The ASW June 2024 Recap
June sped by! We had one more interview segment from RSA and lots of discussions about open source supply chain and standards.
Luis Villa talked about how the unsteady and unpredictable support for open source projects underscores the challenge faced not only by XZ Utils, but by many other projects – even popular ones. He talked about efforts to support open source projects financially. And, XZ Utils was topical, we walked through some of a project maintainer’s responsibilities and how to lessen that burden over time.
Next up was news! We had the full crew together with Akira Brand and John Kinsella. We covered some vulns in unusual places – laundry machines and modems. We covered some unusual design gaps in Microsoft’s Recall. And I marked the anniversary of PHP version 1.0 that first appeared on June 8, 1995.
We closed out the month with OAuth. Aaron Parecki explained that not only is OAuth 2.0 more than a single spec, it’s not always interoperable and not always secure. The good news is that there are new specs that attempt to refine interoperability and define defaults that make it more secure. Aaron shared a lot of great insights from following these specs for over a decade!
Subscribe to ASW to find these episodes and more! Also check out the May 2024 recap.