Episode 317 - The lack of compromise in security

Open Source Security Podcast

English - April 04, 2022 00:00 - 32 minutes - 29.4 MB - ★★★★★ - 39 ratings
Technology security cybersecurity open opensource source Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed

Previous Episode: Episode 316 - You have to use open source

Next Episode: Episode 318 - Social engineering and why zlib got a 2018 CVE ID

Josh and Kurt talk about the binary nature of security. Many of our ideas are yes or no, there's not much in the middle. The conversation ends up derailed due to a Twitter thread about pinning dependencies. This gives you an idea how contentious of a topic pinning is. The final takeaway is not to let security turn into your identity, it ends up making a mess.

Show Notes Josh's Twitter thread How to install week old npm packages

Twitter Mentions

@mylesborins
@kurtseifried
@joshbressers