=> back to Techrights (Main Index)
00:49 *u-amarsh04 has quit (Quit: Konversation terminated!)
00:56 *u-amarsh04 (~amarsh04@t3phqsdfxhjau.irc) has joined #techbytes
01:14 *u-amarsh04 has quit (Quit: Konversation terminated!)
01:24 *u-amarsh04 (~amarsh04@t3phqsdfxhjau.irc) has joined #techbytes
01:46 *u-amarsh04 has quit (Quit: Konversation terminated!)
02:19 *DaemonFC (~daemonfc@r3zgarhjgt6ha.irc) has joined #techbytes
02:50 *liberty_box has quit (Ping timeout: 2m30s)
02:50 *rianne_ has quit (Ping timeout: 2m30s)
02:51 *rianne has quit (Ping timeout: 120 seconds)
03:03 libertybox; yes, checking
03:08 *SomeH4x0r has quit (Ping timeout: 2m30s)
03:11 *liberty_box (~liberty@suig26pxj59pi.irc) has joined #techbytes
03:11 *rianne_ (~rianne@suig26pxj59pi.irc) has joined #techbytes
03:11 *rianne (~rianne@joseon-jhg.17c.k31cok.IP) has joined #techbytes
03:18 *SomeH4x0r (~someh4xx@vbku88433t7ju.irc) has joined #techbytes
04:10 *Despatche has quit (Quit: Read error: Connection reset by deer)
04:10 *Despatche (~desp@u3xy9z2ifjzci.irc) has joined #techbytes
06:41 *GNUmoon2 has quit (Ping timeout: 2m30s)
06:41 *DaemonFC has quit (Quit: Leaving)
07:28 *GNUmoon2 (~GNUmoon@bsgdwgkyty4d4.irc) has joined #techbytes
08:35 *psydroid4 (~psydroid@cqggrmwgu7gji.irc) has joined #techbytes
09:07 schestowitz;
09:07 schestowitz; Enforcing the pyramid of Open Source
=> Enforcing">↺ https://daniel.haxx.se/blog/2022/01/17/enforcing-the-pyramid-of-open-source/">Enforcing
09:07 schestowitz;
09:07 schestowitz; The well-known log4j security vulnerability of December 2021 triggered a lot of renewed discussions around software supply chain security, and sometimes it has also been said to be an Open Source related issue.
09:07 -TechBytesBot/#techbytes-daniel.haxx.se | Enforcing the pyramid of Open Source | daniel.haxx.se
09:07 schestowitz; This was not the first software component to have a serious security flaw, and it will not be the last.
09:07 schestowitz; This is the 10,000 dollar question that is really hard to answer. In this post I hope to help putting some light on to why it is such a hard problem. This comes from my view as an Open Source author and contributor since almost three decades now.
09:07 schestowitz; In this post Im going to talk about security as in how we make our products have less bugs in the code we write and land on purpose. There is also a lot to be said about infrastructure problems such as consumers not verifying dependencies so that when malicious actors purposely destroy a component, users of that dont notice the problem or supply chain security issues that risk letting bad actors insert malicious code
09:07 schestowitz; into components. But those are not covered in this blog post!
12:30 *tech_exorcist (~tech_exorcist@m6nw7kksfxxss.irc) has joined #techbytes
13:01 *u-amarsh04 (~amarsh04@zd9ersed554wu.irc) has joined #techbytes
13:14 schestowitz; https://nitter.eu/robertcaruso/status/148278495140?22
=> ↺ https://nitter.eu/robertcaruso/status/148278495140?22
13:14 -TechBytesBot/#techbytes- ( status 404 @ https://nitter.eu/robertcaruso/status/148278495140?22 )
=> ↺ https://nitter.eu/robertcaruso/status/148278495140?22
13:26 *leah has quit (Quit: WeeChat 3.3)
13:27 *SomeH4x0r has quit (Ping timeout: 2m30s)
13:30 *SomeH4x0r (~someh4xx@6e45g5qtaw8zu.irc) has joined #techbytes
13:38 *leah (~leah@wrh2nipuzrd3y.irc) has joined #techbytes
13:38 *SomeH4x0r has quit (Ping timeout: 2m30s)
13:47 *SomeH4x0r (~someh4xx@sctsjmg96zkru.irc) has joined #techbytes
14:04 *SomeH4x0r has quit (Ping timeout: 2m30s)
14:08 *SomeH4x0r (~someh4xx@gbgr2jcp6yrt2.irc) has joined #techbytes
14:10 *Despatche has quit (Quit: Read error: Connection reset by deer)
15:03 *u-amarsh04 has quit (Quit: Konversation terminated!)
15:09 *u-amarsh04 (~amarsh04@zd9ersed554wu.irc) has joined #techbytes
15:58 *blitzed (~blitzed@6vjnihvu3smkn.irc) has joined #techbytes
16:27 *Despatche (~desp@u3xy9z2ifjzci.irc) has joined #techbytes
18:26 *DaemonFC (~daemonfc@iirggctgfpx8e.irc) has joined #techbytes
19:50 *DaemonFC has quit (Quit: Leaving)
20:11 schestowitz; https://twitter.com/iyer_venki/status/1482639855494758405
=> ↺ https://twitter.com/iyer_venki/status/1482639855494758405
20:11 -TechBytesBot/#techbytes-@iyer_venki: @schestowitz I am sure the number of 20 is grossly "understated".
20:11 schestowitz; > Hi Roy,
20:11 schestowitz; >
20:11 schestowitz; > thanks for posting.
20:11 schestowitz; >
20:11 schestowitz; > Do you feel like a call some time this week (Right now I have a
20:11 schestowitz; > horrible cold, but I am up for a link up if you like)?
20:11 schestowitz; yes, we can definitely do that. Want to use mumble (hosted by us)?
20:11 schestowitz; >> By week's end I hope all will work as well as before or even better.
20:11 schestowitz; > Yeah, things are never quite so secure and organised as right after
20:12 schestowitz; > incident cleanup.
20:12 schestowitz; Well, it was a hardware failure, but package upgrades and OS upgrades make us more secure too. At the moment I do an article explaining what happened.
20:13 schestowitz; Re: jailed
20:13 schestowitz; > https://truecrimenewsweekly.com/tag/shane-dowling/
=> ↺ https://truecrimenewsweekly.com/tag/shane-dowling/
20:13 schestowitz; >
20:13 -TechBytesBot/#techbytes-truecrimenewsweekly.com | Shane Dowling True Crime News Weekly
20:13 schestowitz; > Shane's page:
20:13 schestowitz; >
20:13 schestowitz; > https://kangaroocourtofaustralia.com/
=> ↺ https://kangaroocourtofaustralia.com/
20:13 -TechBytesBot/#techbytes-kangaroocourtofaustralia.com | Kangaroo Court of Australia - Why rent a lawyer when you can buy a judge
20:13 schestowitz; >
20:13 schestowitz; > It hasn't changed since 19 December so maybe the police found him
20:13 schestowitz; >
20:13 schestowitz; > https://michaelsmithnews.typepad.com/.a/6a0177444b0c2e970d02788045bb3f200d-pi
=> ↺ https://michaelsmithnews.typepad.com/.a/6a0177444b0c2e970d02788045bb3f200d-pi
20:13 schestowitz; >
20:13 schestowitz; >
20:13 schestowitz; > People complain that a lot of his claims are not backed by any evidence
20:13 schestowitz; > at all. I had that perception too but occasionally something genuine
20:13 schestowitz; > appears.
20:13 schestowitz; >
20:13 schestowitz; > When he did publish some secret court documents as evidence they locked
20:13 schestowitz; > him up for contempt of court
20:13 schestowitz; >
20:13 schestowitz; > So a Kangaroo Court shut down kangaroocourtofaustralia.com
20:13 schestowitz; >
20:13 schestowitz; > Australia is run like a free software organization. Or an open source
20:13 schestowitz; > community.
20:13 schestowitz; Nobody in "the media" covers this:
20:13 schestowitz; http://techrights.org/2022/01/05/police-texas-graveley/
=> http://techrights.org/2022/01/05/police-texas-graveley/
20:13 -TechBytesBot/#techbytes-techrights.org | Head of GitHub Copilot Arrested | Techrights
21:10 *GNUmoon2 has quit (Ping timeout: 2m30s)
22:03 *GNUmoon2 (~GNUmoon@s3gpcdb5iajbw.irc) has joined #techbytes
22:19 *tech_exorcist has quit (Quit: Disconnecting)
22:32 *GNUmoon2 has quit (Ping timeout: 2m30s)
22:34 *GNUmoon2 (~GNUmoon@ecz2t3b69tp9n.irc) has joined #techbytes
=> back to Techrights (Main Index) This content has been proxied by September (ba2dc).Proxy Information
text/gemini;lang=en-GB