ZARZA We are Zarza, the prestigious firm behind major projects in information technology.
Listen "Episode 212: Security Requires Thinking (His Monkey, His Circus)"
Episode Synopsis
This week Dave (https://twitter.com/davidegts) and Gunnar (http://atechnologyjobisnoexcuse.com/about) talk with Dr. David A. Wheeler (https://twitter.com/drdavidawheeler) about what’s new at the Linux Foundation, a brand-new free course on developing secure software, some survey results, and recent news concerning SolarWinds.
Open Source Security Foundation (OpenSSF) (https://openssf.org/) of the Linux Foundation replaces the Core Infrastructure Initiative (CII) and has several working groups
Secure Software Development Fundamentals Courses (https://openssf.org/edx-courses/)
The Linux Foundation’s Core Infrastructure Initiative (CII) Badge Program (https://bestpractices.coreinfrastructure.org/en) is now part of the OpenSSF Best Practices Working Group
Project statistics (https://bestpractices.coreinfrastructure.org/project_stats), now >3,500 participating projects & >500 passing badges
If you develop OSS, make sure your projects are pursuing a badge (https://bestpractices.coreinfrastructure.org/)
“Report on the 2020 FOSS Contributor Survey” (https://www.linuxfoundation.org/en/press-release/new-open-source-contributor-report-from-linux-foundation-and-harvard-identifies-motivations-and-opportunities-for-improving-software-security/) - these are the RESULTS of the survey call we discussed last time - THANK YOU to everyone who participated in the contributor survey
If you’re interested, please join!
The Linux Foundation (https://www.linuxfoundation.org/) (other than OpenSSF)
Linux Foundation Energy (https://www.lfenergy.org/)
Linux Foundation Public Health (https://www.lfph.io/)
The Linux Foundation Public Health Initiative Sponsored the Audit of COVID Exposure Notification Apps. Here Are The Results! (OSTIF) (https://ostif.org/the-linux-foundation-public-health-initiative-sponsored-the-audit-of-covid-exposure-notification-apps-here-are-the-results/) - “Because of these two reviews, both applications have had improvements implemented to correct potential issues. This review provides assurances that the applications are generally safe and private.”
Reproducible Builds in December 2020 (https://reproducible-builds.org/reports/2020-12/)
Preventing Supply Chain Attacks like SolarWinds (https://www.linuxfoundation.org/en/blog/preventing-supply-chain-attacks-like-solarwinds/)
Be sure to visit David on the internet at dwheeler.com (https://dwheeler.com/)!
We Give Thanks
* Dr. David A. Wheeler (https://twitter.com/drdavidawheeler) for being our special guest star! Special Guest: David A. Wheeler.
Open Source Security Foundation (OpenSSF) (https://openssf.org/) of the Linux Foundation replaces the Core Infrastructure Initiative (CII) and has several working groups
Secure Software Development Fundamentals Courses (https://openssf.org/edx-courses/)
The Linux Foundation’s Core Infrastructure Initiative (CII) Badge Program (https://bestpractices.coreinfrastructure.org/en) is now part of the OpenSSF Best Practices Working Group
Project statistics (https://bestpractices.coreinfrastructure.org/project_stats), now >3,500 participating projects & >500 passing badges
If you develop OSS, make sure your projects are pursuing a badge (https://bestpractices.coreinfrastructure.org/)
“Report on the 2020 FOSS Contributor Survey” (https://www.linuxfoundation.org/en/press-release/new-open-source-contributor-report-from-linux-foundation-and-harvard-identifies-motivations-and-opportunities-for-improving-software-security/) - these are the RESULTS of the survey call we discussed last time - THANK YOU to everyone who participated in the contributor survey
If you’re interested, please join!
The Linux Foundation (https://www.linuxfoundation.org/) (other than OpenSSF)
Linux Foundation Energy (https://www.lfenergy.org/)
Linux Foundation Public Health (https://www.lfph.io/)
The Linux Foundation Public Health Initiative Sponsored the Audit of COVID Exposure Notification Apps. Here Are The Results! (OSTIF) (https://ostif.org/the-linux-foundation-public-health-initiative-sponsored-the-audit-of-covid-exposure-notification-apps-here-are-the-results/) - “Because of these two reviews, both applications have had improvements implemented to correct potential issues. This review provides assurances that the applications are generally safe and private.”
Reproducible Builds in December 2020 (https://reproducible-builds.org/reports/2020-12/)
Preventing Supply Chain Attacks like SolarWinds (https://www.linuxfoundation.org/en/blog/preventing-supply-chain-attacks-like-solarwinds/)
Be sure to visit David on the internet at dwheeler.com (https://dwheeler.com/)!
We Give Thanks
* Dr. David A. Wheeler (https://twitter.com/drdavidawheeler) for being our special guest star! Special Guest: David A. Wheeler.
More episodes of the podcast Dave & Gunnar Show
Episode 276: I Think I Had That Shirt
01/11/2025
Episode 275: I'll Visit You in Jail
11/10/2025
Episode 274: We've Always Enjoyed Arby's
27/08/2025
Episode 273: Let the Good 5G In
17/08/2025
Episode 272: Seed Oils Made Y’all Weak
15/07/2025
Episode 271: Blade Runner Pepsi Challenge
07/07/2025
Episode 270: Cylon Monkey Paw: 5 AI Predictions for 2025 & How to Build Intelligent Agents
08/04/2025
Episode 268: Grape Job!
21/03/2025
In God we trust