume of contributions from unpaid developers has been in slow decline for many years. It was 14.6 percent in the 2012 version of this report, but is 8.2 percent this time around. There are many possible reasons for this decline, but, arguably, the most plausible of those is quite simple: kernel developers are in short supply, so anybody who demonstrates an ability to get code into the mainline tends not to have trouble finding job offers. Indeed, the bigger problem can be fending those offers off. As a result, volunteer developers tend not to stay that way for long.
Whether people care or not, that's the realty of it.