Except for the desktop, Linux and open-source run the IT world. With great power comes great security responsibilities. While open-source security issues can be overstated, the simple truth is antique, insecure open-source software is everywhere. The Linux Foundation knows this. To address it, the Foundation’s Core Infrastructure Initiative (CII) and the Laboratory for Innovation Science at Harvard (LISH) have developed a survey for FLOSS contributors.