blog post in No Food for Thought | Open Source Security Foundation gains recognition... and funding? 8 years ago, Heartbleed was estimated to have cost at least 500 million USD. Since then, many more vulnerabilities were granted infamous names, including a few whose damages are estimated at th |
blog post in No Food for Thought | Car thieves are bad, but much wiser than car makers Thieves have a new way to steal cars. A method for clean thefts, served on a silver platter by car manufacturers who sell cars equipped with key fobs instead of traditional keys, [https://www.cbc.ca/n |
blog post in No Food for Thought | CVE-2024-3094: Just a number, but still just a number Last week, CVE-2024-3094 was revealed. Thanks to relatively good fortune and a highly diligent engineer, this vulnerability assessed as 10.0 (critical) |
blog post in No Food for Thought | EU-FOSSA 2 ends The European Union's second FOSSA project has ended with incredible results. EU-FOSSA undoubtedly made free software w |
blog post in No Food for Thought | FLOSS Fall? Security reality catching up with free software A couple decades ago, free software was the target of much FUD , notably regarding its security. But free software evangelists could easily reply to Microsoft and ot |
blog post in No Food for Thought | FOSS Security, and Transparency at the Linux Foundation In December, the Linux Foundation released a report on its 2020 FOSS Contributor Survey . The most important an |
blog post in No Food for Thought | Free software and integration: a long-term issue More than a decade ago, Greg Kroah-Hartman started offering some Linux versions with significant support. Linux 2.6.32 was designated as a "long term" support release, even though the term was just ab |
blog post in No Food for Thought | Heartbleed no more - EU-FOSSA budget doubled In early 2016, [/blogpost37-Issues-using-GNU-Linux-as-a-desktop-PC|I expressed some satisfaction and a touch of pride regarding the multi-million USD Core Infrastructure Initiative security effort |
blog post in No Food for Thought | Information security: an example of cumulative negligence In computer science, we're often taught that security is only as strong as the weakest link in the chain. This weakest link principle is true, but looking for that weakest link is not always the best |
blog post in No Food for Thought | Is there really an information security jobs crisis? Or a development culture crisis? Ben Rothke asks if there's a shortage of information security professionals. I found his piece very intere |
blog post in No Food for Thought | Kryptonite Kryptolok Series 2 Standard Bicycle U-Lock Review I bought this U-lock last year to upgrade from a flexible cable lock. I expected the lock would be heavier, but I didn't expect s |
blog post in No Food for Thought | Log4Shell and OpenSSF Heartbleed was more than 7 years ago. This year, the new Heartbleed is Log4Shell , which is in no way less severe than Heartbleed. I lost several hours of work due to |
blog post in No Food for Thought | Open Source Security Foundation A couple of months ago, when writing about the end of EU-FOSSA 2 , I criticized its reactionary nature. Just like [http://www.philippeclout |
blog post in No Food for Thought | The Cost of Security As a follow-up to The cost of quality , which focused on translation, here's the part about security. Security too c |
blog post in No Food for Thought | The Costs of Insecurity, The Costs of Fragmentation A 1 million $ theft is the latest reminder of how easy social engineering remains, even |
Kune ni povos is seriously freethough not completely humor-free: