●● IRC: #boycottnovell @ Techrights IRC Network: Tuesday, December 14, 2021 ●● ● Dec 14 [00:00] *liberty_box (~liberty@suig26pxj59pi.irc) has joined #boycottnovell [00:00] *rianne (~rianne@suig26pxj59pi.irc) has joined #boycottnovell [00:04] *rianne has quit (Ping timeout: 2m30s) [00:05] *rianne (~rianne@suig26pxj59pi.irc) has joined #boycottnovell [00:18] *altlink_b4b has quit (connection closed) [00:18] *altlink_2d9 (~altlink_2d9@2f7u5j6f87p9g.irc) has joined #boycottnovell [00:34] *u-amarsh04 has quit (Quit: Konversation terminated!) [00:34] *u-amarsh04 has quit (Quit: Konversation terminated!) [00:39] *u-amarsh04 (~amarsh04@joseon-rmogvn.g0d7.dtdf.mc4289.IP) has joined #boycottnovell [00:39] *u-amarsh04 (~amarsh04@t25x9hgy9xhrc.irc) has joined #boycottnovell [00:43] *altlink_2d9 has quit (connection closed) [00:43] *altlink_fe3 (~altlink_fe3@2f7u5j6f87p9g.irc) has joined #boycottnovell ● Dec 14 [01:56] *wallacer has quit (Ping timeout: 2m30s) [01:56] *wallacer (~quassel@6bsu33ajs4zs4.irc) has joined #boycottnovell ● Dec 14 [02:00] *u-amarsh04 has quit (Quit: Konversation terminated!) [02:00] *u-amarsh04 has quit (Quit: Konversation terminated!) [02:11] *activelow has quit (Ping timeout: 2m30s) [02:12] *activelow (~activelow@q63fhesnpxtc8.irc) has joined #boycottnovell [02:16] *activelow has quit (connection closed) [02:16] *activelow (~activelow@2cz86ibfpnxa6.irc) has joined #boycottnovell ● Dec 14 [04:06] *altlink_fe3 has quit (connection closed) [04:07] *altlink_e5c (~altlink_e5c@2f7u5j6f87p9g.irc) has joined #boycottnovell ● Dec 14 [05:22] *Despatche has quit (Quit: Read error: Connection reset by deer) ● Dec 14 [06:16] *DaemonFC has quit (Quit: Leaving) ● Dec 14 [07:17] schestowitz
[07:17] schestowitzIve talked on this topic before but I realized I never did a proper blog post on the topic. So here it is: how we develop curl to keep it safe. The topic of supply chain security is one that is discussed frequently these days and every so often theres a very well used (open source) component that gets a terrible weakness revealed.
[07:17] -TechrightsBN/#boycottnovell-daniel.haxx.se | Keeping curl safe | daniel.haxx.se [07:17] schestowitzDont get me wrong. Proprietary packages have their share of issues as well, and probably even more so, but for obvious reasons we never get the same transparency, details and insight into those problems and solutions.