Security Requires Thinking (His Monkey, His Circus)
Episode 212 · January 26th, 2021 · 49 mins 59 secs
About this Episode
This week Dave and Gunnar talk with Dr. David A. Wheeler about what’s new at the Linux Foundation, a brand-new free course on developing secure software, some survey results, and recent news concerning SolarWinds.
- Open Source Security Foundation (OpenSSF) of the Linux Foundation replaces the Core Infrastructure Initiative (CII) and has several working groups
- Secure Software Development Fundamentals Courses
- The Linux Foundation’s Core Infrastructure Initiative (CII) Badge Program is now part of the OpenSSF Best Practices Working Group
- Project statistics, now >3,500 participating projects & >500 passing badges
- If you develop OSS, make sure your projects are pursuing a badge
- “Report on the 2020 FOSS Contributor Survey” - these are the RESULTS of the survey call we discussed last time - THANK YOU to everyone who participated in the contributor survey
- If you’re interested, please join!
- The Linux Foundation (other than OpenSSF)
- Linux Foundation Energy
- Linux Foundation Public Health
- The Linux Foundation Public Health Initiative Sponsored the Audit of COVID Exposure Notification Apps. Here Are The Results! (OSTIF) - “Because of these two reviews, both applications have had improvements implemented to correct potential issues. This review provides assurances that the applications are generally safe and private.”
- Reproducible Builds in December 2020
- Preventing Supply Chain Attacks like SolarWinds
- Be sure to visit David on the internet at dwheeler.com!
We Give Thanks
- Dr. David A. Wheeler for being our special guest star!