Episode 35

Busting Open Source Security Myths

00:00:00
/
00:34:11

September 30th, 2021

34 mins 11 secs

Your Hosts
Tags

About this Episode

Eric and Brandon sit down and look into some of the biggest security myths around Open Source software and one by one debunk them right on the show!

Destination Linux Network
Sudo Show Website
Sponsor: Bitwarden
Sponsor: Digital Ocean
Sudo Show Swag

Contact Us:
DLN Discourse
Email Us!
Sudo Matrix Room

Heartbleed
Sophos: Venom Virtual Machine Escape Bug
Tidelift Blog: More than Half of Maintainers Have Quit or Considered Quitting, and Here’s Why
Jaeger Tracing
Article: Measure the Health of Open Source Communities

Open Source Security Foundation (OpenSSF)
Article: Google Releases New Open Source Seucirty Software Program Scorecards
GitHub: OSSF Scorecard
LFX Insights

Tidelift
Open Collective

Chapters

00:00 Intro
00:42 Welcome
01:14 Sponsor - Bitwarden
02:40 Sponsor - Digital Ocean
03:42 OSS Has Vulnerabilities
07:45 Free means cheap
14:53 Heartbleed Bug
20:25 Open Source is Amature
24:29 OpenSSF Scorecard
33:07 Wrap Up

Support Sudo Show