Open Source Security
Teknologi

Open Source Security

Open Source Security is a media project to help showcase and educate on open source security. Our goal is to give the community a platform educate both developers and users on how open source security works. There's a lot of good work happening that doesn't get attention because there's no marketing department behind it, they don't have a developer relations team posting on LinkedIn every two hours. Let's focus on those people and teams then learn what they do and how they do it. The goal is to hear from the people doing the work, they know what's up, they have a lot to teach us. We just have to listen.

Episoder(527)

Episode 334 - Leap seconds break everything

Episode 334 - Leap seconds break everything

Josh and Kurt talk about leap seconds. Every time there's a leap second, things break. Facebook wants to get rid of them because they break computers, but Google found a clever way to keep leap second...

1 Aug 202232min

Episode 333 - Open Source is unfair

Episode 333 - Open Source is unfair

Josh and Kurt talk about Microsoft creating a policy of not allowing anyone to charge for open source in their app store. This policy was walked back quickly, but it raises some questions about how fa...

25 Jul 202234min

Episode 332 - PyPI: 2FA or not 2FA, that is the question

Episode 332 - PyPI: 2FA or not 2FA, that is the question

Josh and Kurt talk about PyPI mandating two factor authentication for the top 1% of projects. It feels like a simple idea, but it's not when you start to think about it. What problems does 2FA solve? ...

18 Jul 202239min

Episode 331 - GPG, but nothing makes sense

Episode 331 - GPG, but nothing makes sense

Josh and Kurt talk about their very silly GPG key management from the past. This is sadly a very true story that details how both Kurt and Josh protected their GPG keys. Josh's setup is like something...

11 Jul 202235min

Episode 330 - The sliding scale of risk: seeing the forest for the trees

Episode 330 - The sliding scale of risk: seeing the forest for the trees

Josh and Kurt talk about the challenge of dealing with vulnerabilities at a large scale. We tend to treat every vulnerability equally when they are not equal at all. Some are trees we have to pay very...

4 Jul 202238min

Episode 329 - Signing (What is it good for)

Episode 329 - Signing (What is it good for)

Josh and Kurt talk about what the actual purpose of signing artifacts is. This is one of those spaces where the chain of custody for signing content is a lot more complicated than it sometimes seems t...

27 Jun 202230min

Episode 328 - The Security of Jobs or Job Security

Episode 328 - The Security of Jobs or Job Security

Josh and Kurt talk about the security of employees leaving jobs. Be it a voluntary departure or in the context of the current layoffs we see, what are the security implications of having to remove acc...

20 Jun 202229min

Episode 327 - The security of alert fatigue

Episode 327 - The security of alert fatigue

Josh and Kurt talk about a funny GitHub reply that notified 400,000 people. It's fun to laugh at this, but it's an easy open to discussing alert fatigue and why it's important to be very mindful of ou...

13 Jun 202234min

Populært innen Teknologi

lydartikler-fra-aftenposten
romkapsel
tomprat-med-gunnar-tjomlid
teknisk-sett
energi-og-klima
elektropodden
shifter
fornybaren
nasjonal-sikkerhetsmyndighet-nsm
rss-impressions-2
hans-petter-og-co
rss-ai-forklart
smart-forklart
rss-bouvet-bobler
teknologi-og-mennesker
kunstig-intelligens-med-morten-goodwin
rss-grenser-for-ki
rss-alt-som-gar-pa-strom
pedagogisk-intelligens
rss-a-entelios-poden