33 min listen
PSW #770 - Brian Behlendorf
PSW #770 - Brian Behlendorf
ratings:
Length:
168 minutes
Released:
Jan 26, 2023
Format:
Podcast episode
Description
This week in the Security News: GetVariable strikes again, attackers could blow up your computer remotely, escaping containers, null-dereferences and faulty evaluations, 31 new CPU vulnerabilities for AMD, a look into Chrome, santa, not-so-secure secure booting, and malware included! Open source is the bedrock of most of the world’s software today, so how to raise the floor on software quality across the industry? First, we need better tools to measure the trustworthiness of code based on objective measures, processes that encourage better security practices by developers, and tools and processes that encourage teamwork and shared responsibility for security. Several efforts are underway in major open source communities to address these issues. At the Open Source Security Foundation (OpenSSF), major companies, open source software maintainers, startup companies and government actors are working together to improve open source software supply chain security. Brian will share his view of this landscape, detail the work being done at the OpenSSF, show where those efforts are already bearing fruit, and demonstrate what you and your organization can (must!) do to participate in these efforts. Segment Resources: https://openssf.org/ Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/psw770
Released:
Jan 26, 2023
Format:
Podcast episode
Titles in the series (100)
Paul's Security Weekly - Special Edition - Mike Poor & Ed Skoudis Interview - Part II: In part II of our interview we discuss: Brazilian hacker groups The physical manifestation of the NOP Sled OS Security/Insecurity, Shmoocon OS X Hack, OS X predictions Apple's move to Intel and its impact on security Bastille for Mac OS X Why not to... by Security Weekly Podcast Network (Audio)