●● IRC: #techbytes @ Techrights IRC Network: Tuesday, January 18, 2022 ●●
● Jan 18
[00:49]		*u-amarsh04 has quit (Quit: Konversation terminated!)
[00:56]		*u-amarsh04 (~amarsh04@t3phqsdfxhjau.irc) has joined #techbytes
● Jan 18
[01:14]		*u-amarsh04 has quit (Quit: Konversation terminated!)
[01:24]		*u-amarsh04 (~amarsh04@t3phqsdfxhjau.irc) has joined #techbytes
[01:46]		*u-amarsh04 has quit (Quit: Konversation terminated!)
● Jan 18
[02:19]		*DaemonFC (~daemonfc@r3zgarhjgt6ha.irc) has joined #techbytes
[02:50]		*liberty_box has quit (Ping timeout: 2m30s)
[02:50]		*rianne_ has quit (Ping timeout: 2m30s)
[02:51]		*rianne has quit (Ping timeout: 120 seconds)
● Jan 18
[03:03]	libertybox	yes, checking
[03:08]		*SomeH4x0r has quit (Ping timeout: 2m30s)
[03:11]		*liberty_box (~liberty@suig26pxj59pi.irc) has joined #techbytes
[03:11]		*rianne_ (~rianne@suig26pxj59pi.irc) has joined #techbytes
[03:11]		*rianne (~rianne@joseon-jhg.17c.k31cok.IP) has joined #techbytes
[03:18]		*SomeH4x0r (~someh4xx@vbku88433t7ju.irc) has joined #techbytes
● Jan 18
[04:10]		*Despatche has quit (Quit: Read error: Connection reset by deer)
[04:10]		*Despatche (~desp@u3xy9z2ifjzci.irc) has joined #techbytes
● Jan 18
[06:41]		*GNUmoon2 has quit (Ping timeout: 2m30s)
[06:41]		*DaemonFC has quit (Quit: Leaving)
● Jan 18
[07:28]		*GNUmoon2 (~GNUmoon@bsgdwgkyty4d4.irc) has joined #techbytes
● Jan 18
[08:35]		*psydroid4 (~psydroid@cqggrmwgu7gji.irc) has joined #techbytes
● Jan 18
[09:07]	schestowitz	   <li>
[09:07]	schestowitz	                  <h5><a href="https://daniel.haxx.se/blog/2022/01/17/enforcing-the-pyramid-of-open-source/">Enforcing the pyramid of Open Source</a></h5>
[09:07]	schestowitz	                  <blockquote>
[09:07]	schestowitz	                    <p>The well-known log4j security vulnerability of December 2021 triggered a lot of renewed discussions around software supply chain security, and sometimes it has also been said to be an Open Source related issue.</p>
[09:07]		-TechBytesBot/#techbytes-daniel.haxx.se | Enforcing the pyramid of Open Source | daniel.haxx.se
[09:07]	schestowitz	                    <p>This was not the first software component to have a serious security flaw, and it will not be the last.</p>
[09:07]	schestowitz	                    <p>This is the 10,000 dollar question that is really hard to answer. In this post I hope to help putting some light on to why it is such a hard problem. This comes from my view as an Open Source author and contributor since almost three decades now.</p>
[09:07]	schestowitz	                    <p>In this post Im going to talk about security as in how we make our products have less bugs in the code we write and land on purpose. There is also a lot to be said about infrastructure problems such as consumers not verifying dependencies so that when malicious actors purposely destroy a component, users of that dont notice the problem or supply chain security issues that risk letting bad actors insert malicious code 
[09:07]	schestowitz	into components. But those are not covered in this blog post!</p></blockquote></li>
● Jan 18
[12:30]		*tech_exorcist (~tech_exorcist@m6nw7kksfxxss.irc) has joined #techbytes
● Jan 18
[13:01]		*u-amarsh04 (~amarsh04@zd9ersed554wu.irc) has joined #techbytes
[13:14]	schestowitz	https://nitter.eu/robertcaruso/status/148278495140?22
[13:14]		-TechBytesBot/#techbytes- ( status 404 @ https://nitter.eu/robertcaruso/status/148278495140?22 )
[13:26]		*leah has quit (Quit: WeeChat 3.3)
[13:27]		*SomeH4x0r has quit (Ping timeout: 2m30s)
[13:30]		*SomeH4x0r (~someh4xx@6e45g5qtaw8zu.irc) has joined #techbytes
[13:38]		*leah (~leah@wrh2nipuzrd3y.irc) has joined #techbytes
[13:38]		*SomeH4x0r has quit (Ping timeout: 2m30s)
[13:47]		*SomeH4x0r (~someh4xx@sctsjmg96zkru.irc) has joined #techbytes
● Jan 18
[14:04]		*SomeH4x0r has quit (Ping timeout: 2m30s)
[14:08]		*SomeH4x0r (~someh4xx@gbgr2jcp6yrt2.irc) has joined #techbytes
[14:10]		*Despatche has quit (Quit: Read error: Connection reset by deer)
● Jan 18
[15:03]		*u-amarsh04 has quit (Quit: Konversation terminated!)
[15:09]		*u-amarsh04 (~amarsh04@zd9ersed554wu.irc) has joined #techbytes
[15:58]		*blitzed (~blitzed@6vjnihvu3smkn.irc) has joined #techbytes
● Jan 18
[16:27]		*Despatche (~desp@u3xy9z2ifjzci.irc) has joined #techbytes
● Jan 18
[18:26]		*DaemonFC (~daemonfc@iirggctgfpx8e.irc) has joined #techbytes
● Jan 18
[19:50]		*DaemonFC has quit (Quit: Leaving)
● Jan 18
[20:11]	schestowitz	https://twitter.com/iyer_venki/status/1482639855494758405
[20:11]		-TechBytesBot/#techbytes-@iyer_venki: @schestowitz I am sure the number of 20 is grossly "understated".
[20:11]	schestowitz	> Hi Roy,
[20:11]	schestowitz	> 
[20:11]	schestowitz	> thanks for posting.
[20:11]	schestowitz	> 
[20:11]	schestowitz	> Do you feel like a call some time this week (Right now I have a
[20:11]	schestowitz	> horrible cold, but I am up for a link up if you like)?
[20:11]	schestowitz	yes, we can definitely do that. Want to use mumble (hosted by us)?
[20:11]	schestowitz	>> By week's end I hope all will work as well as before or even better.
[20:11]	schestowitz	> Yeah, things are never quite so secure and organised as right after
[20:12]	schestowitz	> incident cleanup.
[20:12]	schestowitz	Well, it was a hardware failure, but package upgrades and OS upgrades make us more secure too. At the moment I do an article explaining what happened.
[20:13]	schestowitz	Re: jailed
[20:13]	schestowitz	> https://truecrimenewsweekly.com/tag/shane-dowling/
[20:13]	schestowitz	> 
[20:13]		-TechBytesBot/#techbytes-truecrimenewsweekly.com | Shane Dowling True Crime News Weekly
[20:13]	schestowitz	> Shane's page:
[20:13]	schestowitz	> 
[20:13]	schestowitz	> https://kangaroocourtofaustralia.com/
[20:13]		-TechBytesBot/#techbytes-kangaroocourtofaustralia.com | Kangaroo Court of Australia - Why rent a lawyer when you can buy a judge
[20:13]	schestowitz	> 
[20:13]	schestowitz	> It hasn't changed since 19 December so maybe the police found him
[20:13]	schestowitz	> 
[20:13]	schestowitz	> https://michaelsmithnews.typepad.com/.a/6a0177444b0c2e970d02788045bb3f200d-pi
[20:13]	schestowitz	> 
[20:13]	schestowitz	> 
[20:13]	schestowitz	> People complain that a lot of his claims are not backed by any evidence
[20:13]	schestowitz	> at all.  I had that perception too but occasionally something genuine
[20:13]	schestowitz	> appears.
[20:13]	schestowitz	> 
[20:13]	schestowitz	> When he did publish some secret court documents as evidence they locked
[20:13]	schestowitz	> him up for contempt of court
[20:13]	schestowitz	> 
[20:13]	schestowitz	> So a Kangaroo Court shut down kangaroocourtofaustralia.com
[20:13]	schestowitz	> 
[20:13]	schestowitz	> Australia is run like a free software organization.  Or an open source
[20:13]	schestowitz	> community.
[20:13]	schestowitz	Nobody in "the media" covers this:
[20:13]	schestowitz	http://techrights.org/2022/01/05/police-texas-graveley/
[20:13]		-TechBytesBot/#techbytes-techrights.org | Head of GitHub Copilot Arrested | Techrights
● Jan 18
[21:10]		*GNUmoon2 has quit (Ping timeout: 2m30s)
● Jan 18
[22:03]		*GNUmoon2 (~GNUmoon@s3gpcdb5iajbw.irc) has joined #techbytes
[22:19]		*tech_exorcist has quit (Quit: Disconnecting)
[22:32]		*GNUmoon2 has quit (Ping timeout: 2m30s)
[22:34]		*GNUmoon2 (~GNUmoon@ecz2t3b69tp9n.irc) has joined #techbytes