cover of episode 35: Busting Open Source Security Myths

35: Busting Open Source Security Myths

2021/9/30
logo of podcast Sudo Show

Sudo Show
Frequently requested episodes will be transcribed first

Shownotes Transcript

Eric and Brandon sit down and look into some of the biggest security myths around Open Source software and one by one debunk them right on the show!

Destination Linux Network) Sudo Show Website) Sponsor: Bitwarden) Sponsor: Digital Ocean) Sudo Show Swag)

Contact Us: DLN Discourse) Email Us!) Sudo Matrix Room)

Heartbleed) Sophos: Venom Virtual Machine Escape Bug) Tidelift Blog: More than Half of Maintainers Have Quit or Considered Quitting, and Here’s Why) Jaeger Tracing) Article: Measure the Health of Open Source Communities)

Open Source Security Foundation (OpenSSF)) Article: Google Releases New Open Source Seucirty Software Program Scorecards) GitHub: OSSF Scorecard) LFX Insights)

Tidelift) Open Collective)

Chapters

00:00 Intro 00:42 Welcome 01:14 Sponsor - Bitwarden 02:40 Sponsor - Digital Ocean 03:42 OSS Has Vulnerabilities 07:45 Free means cheap 14:53 Heartbleed Bug 20:25 Open Source is Amature 24:29 OpenSSF Scorecard 33:07 Wrap Up

Sponsored By:

  • Bitwarden)
  • Digital Ocean): [The Sudo Show is sponsored by our friends over at Digital Ocean. DigitalOcean recently announced their new Managed MongoDB service, which is a fully managed, database as a service. With Managed MongoDB, you can focus more on building scalable high performance apps, and less on maintaining the database. DigitalOcean built this service in partnership with MongoDB Inc. and together they have ensured that you will get access to all the latest releases of the Mongo database as they become available.

As a listener of the Sudo Show podcast and a member of the DLN Community you can get started for FREE! Actually, better than free because DigitalOcean is giving you a $100 Credit when you go to https://do.co/dln-mongo. Need more than just a database? You can use your $100 credit to try out all the amazing services Digital Ocean has to offer. Again, go to https://do.co/dln-mongo to get started with your $100 Free Credit on DigitalOcean’s new Managed MongoDB and thank you to Digital Ocean for sponsoring the Sudo Show and the entire Destination Linux Network!](https://do.co/dln-mongo))