Episode 212: Security Requires Thinking (His Monkey, His Circus)

David Egts & Gunnar Hellekson — Tue, 26 Jan 2021 06:00:00 -0600

This week Dave and Gunnar talk with Dr. David A. Wheeler about what’s new at the Linux Foundation, a brand-new free course on developing secure software, some survey results, and recent news concerning SolarWinds.

Open Source Security Foundation (OpenSSF) of the Linux Foundation replaces the Core Infrastructure Initiative (CII) and has several working groups
- Secure Software Development Fundamentals Courses
- The Linux Foundation’s Core Infrastructure Initiative (CII) Badge Program is now part of the OpenSSF Best Practices Working Group
  - Project statistics, now >3,500 participating projects & >500 passing badges
  - If you develop OSS, make sure your projects are pursuing a badge
- “Report on the 2020 FOSS Contributor Survey” - these are the RESULTS of the survey call we discussed last time - THANK YOU to everyone who participated in the contributor survey
- If you’re interested, please join!
The Linux Foundation (other than OpenSSF)
- Linux Foundation Energy
- Linux Foundation Public Health
  - The Linux Foundation Public Health Initiative Sponsored the Audit of COVID Exposure Notification Apps. Here Are The Results! (OSTIF) - “Because of these two reviews, both applications have had improvements implemented to correct potential issues. This review provides assurances that the applications are generally safe and private.”
Reproducible Builds in December 2020
Preventing Supply Chain Attacks like SolarWinds
Be sure to visit David on the internet at dwheeler.com!

We Give Thanks

Dr. David A. Wheeler for being our special guest star!

Special Guest: David A. Wheeler.

Dave & Gunnar Show - Episodes Tagged with “Foss Contributor Survey”

Episode 212: Security Requires Thinking (His Monkey, His Circus)