Regulation

CRA with Luis Villa

When Luis Villa said he was willing to talk to me about the CRA I knew it would be a great conversation. The number of actual lawyers who also work on open source issues isn’t a large number. Luis is one of those people and he has a ton of knowledge and insight he’s willing to share. Open source legal issues are especially weird because the very nature of the open source license was to hack copyright to give us more rights instead of less. So what did Luis have to tell us about the CRA? ...

Episode 367 - Open source will never be the same

Josh and Kurt talk about GitHub enforcing sanctions against an open source developer and Docker changing how their registry works. There’s a lot to unpack in this one. There’s a lot of happenings going on in the world of open source. We are seeing governments paying attention to open source like never before, change is coming and everything is going to change. https://traffic.libsyn.com/opensourcesecuritypodcast/Episode_367_Open_source_will_never_be_the_same.mp3 Show Notes ipmitool Repository Archived, Developer Suspended By GitHub Elixir: Docker now charges open source orgs $300

Episode 366 - Software liability is coming

Josh and Kurt talk about the number of dependencies that is now normal. Keeping track of thousands of dependencies used to be impressive, now it’s normal. In what instances should we know everything about our open source? The days of being able to ignore your software liability is looking like it’s coming to an end. https://traffic.libsyn.com/opensourcesecuritypodcast/Episode_366_Software_liability_is_coming.mp3 Show Notes LTT millenial pause The perverse incentive of vulnerability counting National Cybersecurity Strategy

197432837-3cc950f5-546a-4b39-b9c6-a52cfb959a24

Episode 347 - Airtags in luggage and weasel security - two peas in a suitcase

Josh and Kurt talk about Lufthansa trying to ban Airtags. This has a similar feel to all the security events where a company tries to hand waive away a security problem then having to walk back all their previous statements. There is almost always a massive imbalance between the large companies and consumers. https://traffic.libsyn.com/opensourcesecuritypodcast/Episode_347_Airtags_in_luggage_and_weasel_security_two_peas_in_a_suitcase.mp3 Show Notes Lufthansa bans airtags Airtag stalking problems Lufthansa unbans airtags Cult of the Dead Cow book TV Typewriter Andre the Giant on an airplane Poison Squad Bagtracker