Misguided misguidings over the EU bug bounty

The EU recently announced they are going to sponsor a security bug bounty program for 14 open source projects in 2019. There has been quite a bit of buzz about this program in all the usual places. The opinions are all over the place. Some people wonder why those 14, some wonder why not more.Continue reading “Misguided misguidings over the EU bug bounty”

2018 Christmas Special – Is Santa GDPR compliant?

Josh and Kurt talk about which articles of the GDPR apply to Santa, and if he’s following the rules the way he should be (spoiler, he’s probably not). Should Santa be on his own naughty list? We also create a new holiday character – George the DPO Elf! Show Notes David Sedaris Santaland Canadian Tire Ice TruckContinue reading “2018 Christmas Special – Is Santa GDPR compliant?”

Episode 127 – Walled gardens, appstores, and more

Josh and Kurt talk about Mozilla pulling a paywall bypassing extension. We then turn our attention to talking about walled gardens. Are they good, are they bad? Something in the middle? There is a lot of prior art to draw on here, everything from Windows, Android, iOS, even Linux distributions. Show Notes Mozilla blocks a paywall bypassContinue reading “Episode 127 – Walled gardens, appstores, and more”

Episode 126 – The not so dire future of supply chain security

Josh and Kurt continue the discussion from episode 125. We look at the possible future of software supply chains. It’s far less dire than previously expected. It’s likely there will be some change in the near future. Show Notes Episode 125 Comment on Twitter with the #osspodcast hashtag

Episode 125 – Open Source, supply chains, npm, and you

Josh and Kurt talk about how open source deals with malicious events. It’s probably impossible to stop these from happening, but the open source universe deals with it in its own unique way. We start to discuss what you can do, since everyone is using open source everywhere now. There will be a second part to thisContinue reading “Episode 125 – Open Source, supply chains, npm, and you”