(ℹ) Join us now at the IRC channel | ䷉ Find the plain text version at this address (HTTP) or in Gemini (how to use Gemini) with a full GemText version.
| *u-amarsh04 has quit (Quit: Konversation terminated!) | Jan 18 00:49 | |
| *u-amarsh04 (~amarsh04@t3phqsdfxhjau.irc) has joined #techbytes | Jan 18 00:56 | |
| *u-amarsh04 has quit (Quit: Konversation terminated!) | Jan 18 01:14 | |
| *u-amarsh04 (~amarsh04@t3phqsdfxhjau.irc) has joined #techbytes | Jan 18 01:24 | |
| *u-amarsh04 has quit (Quit: Konversation terminated!) | Jan 18 01:46 | |
| *DaemonFC (~daemonfc@r3zgarhjgt6ha.irc) has joined #techbytes | Jan 18 02:19 | |
| *liberty_box has quit (Ping timeout: 2m30s) | Jan 18 02:50 | |
| *rianne_ has quit (Ping timeout: 2m30s) | Jan 18 02:50 | |
| *rianne has quit (Ping timeout: 120 seconds) | Jan 18 02:51 | |
| libertybox | yes, checking | Jan 18 03:03 |
|---|---|---|
| *SomeH4x0r has quit (Ping timeout: 2m30s) | Jan 18 03:08 | |
| *liberty_box (~liberty@suig26pxj59pi.irc) has joined #techbytes | Jan 18 03:11 | |
| *rianne_ (~rianne@suig26pxj59pi.irc) has joined #techbytes | Jan 18 03:11 | |
| *rianne (~rianne@joseon-jhg.17c.k31cok.IP) has joined #techbytes | Jan 18 03:11 | |
| *SomeH4x0r (~someh4xx@vbku88433t7ju.irc) has joined #techbytes | Jan 18 03:18 | |
| *Despatche has quit (Quit: Read error: Connection reset by deer) | Jan 18 04:10 | |
| *Despatche (~desp@u3xy9z2ifjzci.irc) has joined #techbytes | Jan 18 04:10 | |
| *GNUmoon2 has quit (Ping timeout: 2m30s) | Jan 18 06:41 | |
| *DaemonFC has quit (Quit: Leaving) | Jan 18 06:41 | |
| *GNUmoon2 (~GNUmoon@bsgdwgkyty4d4.irc) has joined #techbytes | Jan 18 07:28 | |
| *psydroid4 (~psydroid@cqggrmwgu7gji.irc) has joined #techbytes | Jan 18 08:35 | |
| schestowitz | <li> | Jan 18 09:07 |
| schestowitz | <h5><a href="https://daniel.haxx.se/blog/2022/01/17/enforcing-the-pyramid-of-open-source/">Enforcing the pyramid of Open Source</a></h5> | Jan 18 09:07 |
| schestowitz | <blockquote> | Jan 18 09:07 |
| schestowitz | <p>The well-known log4j security vulnerability of December 2021 triggered a lot of renewed discussions around software supply chain security, and sometimes it has also been said to be an Open Source related issue.</p> | Jan 18 09:07 |
| -TechBytesBot/#techbytes-daniel.haxx.se | Enforcing the pyramid of Open Source | daniel.haxx.se | Jan 18 09:07 | |
| schestowitz | <p>This was not the first software component to have a serious security flaw, and it will not be the last.</p> | Jan 18 09:07 |
| schestowitz | <p>This is the 10,000 dollar question that is really hard to answer. In this post I hope to help putting some light on to why it is such a hard problem. This comes from my view as an Open Source author and contributor since almost three decades now.</p> | Jan 18 09:07 |
| schestowitz | <p>In this post I’m going to talk about security as in how we make our products have less bugs in the code we write and land on purpose. There is also a lot to be said about infrastructure problems such as consumers not verifying dependencies so that when malicious actors purposely destroy a component, users of that don’t notice the problem or supply chain security issues that risk letting bad actors insert malicious code | Jan 18 09:07 |
| schestowitz | into components. But those are not covered in this blog post!</p></blockquote></li> | Jan 18 09:07 |
| *tech_exorcist (~tech_exorcist@m6nw7kksfxxss.irc) has joined #techbytes | Jan 18 12:30 | |
| *u-amarsh04 (~amarsh04@zd9ersed554wu.irc) has joined #techbytes | Jan 18 13:01 | |
| schestowitz | https://nitter.eu/robertcaruso/status/148278495140?22 | Jan 18 13:14 |
| -TechBytesBot/#techbytes- ( status 404 @ https://nitter.eu/robertcaruso/status/148278495140?22 ) | Jan 18 13:14 | |
| *leah has quit (Quit: WeeChat 3.3) | Jan 18 13:26 | |
| *SomeH4x0r has quit (Ping timeout: 2m30s) | Jan 18 13:27 | |
| *SomeH4x0r (~someh4xx@6e45g5qtaw8zu.irc) has joined #techbytes | Jan 18 13:30 | |
| *leah (~leah@wrh2nipuzrd3y.irc) has joined #techbytes | Jan 18 13:38 | |
| *SomeH4x0r has quit (Ping timeout: 2m30s) | Jan 18 13:38 | |
| *SomeH4x0r (~someh4xx@sctsjmg96zkru.irc) has joined #techbytes | Jan 18 13:47 | |
| *SomeH4x0r has quit (Ping timeout: 2m30s) | Jan 18 14:04 | |
| *SomeH4x0r (~someh4xx@gbgr2jcp6yrt2.irc) has joined #techbytes | Jan 18 14:08 | |
| *Despatche has quit (Quit: Read error: Connection reset by deer) | Jan 18 14:10 | |
| *u-amarsh04 has quit (Quit: Konversation terminated!) | Jan 18 15:03 | |
| *u-amarsh04 (~amarsh04@zd9ersed554wu.irc) has joined #techbytes | Jan 18 15:09 | |
| *blitzed (~blitzed@6vjnihvu3smkn.irc) has joined #techbytes | Jan 18 15:58 | |
| *Despatche (~desp@u3xy9z2ifjzci.irc) has joined #techbytes | Jan 18 16:27 | |
| *DaemonFC (~daemonfc@iirggctgfpx8e.irc) has joined #techbytes | Jan 18 18:26 | |
| *DaemonFC has quit (Quit: Leaving) | Jan 18 19:50 | |
| schestowitz | https://twitter.com/iyer_venki/status/1482639855494758405 | Jan 18 20:11 |
| -TechBytesBot/#techbytes-@iyer_venki: @schestowitz I am sure the number of 20 is grossly "understated". | Jan 18 20:11 | |
| schestowitz | > Hi Roy, | Jan 18 20:11 |
| schestowitz | > | Jan 18 20:11 |
| schestowitz | > thanks for posting. | Jan 18 20:11 |
| schestowitz | > | Jan 18 20:11 |
| schestowitz | > Do you feel like a call some time this week (Right now I have a | Jan 18 20:11 |
| schestowitz | > horrible cold, but I am up for a link up if you like)? | Jan 18 20:11 |
| schestowitz | yes, we can definitely do that. Want to use mumble (hosted by us)? | Jan 18 20:11 |
| schestowitz | >> By week's end I hope all will work as well as before or even better. | Jan 18 20:11 |
| schestowitz | > Yeah, things are never quite so secure and organised as right after | Jan 18 20:11 |
| schestowitz | > incident cleanup. | Jan 18 20:12 |
| schestowitz | Well, it was a hardware failure, but package upgrades and OS upgrades make us more secure too. At the moment I do an article explaining what happened. | Jan 18 20:12 |
| schestowitz | Re: jailed | Jan 18 20:13 |
| schestowitz | > https://truecrimenewsweekly.com/tag/shane-dowling/ | Jan 18 20:13 |
| schestowitz | > | Jan 18 20:13 |
| -TechBytesBot/#techbytes-truecrimenewsweekly.com | Shane Dowling – True Crime News Weekly | Jan 18 20:13 | |
| schestowitz | > Shane's page: | Jan 18 20:13 |
| schestowitz | > | Jan 18 20:13 |
| schestowitz | > https://kangaroocourtofaustralia.com/ | Jan 18 20:13 |
| -TechBytesBot/#techbytes-kangaroocourtofaustralia.com | Kangaroo Court of Australia - Why rent a lawyer when you can buy a judge | Jan 18 20:13 | |
| schestowitz | > | Jan 18 20:13 |
| schestowitz | > It hasn't changed since 19 December so maybe the police found him | Jan 18 20:13 |
| schestowitz | > | Jan 18 20:13 |
| schestowitz | > https://michaelsmithnews.typepad.com/.a/6a0177444b0c2e970d02788045bb3f200d-pi | Jan 18 20:13 |
| schestowitz | > | Jan 18 20:13 |
| schestowitz | > | Jan 18 20:13 |
| schestowitz | > People complain that a lot of his claims are not backed by any evidence | Jan 18 20:13 |
| schestowitz | > at all. I had that perception too but occasionally something genuine | Jan 18 20:13 |
| schestowitz | > appears. | Jan 18 20:13 |
| schestowitz | > | Jan 18 20:13 |
| schestowitz | > When he did publish some secret court documents as evidence they locked | Jan 18 20:13 |
| schestowitz | > him up for contempt of court | Jan 18 20:13 |
| schestowitz | > | Jan 18 20:13 |
| schestowitz | > So a Kangaroo Court shut down kangaroocourtofaustralia.com | Jan 18 20:13 |
| schestowitz | > | Jan 18 20:13 |
| schestowitz | > Australia is run like a free software organization. Or an open source | Jan 18 20:13 |
| schestowitz | > community. | Jan 18 20:13 |
| schestowitz | Nobody in "the media" covers this: | Jan 18 20:13 |
| schestowitz | http://techrights.org/2022/01/05/police-texas-graveley/ | Jan 18 20:13 |
| -TechBytesBot/#techbytes-techrights.org | Head of GitHub Copilot Arrested | Techrights | Jan 18 20:13 | |
| *GNUmoon2 has quit (Ping timeout: 2m30s) | Jan 18 21:10 | |
| *GNUmoon2 (~GNUmoon@s3gpcdb5iajbw.irc) has joined #techbytes | Jan 18 22:03 | |
| *tech_exorcist has quit (Quit: Disconnecting) | Jan 18 22:19 | |
| *GNUmoon2 has quit (Ping timeout: 2m30s) | Jan 18 22:32 | |
| *GNUmoon2 (~GNUmoon@ecz2t3b69tp9n.irc) has joined #techbytes | Jan 18 22:34 | |
Generated by irclog2html.py 2.6 | ䷉ find the plain text version at this address (HTTP) or in Gemini (how to use Gemini) with a full GemText version.