This week Dave and Gunnar talk with special guest star and elder statesman of open source in security and government, Dr. David A. Wheeler about Heartbleed, security reviews, and why security vulnerabilities are like human organs.



David’s How to Prevent the next Heartbleed article got picked up by Slashdot
Fuzz testing
All about Heartbleed

How the Heardbleed bug works (in XKCD cartoon form)
Heartbleed tick-tock
HT Summer Maynard: What Heartbleed Can Teach The OSS Community About Marketing


FIPS 140-2
The Linux Foundation starts the Core Infrastructure Initiative
Open source code has fewer errors than proprietary code
SCAP
HT Robin Price: OpenSCAP 1.0.8 passed the NIST SCAP 1.2 certification
David dislikes “responsible disclosure” as much as Gunnar dislikes “cybersecurity”
Patches welcome: David’s FLOSS numbers database with special thanks to Paul Rotilie
David’s Fully Countering Trusting Trust through Diverse Double-Compiling PhD dissertation and public defense video!

We Give Thanks

Dr. David A. Wheeler for guest starring and everything he’s done to advance the cause of open source in government.
Summer Maynard and Robin Price for giving us ideas to talk about
Paul Rotilie for helping with the FLOSS numbers database

Special Guest: David A. Wheeler.

Ver todos los episodios