Search
Items tagged with: OSSPodcast
The good news: WordPress still works.
The bad news: They did something bad enough that we talked about on the #osspodcast,
The good news: what they did probably isn't bad enough for you to have to worry about...
The bad news: But if they keep going in this direction you will probably have to care.
Find out more with @joshbressers and @kurtseifried on the osspodcast https://opensourcesecurity.io/2024/10/13/episode-450-whats-wrong-with-wordpress/
TL;DR: When ecosystems are controlled by someone, hopefully they are benevolent and don't violate the social contracts that we think are in place.
But we seem to be in an era where eroding of trust to make a buck, and normalization of deviancy https://en.wikipedia.org/wiki/Normalization_of_deviance is becoming more common, and we should probably worry about that.
Also I forgot the content warning, this holiday spectacular episode gets kind of real, especially around healthcare and houselessness/unhoused people and a bunch of other topics.
What happens when Santa uses AI to manage the naughty and nice list? As we all learned from "The good place" the points based system no longer works. Find out on the #osspodcast with @joshbressers at https://opensourcesecurity.io/2023/12/17/episode-407-should_santa-use-ai/ Also are elves people? What species are they? Are Santa's elves aquatic elves? Does everyone live on top of water? What about volcanoes? Also what's the maintenance cycle like for Santas sleigh? Is there a log book for this somewhere?
Episode 407 – Should Santa use AI?
It’s the 2023 Christmas Spectacular! Josh and Kurt talk about what would happen if Santa starts using AI to judge which children are naughty and nice. There’s some fun in this one, but …Open Source Security
The reality is they're still better than a lot of companies claiming to do #OpenSource but it feels like a betrayal because they were the hero of open source for so long
https://opensourcesecurity.io/2023/07/02/episode-382-red-hat-you-were-the-chosen-one/
Episode 382 – Red Hat, you were the chosen one!
Josh and Kurt talk about Red Hat closing up the RHEL source code. Kurt and Josh both worked at Red Hat in the past. This isn’t a show that bashes Red Hat, and it’s not a show praising t…Open Source Security
https://opensourcesecurity.io/2023/04/09/episode-370-open-source-is-bigger-than-you-can-imagine/
Episode 370 – Open Source is bigger than you can imagine
Josh and Kurt talk about some data on the size of NPM. Josh wrote a blog post and a report about the amount of SEO spam in NPM was released. Open source is enormous, and it’s mostly one perso…Open Source Security
Episode 364 – Using SBOMs is hard
Josh and Kurt talk about SBOMs. Quite a bit has happened in the world of SBOMs in the last year or so. There are going to be different types of SBOMs, like build, source, or runtime. Each will tell…Open Source Security
Episode 359 – The NOTAM outage and other legacy technology
Josh and Kurt talk about the recent FAA NOTAM outage. Keeping legacy things running for long periods of time is really hard to do, this system is no different. It’s also really hard to upgrad…Open Source Security
Episode 357 – Is open source being overexploited?
Josh and Kurt talk about how to think about open source in the context of society. Open source is more like a natural resource than a supplier. It’s common to think of open source projects as…Open Source Security
Episode 356 – LastPass ducked up, now what?
Josh and Kurt talk about the LastPass saga. There’s a lot of great explanations about what happened, but there hasn’t been a lot of info on how to start cleaning up this mess. We rehash…Open Source Security
Episode 355 – Security Boxing Day
Josh and Kurt talk about some security gifts for boxing day. We start out with the idea of the security poverty line and discuss a few ideas for how a low resource group can make their open source …Open Source Security
There's a tool to look at #HackerNews authors and see if their writing is similar to another user (sock puppets anyone?)
This of course leads to larger discussions about #privacy, #cybersecurity, #impersonation, and of course, #shakespeare
https://opensourcesecurity.io/2022/12/04/episode-352-stylometry-removes-anonymity/
Episode 352 – Stylometry removes anonymity
Josh and Kurt talk about a new tool that can do Stylometry analysis of Hacker News authors. The availability of such tools makes anonymity much harder on the Internet, but it’s also not unexp…Open Source Security
Also, we managed to avoid discussing CISA, Twitter, and all the other things on fire.
Episode 351 – Is security or usability a law of the universe?
Josh and Kurt talk about end to end encrypted messages. This has been a popular topic lately due to the Mastodon popularity. Mastodon has a uniquely insecure messaging system, but they aren’t…Open Source Security
This of course creates a lot more questions than it answers
Nothing makes sense anymore. Maybe it never did.
#cybersecurity
https://opensourcesecurity.io/2022/11/13/episode-349-the-cyber-is-coming-from-inside-the-house-the-uk-is-scanning-itself/
Episode 349 – The cyber is coming from inside the house – the UK is scanning itself
Josh and Kurt talk about the UK plan to scan their country’s IP space. The purpose and outcome of this isn’t completely clear at this point, but we are hopeful the data can be used as a…Open Source Security