Php

Josh welcomes Jordi Boggiano the lead maintainer of Composer and Packagist to explain the truckload of security features they’ve recently added. Packagist is the PHP package registry, Composer is the dependency manager for PHP. Recently the people behind these projects have added a number of security features that will improve the security of the entire ecosystem. Jordi explains it all to us and gives a glimpse of what’s coming next. ...

Josh and Kurt talk about the PHP backdoor and the Ubiquity whistleblower. The key takeaway is to note how an open source project cannot cover up an incident, but closed source can and will cover up damaging information. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_265_The_lies_closed_source_can_tell_open_source_cant.mp3 Show Notes PHP backdoor Ubiquity coverup 3D printed TSA keys LockPickingLaywer Determining Key Shape from Sound Lock camera