ZARZA We are Zarza, the prestigious firm behind major projects in information technology.
Listen "35: Busting Open Source Security Myths"
Episode Synopsis
Eric and Brandon sit down and look into some of the biggest security myths around Open Source software and one by one debunk them right on the show!
Destination Linux Network (https://destinationlinux.network)
Sudo Show Website (https://sudo.show)
Sponsor: Bitwarden (https://bitwarden.com/dln)
Sponsor: Digital Ocean (https://do.co/dln-mongo)
Sudo Show Swag (https://sudo.show/swag)
Contact Us:
DLN Discourse (https://sudo.show/discuss)
Email Us! (mailto:[email protected])
Sudo Matrix Room (https://sudo.show/matrix)
Heartbleed (https://heartbleed.com)
Sophos: Venom Virtual Machine Escape Bug (https://nakedsecurity.sophos.com/2015/05/14/the-venom-virtual-machine-escape-bug-what-you-need-to-know)
Tidelift Blog: More than Half of Maintainers Have Quit or Considered Quitting, and Here’s Why (https://blog.tidelift.com/finding-5-more-than-half-of-maintainers-have-quit-or-considered-quitting-and-heres-why)
Jaeger Tracing (https://www.jaegertracing.io/)
Article: Measure the Health of Open Source Communities (https://www.linux.com/news/measuring-the-health-of-open-source-communities)
Open Source Security Foundation (OpenSSF) (https://openssf.org)
Article: Google Releases New Open Source Seucirty Software Program Scorecards (https://www.zdnet.com/google-amp/article/google-releases-new-open-source-security-software-program-scorecards)
GitHub: OSSF Scorecard (https://github.com/ossf/scorecard)
LFX Insights (https://insights.lfx.linuxfoundation.org/projects)
Tidelift (https://tidelift.com)
Open Collective (https://opencollective.com)
Chapters
00:00 Intro
00:42 Welcome
01:14 Sponsor - Bitwarden
02:40 Sponsor - Digital Ocean
03:42 OSS Has Vulnerabilities
07:45 Free means cheap
14:53 Heartbleed Bug
20:25 Open Source is Amature
24:29 OpenSSF Scorecard
33:07 Wrap Up
Destination Linux Network (https://destinationlinux.network)
Sudo Show Website (https://sudo.show)
Sponsor: Bitwarden (https://bitwarden.com/dln)
Sponsor: Digital Ocean (https://do.co/dln-mongo)
Sudo Show Swag (https://sudo.show/swag)
Contact Us:
DLN Discourse (https://sudo.show/discuss)
Email Us! (mailto:[email protected])
Sudo Matrix Room (https://sudo.show/matrix)
Heartbleed (https://heartbleed.com)
Sophos: Venom Virtual Machine Escape Bug (https://nakedsecurity.sophos.com/2015/05/14/the-venom-virtual-machine-escape-bug-what-you-need-to-know)
Tidelift Blog: More than Half of Maintainers Have Quit or Considered Quitting, and Here’s Why (https://blog.tidelift.com/finding-5-more-than-half-of-maintainers-have-quit-or-considered-quitting-and-heres-why)
Jaeger Tracing (https://www.jaegertracing.io/)
Article: Measure the Health of Open Source Communities (https://www.linux.com/news/measuring-the-health-of-open-source-communities)
Open Source Security Foundation (OpenSSF) (https://openssf.org)
Article: Google Releases New Open Source Seucirty Software Program Scorecards (https://www.zdnet.com/google-amp/article/google-releases-new-open-source-security-software-program-scorecards)
GitHub: OSSF Scorecard (https://github.com/ossf/scorecard)
LFX Insights (https://insights.lfx.linuxfoundation.org/projects)
Tidelift (https://tidelift.com)
Open Collective (https://opencollective.com)
Chapters
00:00 Intro
00:42 Welcome
01:14 Sponsor - Bitwarden
02:40 Sponsor - Digital Ocean
03:42 OSS Has Vulnerabilities
07:45 Free means cheap
14:53 Heartbleed Bug
20:25 Open Source is Amature
24:29 OpenSSF Scorecard
33:07 Wrap Up
More episodes of the podcast Sudo Show
72: Non-Artifical Intro to AI
09/01/2025
71: OpenStack Renaissance
26/09/2024
70: Pi À La Code
12/09/2024
69: Cold Confernces
14/08/2024
68: Quarterly Watercooler
18/06/2024
67: Broad Future of Open Source Hypervisors
14/05/2024
66: VDI Current and Futures
13/10/2023
65: Summer of Conferences
31/08/2023
In God we trust