Shai-Hulud style supply chain attacks have shifted compromise from organizations to individual developer environments — making the personal laptop a critical supply chain tier for OSS maintainers. This talk introduces a survivability-first defensive model for single-user environments, focusing on outbound behavior, credential trust boundaries, release workflows, and environmental auditing rather than enterprise-scale controls.
