Security Requires Thinking (His Monkey, His Circus)
January 26th, 2021
49 mins 59 secs
About this Episode
This week Dave and Gunnar talk with Dr. David A. Wheeler about what’s new at the Linux Foundation, a brand-new free course on developing secure software, some survey results, and recent news concerning SolarWinds.
- Open Source Security Foundation (OpenSSF) of the Linux Foundation replaces the Core Infrastructure Initiative (CII) and has several working groups
- Secure Software Development Fundamentals Courses
- The Linux Foundation’s Core Infrastructure Initiative (CII) Badge Program is now part of the OpenSSF Best Practices Working Group
- Project statistics, now >3,500 participating projects & >500 passing badges
- If you develop OSS, make sure your projects are pursuing a badge
- “Report on the 2020 FOSS Contributor Survey” - these are the RESULTS of the survey call we discussed last time - THANK YOU to everyone who participated in the contributor survey
- If you’re interested, please join!
- The Linux Foundation (other than OpenSSF)
- Linux Foundation Energy
- Linux Foundation Public Health
- The Linux Foundation Public Health Initiative Sponsored the Audit of COVID Exposure Notification Apps. Here Are The Results! (OSTIF) - “Because of these two reviews, both applications have had improvements implemented to correct potential issues. This review provides assurances that the applications are generally safe and private.”
- Reproducible Builds in December 2020
- Preventing Supply Chain Attacks like SolarWinds
- Be sure to visit David on the internet at dwheeler.com!
We Give Thanks
- Dr. David A. Wheeler for being our special guest star!