POPULARITY
Join this episode of In the Nic of Time with David A. Wheeler, Director of Open Source Supply Chain Security at the Linux Foundation to find more about Software Bill of Materials (SBOMs), SPDX, OpenSSF and discuss what happened at the White House Open Source Summit!
Josh and Kurt talk about SBOMs. Not what they are, there's plenty about that. We talk about why everyone keeps claiming they're super important, and why we're starting to see some people question if we really need them. SBOMs are part of a future that's still being invented. Show Notes Questioning SBOMs Rezilion Log4j diagram David A Wheeler on CII Badges Using open source is communism
Dave read Dune (https://www.goodreads.com/book/show/44767458-dune) [The Dune Encyclopedia](https://en.wikipedia.org/wiki/TheDuneEncyclopedia) Luminations (https://www.wildflower.org/event/luminations/2021-12-09) Antiwork Receipt Printers (https://www.engadget.com/someone-is-hacking-receipt-printers-with-pro-worker-messages-115040881.html) Arrest in ‘Ransom Your Employer' Email Scheme (https://krebsonsecurity.com/2021/11/arrest-in-ransom-your-employer-email-scheme/) Real-time deepfakes could bring chaos to your next Zoom call (https://www.dailydot.com/debug/deepfacelive-deepfake-live-streaming/) Check the examples: GitHub - iperov/DeepFaceLive (https://github.com/iperov/DeepFaceLive) Microsoft Teams enters the metaverse race with 3D avatars and immersive meetings (https://www.theverge.com/2021/11/2/22758974/microsoft-teams-metaverse-mesh-3d-avatars-meetings-features) Biometric auth bypassed using fingerprint photo, printer, and glue (https://www.bleepingcomputer.com/news/security/biometric-auth-bypassed-using-fingerprint-photo-printer-and-glue/) Dr. David A. Wheeler (https://dgshow.org/guests/dwheeler), call your office: ‘Trojan Source' Bug Threatens the Security of All Code (https://krebsonsecurity.com/2021/11/trojan-source-bug-threatens-the-security-of-all-code/) Cutting Room Floor * We're Not Gonna Take It - Mariah Carey Christmas Special (https://www.youtube.com/watch?v=jf2VErVh4CQ) * Living, Growing Plant Wig! (https://www.instructables.com/Living-Growing-Plant-Wig/) * Long eggs (https://www.weirduniverse.net/blog/comments/long_eggs) * The Neural Yorker (https://twitter.com/NeuralYorker) * How Not to Write a Caption (https://www.wnycstudios.org/podcasts/tnyradiohour/segments/how-not-write-caption) * Tumblr blog link (https://shittynewyorkercartooncaptions.tumblr.com/) We Give Thanks * The D&G Show Slack Clubhouse for the discussion topics!
Josh and Kurt talk to David A. Wheeler about everything OpenSSF. The Open Source Security Foundation is part of the Linux Foundation, and there are 6 OpenSSF working groups. David does a great job explaining how the OpenSSF works and what the 6 working groups are doing. The working group are (in no particular order): Identifying Security Threats, Security Tooling, Best Practices, Vulnerability Disclosures, Digital Identity Attestation, Securing Critical Projects. Show Notes David A Wheeler Episode 14 – David A Wheeler: CII Badges Sigstore joins the OpenSSF OpenSSF Technical Working Groups NPM requires MFA LISH Backstabber's Knife Collection: A Review of Open Source Software Supply Chain Attacks
Join David A. Wheeler, Director of Open Source Supply Chain Security at the Linux Foundation and us for a discussion about securing the Open Source Ecosystem. The Linux Foundation has had a couple of initiatives around this and they now all culminate in the recently minted Open SSF. Find out more about the Open SSF foundation and other things David talked about using the following links: OpenSSF Security Metrics Project: https://metrics.openssf.org/search?q=kubernetesBest practices Badge: https://bestpractices.coreinfrastructure.org/Best practices Badge "passing" criteria: https://bestpractices.coreinfrastructure.org/criteria/0Best Practices Badge Statistics: https://bestpractices.coreinfrastructure.org/project_statsOpenSSF edX Courses: https://openssf.org/edx-courses/OpenSSF Security Scorecards: https://github.com/ossf/scorecard Please use the Contact Form on this blog or our twitter feed to send us your questions, or to suggest future episode topics you would like us to cover.
Join David A. Wheeler, Director of Open Source Supply Chain Security at the Linux Foundation and us for a discussion about securing the Open Source Ecosystem. The Linux Foundation has had a couple of initiatives around this and they now all culminate in the recently minted Open SSF. Find out more about the Open SSF foundation and other things David talked about using the following links: OpenSSF Security Metrics Project: https://metrics.openssf.org/search?q=kubernetesBest practices Badge: https://bestpractices.coreinfrastructure.org/Best practices Badge "passing" criteria: https://bestpractices.coreinfrastructure.org/criteria/0Best Practices Badge Statistics: https://bestpractices.coreinfrastructure.org/project_statsOpenSSF edX Courses: https://openssf.org/edx-courses/OpenSSF Security Scorecards: https://github.com/ossf/scorecard Please use the Contact Form on this blog or our twitter feed to send us your questions, or to suggest future episode topics you would like us to cover.
This week Dave (https://dgshow.org/hosts/dave) and Gunnar (https://dgshow.org/hosts/gunnar) talk about appreciating our listeners, gassing bank robbers, wardriving smart meters Marriott misses (https://www.marriottvacationclub.com/mvcpulse/washington-dc.html) Dave New Microsoft Ergonomic Keyboard (https://www.microsoft.com/en-us/d/microsoft-ergonomic-keyboard/93841ngdwr1h) Hogwarts Castle Lego (https://www.lego.com/en-us/product/hogwarts-castle-71043) is a journey D&G Viewer Mail Uzoma Nwosu (https://twitter.com/uzomanwosu) rejoices Norm Joseph (https://twitter.com/normanjoseph) endorses (https://twitter.com/normanjoseph/status/1426932057414975488) Norms Dr. David A. Wheeler (https://dgshow.org/guests/dwheeler) says: “Podcast didn't mention by name “Law(s) of War (https://en.wikipedia.org/wiki/Law_of_war)”, yet I think that's what you meant” Pyrotechnic-Aspyhxiation-Burglar Alarm, or P.A.B. Alarm: This Anti-Burglar Device From 1923 Was Inspired by Horrific Gas Warfare of World War I (https://gizmodo.com/this-anti-burglar-device-from-1923-was-inspired-by-horr-1846277539) D&G AI Mr. Potato Head of the Week: Face Maker AI (https://massless.io/tool/face-maker-ai/) Exclusive: Hacker reveals smart meters are spilling secrets about the Texas snowstorm (https://www.dailydot.com/debug/hacker-smart-meter-texas-snowstorm/) NASA is Recruiting for Yearlong Simulated Mars Mission (https://www.nasa.gov/feature/nasa-is-recruiting-for-yearlong-simulated-mars-mission) Biosphere 2 (https://en.wikipedia.org/wiki/Biosphere_2) Eight go mad in Arizona: how a lockdown experiment went horribly wrong (https://www.theguardian.com/film/2020/jul/13/spaceship-earth-arizona-biosphere-2-lockdown) Spaceship Earth (https://www.imdb.com/title/tt11394188/) Steve Bannon (https://en.wikipedia.org/wiki/Steve_Bannon) Cutting Room Floor * McMansion With Shocking Infrastructure Secret Can Be Yours for $989,000 (https://www.vice.com/en/article/v7eq3a/mcmansion-with-shocking-infrastructure-secret-can-be-yours-for-dollar989000) * SOLD! Underground nuclear bunker with 56 bedrooms goes on sale for £435,000 (https://www.independent.co.uk/news/uk/home-news/nuclear-bunker-devon-sale-salcombe-b1809072.html) * A Compendium of Places with Sad Names, from Despair Island to Mount Hopeless (https://hyperallergic.com/436010/triste-tropique-topographies-of-sadness-damien-rudd/) * See also: https://www.instagram.com/sadtopographies/ (https://www.instagram.com/sadtopographies/) We Give Thanks * Uzoma Nwosu (https://twitter.com/uzomanwosu), Norm Joseph (https://twitter.com/normanjoseph), and Dr. David A. Wheeler (https://dgshow.org/guests/dwheeler) for the gift of feedback! * The D&G Show Slack Clubhouse for the discussion topics!
This week Dave (https://dgshow.org/hosts/dave) and Gunnar (https://dgshow.org/hosts/gunnar) talk with Eric Burger (https://dgshow.org/guests/eburger) about secure, insecure, and mostly secure computing, and a whole lot more! HPE Public Sector Summit (https://www.fedscoop.com/events/hpe-public-sector-summit/agenda/): 5G: The Future Connectivity at the Edge panel Shockey’s Law (http://blogs.harvard.edu/doc/2020/08/23/bet-on-obsolescence/) Software Bill of Materials (https://en.wikipedia.org/wiki/Software_bill_of_materials) Dr. David A. Wheeler (https://dgshow.org/guests/dwheeler) Digital signatures (https://en.wikipedia.org/wiki/Digital_signature) Homomorphic encryption (https://en.wikipedia.org/wiki/Homomorphic_encryption) Information warfare (https://en.wikipedia.org/wiki/Information_warfare) The Tor Project (https://en.wikipedia.org/wiki/The_Tor_Project) CyberCorps (https://www.sfs.opm.gov/) at Georgetown (https://cyberfellows.georgetown.edu) FCC (https://en.wikipedia.org/wiki/Federal_Communications_Commission) Combating Spoofed Robocalls with Caller ID Authentication (https://www.fcc.gov/call-authentication) Suicide Prevention Hotline (https://www.fcc.gov/suicide-prevention-hotline) - 988 National Suicide Prevention Lifeline (https://suicidepreventionlifeline.org/) - (800) 273-8255 S.1268 - Interagency Personnel Rotation Act of 2011 (https://www.congress.gov/bill/112th-congress/senate-bill/1268) 5G (https://en.wikipedia.org/wiki/5G) Quantum computing (https://en.wikipedia.org/wiki/Quantum_computing) We Give Thanks * Eric Burger (https://dgshow.org/guests/eburger) for being our special guest star! * Sam Ceccola (https://www.linkedin.com/in/samceccola/) for bringing Eric and Dave together on the HPE Public Sector Summit panel! Special Guest: Eric Burger.
In today's episode of The Secure Developer, Guy Podjarny is joined by Dr. David A. Wheeler, an expert in both open source and developing secure software. David is the Director of Open Source Supply Chain Security at the Linux Foundation and teaches a graduate course in developing secure software at George Mason University. He has a PhD in information technology, a masters in computer science, and a certificate in informations security, all from GMU, and he is also a Certified Information Systems Security Professional (CISSP) and Senior Member of the Institute of Electrical and Electronics Engineers (IEEE). Today's discussion revolves around open source security (or OSS), in which David is an expert, not just from the perspective of consuming open source but also creating and even governing open source. Tuning in, you'll learn about some of the primary security concerns in open source and the necessity to educate developers about secure software, and David shares some of the tools, tests, and initiatives that you include in your security arsenal. Ultimately, David believes that knowledge is critical, and this episode will educate users and developers alike about common OSS vulnerabilities and how to counter them. Tune in today!
This week Dave (https://twitter.com/davidegts) and Gunnar (http://atechnologyjobisnoexcuse.com/about) talk with Dr. David A. Wheeler (https://twitter.com/drdavidawheeler) about what’s new at the Linux Foundation, a brand-new free course on developing secure software, some survey results, and recent news concerning SolarWinds. Open Source Security Foundation (OpenSSF) (https://openssf.org/) of the Linux Foundation replaces the Core Infrastructure Initiative (CII) and has several working groups Secure Software Development Fundamentals Courses (https://openssf.org/edx-courses/) The Linux Foundation’s Core Infrastructure Initiative (CII) Badge Program (https://bestpractices.coreinfrastructure.org/en) is now part of the OpenSSF Best Practices Working Group Project statistics (https://bestpractices.coreinfrastructure.org/project_stats), now >3,500 participating projects & >500 passing badges If you develop OSS, make sure your projects are pursuing a badge (https://bestpractices.coreinfrastructure.org/) “Report on the 2020 FOSS Contributor Survey” (https://www.linuxfoundation.org/en/press-release/new-open-source-contributor-report-from-linux-foundation-and-harvard-identifies-motivations-and-opportunities-for-improving-software-security/) - these are the RESULTS of the survey call we discussed last time - THANK YOU to everyone who participated in the contributor survey If you’re interested, please join! The Linux Foundation (https://www.linuxfoundation.org/) (other than OpenSSF) Linux Foundation Energy (https://www.lfenergy.org/) Linux Foundation Public Health (https://www.lfph.io/) The Linux Foundation Public Health Initiative Sponsored the Audit of COVID Exposure Notification Apps. Here Are The Results! (OSTIF) (https://ostif.org/the-linux-foundation-public-health-initiative-sponsored-the-audit-of-covid-exposure-notification-apps-here-are-the-results/) - “Because of these two reviews, both applications have had improvements implemented to correct potential issues. This review provides assurances that the applications are generally safe and private.” Reproducible Builds in December 2020 (https://reproducible-builds.org/reports/2020-12/) Preventing Supply Chain Attacks like SolarWinds (https://www.linuxfoundation.org/en/blog/preventing-supply-chain-attacks-like-solarwinds/) Be sure to visit David on the internet at dwheeler.com (https://dwheeler.com/)! We Give Thanks * Dr. David A. Wheeler (https://twitter.com/drdavidawheeler) for being our special guest star! Special Guest: David A. Wheeler.
Trusting open source in government and business. David A. Wheeler, Ph.D., a frequent guest of the show, is now the Director of Open Source Supply Chain Security at the Linux Foundation. Doc Searls and Simon Phipps talk to David about that and many related efforts he's involved with at the Linux Foundation, including the Open Source Security Foundation (OpenSSF), LF Energy, LF Public Health, and the CII Best Practices badge project. That's in addition to his work teaching development of secure open-source software, a study he co-authored with Harvard on OSS contributors, and both enduring and rapidly changing approaches to software development education in a time twisted by a global pandemic. Hosts: Doc Searls and Simon Phipps Guest: David Wheeler Download or subscribe to this show at https://twit.tv/shows/floss-weekly Think your open source project should be on FLOSS Weekly? Email floss@twit.tv. Thanks to Lullabot's Jeff Robbins, web designer and musician, for our theme music. Sponsors: Melissa.com/twit expressvpn.com/floss
Trusting open source in government and business. David A. Wheeler, Ph.D., a frequent guest of the show, is now the Director of Open Source Supply Chain Security at the Linux Foundation. Doc Searls and Simon Phipps talk to David about that and many related efforts he's involved with at the Linux Foundation, including the Open Source Security Foundation (OpenSSF), LF Energy, LF Public Health, and the CII Best Practices badge project. That's in addition to his work teaching development of secure open-source software, a study he co-authored with Harvard on OSS contributors, and both enduring and rapidly changing approaches to software development education in a time twisted by a global pandemic. Hosts: Doc Searls and Simon Phipps Guest: David Wheeler Download or subscribe to this show at https://twit.tv/shows/floss-weekly Think your open source project should be on FLOSS Weekly? Email floss@twit.tv. Thanks to Lullabot's Jeff Robbins, web designer and musician, for our theme music. Sponsors: Melissa.com/twit expressvpn.com/floss
Trusting open source in government and business. David A. Wheeler, Ph.D., a frequent guest of the show, is now the Director of Open Source Supply Chain Security at the Linux Foundation. Doc Searls and Simon Phipps talk to David about that and many related efforts he's involved with at the Linux Foundation, including the Open Source Security Foundation (OpenSSF), LF Energy, LF Public Health, and the CII Best Practices badge project. That's in addition to his work teaching development of secure open-source software, a study he co-authored with Harvard on OSS contributors, and both enduring and rapidly changing approaches to software development education in a time twisted by a global pandemic. Hosts: Doc Searls and Simon Phipps Guest: David Wheeler Download or subscribe to this show at https://twit.tv/shows/floss-weekly Think your open source project should be on FLOSS Weekly? Email floss@twit.tv. Thanks to Lullabot's Jeff Robbins, web designer and musician, for our theme music. Sponsors: Melissa.com/twit expressvpn.com/floss
Trusting open source in government and business. David A. Wheeler, Ph.D., a frequent guest of the show, is now the Director of Open Source Supply Chain Security at the Linux Foundation. Doc Searls and Simon Phipps talk to David about that and many related efforts he's involved with at the Linux Foundation, including the Open Source Security Foundation (OpenSSF), LF Energy, LF Public Health, and the CII Best Practices badge project. That's in addition to his work teaching development of secure open-source software, a study he co-authored with Harvard on OSS contributors, and both enduring and rapidly changing approaches to software development education in a time twisted by a global pandemic. Hosts: Doc Searls and Simon Phipps Guest: David Wheeler Download or subscribe to this show at https://twit.tv/shows/floss-weekly Think your open source project should be on FLOSS Weekly? Email floss@twit.tv. Thanks to Lullabot's Jeff Robbins, web designer and musician, for our theme music. Sponsors: Melissa.com/twit expressvpn.com/floss
Trusting open source in government and business. David A. Wheeler, Ph.D., a frequent guest of the show, is now the Director of Open Source Supply Chain Security at the Linux Foundation. Doc Searls and Simon Phipps talk to David about that and many related efforts he's involved with at the Linux Foundation, including the Open Source Security Foundation (OpenSSF), LF Energy, LF Public Health, and the CII Best Practices badge project. That's in addition to his work teaching development of secure open-source software, a study he co-authored with Harvard on OSS contributors, and both enduring and rapidly changing approaches to software development education in a time twisted by a global pandemic. Hosts: Doc Searls and Simon Phipps Guest: David Wheeler Download or subscribe to this show at https://twit.tv/shows/floss-weekly Think your open source project should be on FLOSS Weekly? Email floss@twit.tv. Thanks to Lullabot's Jeff Robbins, web designer and musician, for our theme music. Sponsors: Melissa.com/twit expressvpn.com/floss
Trusting open source in government and business. David A. Wheeler, Ph.D., a frequent guest of the show, is now the Director of Open Source Supply Chain Security at the Linux Foundation. Doc Searls and Simon Phipps talk to David about that and many related efforts he's involved with at the Linux Foundation, including the Open Source Security Foundation (OpenSSF), LF Energy, LF Public Health, and the CII Best Practices badge project. That's in addition to his work teaching development of secure open-source software, a study he co-authored with Harvard on OSS contributors, and both enduring and rapidly changing approaches to software development education in a time twisted by a global pandemic. Hosts: Doc Searls and Simon Phipps Guest: David Wheeler Download or subscribe to this show at https://twit.tv/shows/floss-weekly Think your open source project should be on FLOSS Weekly? Email floss@twit.tv. Thanks to Lullabot's Jeff Robbins, web designer and musician, for our theme music. Sponsors: Melissa.com/twit expressvpn.com/floss
Trusting open source in government and business. David A. Wheeler, Ph.D., a frequent guest of the show, is now the Director of Open Source Supply Chain Security at the Linux Foundation. Doc Searls and Simon Phipps talk to David about that and many related efforts he's involved with at the Linux Foundation, including the Open Source Security Foundation (OpenSSF), LF Energy, LF Public Health, and the CII Best Practices badge project. That's in addition to his work teaching development of secure open-source software, a study he co-authored with Harvard on OSS contributors, and both enduring and rapidly changing approaches to software development education in a time twisted by a global pandemic. Hosts: Doc Searls and Simon Phipps Guest: David Wheeler Download or subscribe to this show at https://twit.tv/shows/floss-weekly Think your open source project should be on FLOSS Weekly? Email floss@twit.tv. Thanks to Lullabot's Jeff Robbins, web designer and musician, for our theme music. Sponsors: Melissa.com/twit expressvpn.com/floss
Trusting open source in government and business. David A. Wheeler, Ph.D., a frequent guest of the show, is now the Director of Open Source Supply Chain Security at the Linux Foundation. Doc Searls and Simon Phipps talk to David about that and many related efforts he's involved with at the Linux Foundation, including the Open Source Security Foundation (OpenSSF), LF Energy, LF Public Health, and the CII Best Practices badge project. That's in addition to his work teaching development of secure open-source software, a study he co-authored with Harvard on OSS contributors, and both enduring and rapidly changing approaches to software development education in a time twisted by a global pandemic. Hosts: Doc Searls and Simon Phipps Guest: David Wheeler Download or subscribe to this show at https://twit.tv/shows/floss-weekly Think your open source project should be on FLOSS Weekly? Email floss@twit.tv. Thanks to Lullabot's Jeff Robbins, web designer and musician, for our theme music. Sponsors: Melissa.com/twit expressvpn.com/floss
This week Dave (https://twitter.com/davidegts) talks w/Dr. David A. Wheeler (https://twitter.com/drdavidawheeler) about his new role at the Linux Foundation, an update on the Core Infrastructure Initiative Badge Program, an introduction to the Open Source Security Foundation, and one of the hottest surveys on the internet! The Linux Foundation (https://www.linuxfoundation.org/) Linux Foundation Energy (https://www.lfenergy.org/) Linux Foundation Public Health (https://www.lfph.io/) Please take the survey! LF CII/Harvard LISH - CII FOSS Contributor Survey (https://hbs.qualtrics.com/jfe/form/SV_enfu6tjRM0QzwQB) Survey in the news: Linux Foundation and Harvard announce Linux and open-source contributor security survey (https://www.zdnet.com/article/linux-foundation-and-harvard-announce-linux-and-open-source-contributor-security-survey/) The Linux Foundation’s Core Infrastructure Initiative Badge Program (https://bestpractices.coreinfrastructure.org/en) David on episode 113 (https://dgshow.org/113) (from 2016!) How’s that been going? Great! Some statistics (https://bestpractices.coreinfrastructure.org/project_stats) If you develop OSS, make sure your projects are pursuing a badge (https://bestpractices.coreinfrastructure.org/) New Linux Foundation initiative/foundation for security: Open Source Security Foundation (OpenSSF) (https://openssf.org/) Be sure to visit David on the internet at dwheeler.com (https://dwheeler.com/)! Hardcore History (https://www.dancarlin.com/hardcore-history-series/) We Give Thanks * Dr. David A. Wheeler (https://twitter.com/drdavidawheeler) for being our special guest star! Special Guest: David A. Wheeler.
Panelists Kate Stewart | Sean Goggins | Georg Link Guest Frank Nagle (https://podcast.chaoss.community/guests/frank-nagle) David A. Wheeler (https://podcast.chaoss.community/guests/david-wheeler) Sponsor Linode (https://www.linode.com/) Show Notes [00:02:40] We start off on the topic of looking at metrics that are useful for identifying what’s going on in a Software Configuration Management system. David tells us what it is and if there’s a difference between building software and deploying it. Also, figuring out which components you’re going to bring in, to your overall system. [00:07:55] Kate wants to know how much do the hidden dependencies play a role in risk of using Open Source and using projects, and do we see things people aren’t expecting? Sean asks if there are high profile cases where folks did not manage those dependencies terribly well and bad things happened. [00:14:09] Sean wants to know what kind of metric might help to identify that kind of programmer error that results in malicious code being introduced into a project and are there other ways that we could measure the existence of that phenomenon? CII Best Practices Badge is talked about here. [00:16:38] Kate mentions a survey that came out late last year of the most popular software that came out recently, and there’s some top packages that were identified through the analysis that had come from the scanners and everything else. Of those packages, how many of them have badges? Frank tells us the analysis he did and the results (report linked below). [00:19:45] Sean talks about things he’s observed when it comes to packages and dependencies and which ones are more popular in the course of the project. He wonders if anyone on the panel has started thinking about how do we assess things that are within a repository and what challenges does that pose from a metrics perspective? [00:23:34] License Risk on a project is discussed here by Kate and David. [00:28:09] Sean wants to know if he’s creating an Open Source software project and he Googles “Open Source Software licenses,” is he in a pretty safe space or are there other Open Source licenses that are pretending that they’re Open Source? David tells us where to look to find out. [00:29:32] Frank tells us what kinds of metrics or pieces of what they’ve talked about as being significant in both economic impacts and the future of work. [00:33:53] Sean wants to know in regard to Frank’s survey, what kinds of things he is looking to measure that we can’t with trace data from a repo. [00:36:39] Georg asks Frank if he’s has some early insights that might be interesting with the survey. [00:39:02] David and Frank tell us places you can check out to learn more. Picks [00:40:28] Kate’s picks are to check out Software Transparency reports and check out Allan Friedman’s session at RSA “Taking Control of Cyber-Supply Chain Security.” [00:41:26] Georg’s pick is OSI/Brandeis course on Open Source communities. [00:42:36] Sean’s pick is Covid-19 streaming movie binge called “Hanna” on Amazon Prime. [00:43:08] David’s picks are his website DWheeler.com and a website that Cloudflare put up called, “isbgpsafeyet.com.” [00:46:44] Frank’s pick is a working paper that was just released called, “Open Source Software and Global Entrepreneurship.” Links Frank Nagle Twitter (https://twitter.com/frank_nagle?lang=en) Frank Nagle Website (https://www.hbs.edu/faculty/Pages/profile.aspx?facId=566431) David A. Wheeler Twitter (https://twitter.com/drdavidawheeler?lang=en) David A. Wheeler Website (https://dwheeler.com/) CII Best Practices Badge Program (https://bestpractices.coreinfrastructure.org/en) CII-FOSS Survey (https://hbs.qualtrics.com/jfe/form/SV_enfu6tjRM0QzwQB) “More Than a Gigabuck: Estimating GNU/Linux’s Size” by David A Wheeler (https://dwheeler.com/sloc/redhat71-v1/redhat71sloc.html) Reproducible Builds (https://reproducible-builds.org/) SPDX License List (https://spdx.org/licenses/) Core Infrastructure-Preliminary Report and Census II of Open Source Software (https://www.coreinfrastructure.org/wp-content/uploads/sites/6/2020/02/census_ii_vulnerabilities_in_the_core.pdf) OSI-Brandeis course on Open Source Technology Management (https://www.brandeis.edu/gps/future-students/learn-about-our-programs/open-source-technology-management.html) Hanna-Amazon Prime (https://www.amazon.com/Hanna-Season-1/dp/B07L5N7P32) Is BGP safe yet? (https://isbgpsafeyet.com/) “Open Source Software and Global Entrepreneurship” paper by Frank Nagle, Nataliya Wright, and Shane Greenstein. (https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3636502) NTIA Software Component Transparency (https://www.ntia.doc.gov/SoftwareTransparency) Allan Friedman’s session at RSA “Taking Control of Cyber-Supply Chain Security.” (https://vshow.on24.com/vshow/RSAConference2020APJ/#content/2502653) Credits Produced by Justin Dorfman at CodeFund (https://codefund.io/) Edited by Paul M. Bahr at Peachtree Sound (https://www.peachtreesound.com/) Show notes by DeAnn Bahr at Peachtree Sound (https://www.peachtreesound.com/) Ad Sales by Eric Berry at CodeFund (https://codefund.io/) Special Guests: David A. Wheeler and Frank Nagle.
This week Dave (https://twitter.com/davidegts) and Gunnar (http://atechnologyjobisnoexcuse.com/about) talk about earthworm jerky and ketchup slice sandwiches, hacking tamper-proof cryptocurrency wallets, and D&G’s recommended hats for fooling face recognition systems into thinking that you’re Moby Severe storm damages businesses, cars on Manchester Road (https://www.ohio.com/akron/news/local/severe-storms-damage-businesses-on-manchester-road-overturn-cars-in-acme-parking-lot) Journaling with Day One (http://dayoneapp.com/) The Earthworm Jerky I Bought on Walmart.com Tasted Like Sh*t (https://gizmodo.com/the-earthworm-jerky-i-bought-on-walmart-com-tasted-like-1825140748) Ketchup singles (https://www.sliceofsauce.com/) D&G Local Crime Report of the Week: Cell phone helps police track down Akron store robbers (http://fox8.com/2018/03/30/cell-phone-helps-police-track-down-akron-store-robbers/) Google Maps temporary location sharing (https://www.theverge.com/2017/3/22/15021560/google-maps-real-time-location-sharing-android-iphone) Dr. David A. Wheeler, call your office: A "tamper-proof" currency wallet just got backdoored by a 15-year-old (https://arstechnica.com/information-technology/2018/03/a-tamper-proof-currency-wallet-just-got-trivially-backdoored-by-a-15-year-old/) This Hat Can Fool a Face Recognition System Into Thinking You're Moby (https://motherboard.vice.com/amp/en_us/article/59jm8d/trick-face-scan-hat-infrared) Cutting Room Floor * For the product manager who has everything: The Tear Gun (http://www.neatorama.com/2018/04/07/The-Tear-Gun/) * Tinfoil hats for cats (https://mcphee.com/collections/new/products/tin-foil-hat-for-cats) * Eyepot (https://chapelierfou.org/blog/eyepot-a-creepy-teapot.html): Raspberry Pi + Arduino-powered robot w/camera * Soviet Apartment Blocks As Bathroom Tiles (https://flashbak.com/soviet-apartment-blocks-as-bathroom-tiles-397185/) * A Noise Canceling Noodle Fork That Drowns Out Slurping Sounds With Music (http://www.neatorama.com/neatolicious/2018/03/20/A-Noise-Canceling-Noodle-Fork-That-Drowns-Out-Slurping-Sounds-With-Music/) We Give Thanks * The D&G Show Slack Clubhouse for the discussion topics!
Josh and Kurt have a guest! David A. Wheeler talks about open source security and the CII Badges project.
David A. Wheeler, from Core Infrastructure Initiative, joined the show to talk about the CII Best Practices Badge program.
David A. Wheeler, from Core Infrastructure Initiative, joined the show to talk about the CII Best Practices Badge program.
This week Dave and Gunnar talk with Maha Shaikh about open source, the nature of community, and life as an open source academic. Maha says: In a nutshell my work is, firstly, around making sense of how companies choose communities, what criteria they use and how they evaluate them. Secondly, I look in great detail into how companies are learning to find new mechanisms of control to manage organizational forms like communities where traditional forms of obligation and redress inscribed into contracts are no longer possible. This also involves how companies have forced themselves to become comfortable with ‘less’ control. Thirdly, how we can theorize and learn from online communities like open source ones to make sense of how ‘serious work’ is carried out in rather loud online settings where many voices create a cacophony somewhat unhelpful for creative work like coding. The New Hacker’s Dictionary, Third Edition and see also The Open Organization Dr. David A. Wheeler Maha’s website We Give Thanks Maha Shaikh for being our special guest star! Special Guest: Maha Shaikh.
This week, Gunnar talks with Dr. David A. Wheeler and Emily Ratliff about the Linux Foundation’s Core Infrastructure Initiative and their new Badge program. Dr. David A Wheeler Emily Ratliff OpenSSL “Heartbleed“ The Tragedy of the Commons Linux Foundation‘s Jim Zemlin: “Never let a good crisis go to waste” (presumably with apologies to Rahm Emmanuel) Core Infrastructure Initiative Census Project Best Practices Badge Karl Fogel’s Producing Open Source Software
This week Dave and Gunnar talk about: Kommisars in the board room, Akron Police Department’s compulsory feeling of safety, more warm fuzzies from OPM, and more Yahoo! news than you ever thought possible. Lauren strikes again: US Air Force lab: robots, open source, and virtual reality D&G Mailbag: Thanks to Red Hat Middleware Solutions Architect David Murphy for finding our episode 89 Easter egg! Soylent Shake: Burger chain adds bugs to the menu…on purpose ‘Private’ biz Xiaomi sets up Communist Party exec committee Police stop Akron drivers to build safe relationships Iowa school district asks principals to wear body cams OPM, ODNI turn to paper forms to keep security clearance process going Let’s not forget: Digital Photocopiers Loaded With Secrets Russian Security Now Using Typewriters to Thwart the NSA D&G Uber Evil Move of the Week: FTC asked to block Uber from getting location data in background D&G Ad Experience Optimization of the Week: The Next Java Update Could Make Yahoo Your Default Search Provider Speaking of getting optimized: US Bombs ISIS Command Center After Terrorist Posts Selfie Online D&G This Week in Vendor Abandonment: Yahoo does Spring Cleaning: Shuts down Maps, Pipes & more No, seriously, they’re really out D&G This Week in Things We Wish Vendors Would Abandon: Flash Ironically(?), occupyflash.org uses Flash to see if Flash is installed Worldwide PC shipments biggest drop in 2 years thanks to mobile No joke? Commodore Pet smartphone Top 500 Supercomputer List Reflects Shifting State of Global HPC Trends D&G Red Hat Summit Replay Video of the Week: Security compliance automation with Red Hat by Matt Micene See it reenacted live at Defense in Depth! It’s like Netflix for Red Hat Training: Red Hat Learning Subscription So Long Voicemail, Give My Regards To the Fax Machine The Linux Foundation’s Core Infrastructure Initiative The CII Census Project White paper by Dr. David A. Wheeler! D&G Term of the Week: Truck Factor Cutting Room Floor PG-13: Ultra Hal AI Chatbot Talks with another Ultra Hal AI Bot Top Secret: The goofy retro ‘undercover’ fashion guide for East German secret police spies Baby goats in pajamas America Used to Give Out Weird Participation Awards for Nuclear Tests Now you finally know: Why Do Some Guitarists’ Fingers Smell Like Garlic? 600 years of war casualties visualized e-NABLE provides open, 3-D printed protheses for children, will make you cry Disney business plan Warhammer 40k Mr. Potato Head Iterating on large projects like Google Hybrid Cloud is not a Strategy, It’s a Symptom Open source chess with http://lichess.org (h/t robinpriceii) Google proves machines dream of more than Electric Sheep (h/t matt.micene) html5 games made from crack (h/t robinpriceii) littlebobby encryption (h/t robinpriceii) condo high rise with drone landing pad (h/t emorisse) We Give Thanks Thanks to Red Hat Middleware Solutions Architect David Murphy for finding our episode 89 Easter egg! The whole dgshow Slack crew
This week, Dave and Gunnar talk about Barthelona, Gaudi, Toledo, Detroit, the Stasi, and why cloud providers can’t have nice things. Barcelona and Detroit trip report Barcelona Uber is there but illegal Nova Icària is the Egts family’s preferred Barcelona beach When in town, be sure to check out Montserrat, Las Ramblas, and Sagrada Família Detroit Maker Faire Dave highly recommends: The Henry, Autograph Collection The Stasi almost caught up to Dave Truck crashes into East Toledo Tony Packo’s Toledo faces water crisis after dangerous toxin found in supply Don’t Drink the Water … In Lake Erie “Don’t order the Toledo Outback Bloomin’ Algae. It’s terrible.” Gunnar can’t stop watching the new Mad Max trailer Stasi doppelgänger follow up: Chinese 3D Printer Allows You to 3D Print a Human Sized 1:1 Wax Replica of Yourself Almost related: Bannerman = Uber for bodyguards Chromecast to use ULTRASOUND Striesand is an onramp-to-darkweb-in-a-box. Think of the Streisand Effect. HT Robin Price: Google’s Project Zero Now you can experience the ultimate joy like never before using Pinwheel! Obama administration says the world’s servers are ours Is AWS stumbling? Lowering Cost of Government IT on August 21 Lauren’s new Raspberry Pi project’s maiden voyage: Impossible Deceptions, Charles Peachock & Jason Alan Magic on August 23 Dear EPA: Please buy CloudForms. Love, Dave and Gunnar. Start here with James Labocki and Thomas Cameron InfoWorld ♥s OpenShift OpenShift Enterprise on Autonomic Resources’ PaaS solution, ARCWRX, is “in evaluation” for FedRAMP authorization Want to learn more? Dan Walsh on Docker Security Cutting Room Floor Weird Al’s Foil — stay for the plot twist David A. Wheeler bait! Mathematically-proved OS kernel is open source (on Github) Watch James Baldwin debate William F. Buckley at Cambridge in 1966 Gunnar is ready for this 34″ monitor Bertolt Brecht sings “Mack the Knife” and creeps Gunnar out Declassified: The Government’s Secret Plan For a Military Moon Base That Time The CIA Kidnapped A Soviet Spacecraft MakerBot 3D printers now available in a dozen Home Depot stores Tips For Crafting A Strong Password That Really Pops We Give Thanks HT Robin Price for the Project Zero heads up
This week Dave and Gunnar talk with special guest star and elder statesman of open source in security and government, Dr. David A. Wheeler about Heartbleed, security reviews, and why security vulnerabilities are like human organs. David’s How to Prevent the next Heartbleed article got picked up by Slashdot Fuzz testing All about Heartbleed How the Heardbleed bug works (in XKCD cartoon form) Heartbleed tick-tock HT Summer Maynard: What Heartbleed Can Teach The OSS Community About Marketing FIPS 140-2 The Linux Foundation starts the Core Infrastructure Initiative Open source code has fewer errors than proprietary code SCAP HT Robin Price: OpenSCAP 1.0.8 passed the NIST SCAP 1.2 certification David dislikes “responsible disclosure” as much as Gunnar dislikes “cybersecurity” Patches welcome: David’s FLOSS numbers database with special thanks to Paul Rotilie David’s Fully Countering Trusting Trust through Diverse Double-Compiling PhD dissertation and public defense video! We Give Thanks Dr. David A. Wheeler for guest starring and everything he’s done to advance the cause of open source in government. Summer Maynard and Robin Price for giving us ideas to talk about Paul Rotilie for helping with the FLOSS numbers database
This week, Dave and Gunnar talk about: procurement disasters past, present, and future, cloud arbitrage, Bannana Slugs and storage, and the Large Hadron Collider, homesteading on the cloud. TRANSPORTER was the storage device we couldn’t think of in episode 47 Hackpad got bought by Dropbox Retraction: Psych! Microsoft didn’t really open-source MS-DOS (thanks David A. Wheeler!) Trigger Warning: NJ procurement Compare this with the UK red line policy VanRoekel in Congress, hat in hand. Nike stops making FuelBand — Dave and Gunnar Trigger Warning! Gunnar Fitbit Force rash status: Pending Compare and contrast: 5 things tech buyers just don’t care about and Google’s Project Ara Could Bring PC-Like Hardware Ecosystem To Phones HT Matt Micene: Bored with trading oil and gold? Why not flog some CLOUD servers? Chicago Mercantile Exchange plans cloud spot exchange Emergent and Red Hat JBoss BRMS Workshop & Happy Hour Storage workshop: Modern Data Protection Tour by Red Hat Red Hat welcomes Inktank! OpenShift and Hortonworks Data Platform GearD: The Intersection of PaaS, Docker and Project Atomic by Matt Hicks Dell and Red Hat Deliver Enterprise-Grade, OpenStack Private Cloud Solution, Extend Co-Engineering to Deliver OpenShift and Linux Container Solutions CERN uses RHEV to tell the difference between matter and anti-matter. Do you? CERN’s Zombie movie Sovereign: Ansible playbooks for homesteading on the Internet How can I get colleagues to stop bickering about trivialities? Design Thinking Wikipedia, Design, and Consensus Cutting Room Floor More drones moving to Linux New album released via Linux kernel module steganography Time is a flat circus HT Lauren: Programmer Ryan Gosling Raspberry Eye is a Raspberry Pi answer to Google Glass UFO typologies, circa 1967 1979 Mercedes El Camino The World’s Longest Conveyor Belt is 61 Miles Long D&G DIY Joke Kit of the Week: Convicted Terrorist Sentenced to Read Malcolm Gladwell Book Meanwhile in Cleveland: Verbatim: What Is a Photocopier? Almost related: Front Fell Off HT Doug Denny: Disgusting Computers Reading Rainbow HT Dan Walsh: SELinux coloring book now on GitHub Free OpenShift O’Reilly book by Steven Citron-Pousty and Katie Miller Red Hat Summit attendees get another free O’Reilly ebook We Give Thanks David A. Wheeler, Matt Micene, Lauren, Doug Denny, and Dan Walsh for giving us things to talk about! Mike Richichi for being “the colleague”. In truth, he was Gunnar’s boss.
This week, Dave and Gunnar talk about Pudding ‘n Airplanes, Penguins ‘n Space, Parkinson’s ‘n Chickens, Printing ‘n 3D, and IMAP. Subscribe via RSS or iTunes. Lauren can’t stop watching Bohemian Gravity Lots of Twitter folks getting compromised. Do you have login verification enabled? HT Matt Micene: Court: Facebook ‘Like’ Is Protected By the First Amendment HT Mark Bohannon: Penguins in Space! Asteroid mining and Linux Travel hack of the week: Engineer earned 1.25M airline miles by buying $2,200 of pudding PT Anderson is vindicated Barry and Lavon are delighted Let’s talk about elastic demand curves A Spoon Full Of Sensors To Help Parkinson’s Patients Feed Themselves Chicken Head Tracking Vestibulo-ocular reflex Mercedes-Benz cars apparently handle like a chicken Chicken Powered Steadicam Cleveland Clinic deep brain stimulation SCI Run GitHub Adds 3D Modeling Features That Make It A Printer-Agnostic Choice For Object Sharing Gunnar likes Vehicle Forge Blackberry sold for $5B The decline of BlackBerry in one chart Outlook.com now has IMAP Save time by letting TripIt read your email Related: LinkedIn denies harvesting user email accounts without permission HT Phil Shapiro: Geek Gurl Diaries Use Scratch and a Makey Makey to play sounds through a Raspberry Pi using marshmallows Taste of Red Hat Training: Install, configure, and deploy in Red Hat Enterprise Linux OpenStack Platform Gunnar presenting at postponed NIST Cloud Computing and Mobility workshop Dave as panelist at Symantec Government Symposium on October 2 Gartner ITxpo on October 6-10 Lauren at Akron Mini Maker Faire on November 2 Red Hat Government Symposium on November 6 registration now open! OpenShift for Citizen Engagement Reproducible Builds for Fedora Bonus links: Trusting Trust from Dr. David A. Wheeler’s PhD thesis and video of him defending it How to run vulnerability scan on Red Hat Enterprise Linux using OVAL and OpenSCAP A partner we like: DotCloud Pivots And Wins Big With Docker, The Cloud Service Now Part Of Red Hat OpenShift Watch Australians Explain How to Do an Australian Accent The United States has more libraries than McDonalds and Starbucks What Did Barney Rubble Do for a Living? Cutting Room Floor Neil deGrasse Tyson is an extraordinary gift to all of us Ernest Hemingway’s Favorite Hamburger Recipe Stevie Wonder plays “Superstition” on Sesame Street in 1973 9 Muppets Kicked Off Sesame Street Unlocking an iPhone 5S with a cat’s paw Jaws text adventure Excel based Turing Machine 103 year old car phone Infovis: 92 Years of Bigfoot Sightings in the US and Canada NASA Will Pay $18,000 To Watch You Rest In Bed–Really How To Order A Drink When Your Bartender Is A Robot Lily Collins is McAfee’s Most Dangerous Celebrity™ for 2013 We Give Thanks A constitutionally protected tumbs up to Matt Micene Mark Bohannon for reminding us to consider open source software when doing asteroid mining Phil Shapiro for telling us about Geek Gurl Diaries The Akron Library for hosting the Akron Mini Maker Faire, writing a nice article about Lauren, and inspiring folks to be Makers!
This week, Dave and Gunnar talk about Batman, Acxiom as your personal data custodian, the TSA Pre-✓ Class War, and the HACK REACTOR. Subscribe via RSS or iTunes. Dave visits an abandoned amusement park in Chippewa Lake, OH which was featured in a 10 min documentary and was the filming location of Closed for the Season Gunnar needs a Dark Knight intervention When not listening to D&G: Windows XP apocalypse and your own countdown clock to April 8, 2014 Yahoo! doppelgängers KnowEm Tracks Down All the Sites You’ve Registered a Username Simply provide your name, address, birth date and last four digits of your Social Security Number: Data Broker Acxiom’s New Site Allows Users To View And Edit The Marketing Info It’s Collected How Apple and Amazon Security Flaws Led to My Epic Hacking Great for converting lists of SSNs and photos of birth certificates: CloudConvert Converts Almost Any File Type Between Formats The TSA Racket is Now Selling Your Basic Rights Back to You TSA screening about to get a lot worse When not taking Klingon MOOCs: Apocalypse 101: Take the Free Walking Dead Online Course From UC Irvine New Walking Dead Spinoff Coming to AMC in 2015 Inside Hack Reactor, The Coding Bootcamp That Wants To Be The CS Degree Of The Future Google Releases Raspberry Pi Web Dev Teaching Tool, or spend less time yak shaving and learn web programming right away with OpenShift HT Major Hayden: Yahoo’s Mayer gives phone passcodes a pass Replay of GovLoop’s How to Securely Deploy Open Source Software featuring David A. Wheeler, Josh Davis, and Dave Dave was a panelist with friend of the show Dan Risacher at GovLoop’s Agency of the Future event NC Datapalooza was fantastic. Gunnar presenting at NIST Cloud Computing and Mobility workshop on October 1-3 Dave as panelist at Symantec Government Symposium on October 2 Gartner ITxpo on October 6-10 Red Hat Government Symposium registration now open! Red Hat Software Collections and Red Hat Developer Toolset 2.0 are GA! HT @RedHatOpen: Emulate a Common Access Card in a VM by using certificates generated on the host Two factor auth site of the week is GitHub who has a nice security history page Technical Debt & Vendor Lock-In by friend of the show Matt Micene of DLT State of Texas wants $11 to receive updated address info Get hooked on a feeling with D&G’s word of the week: Haptography Cutting Room Floor Box.net now “NSA-proof” OpenID vs IndieAuth Great photo of Sealand, courtesy of Gunnar’s mom Tweet2Cite: APA- and MLA-compliant citations for your toots Perfect for regional jets: USB powered soldering iron Epic blockbuster trailer: Monty Python and the Holy Grail A scientific guide to saying “no”: How to avoid temptation and distraction Legal advice if you want to be a superhero in San Diego Send your teeth to the Tooth Fairy using a RaspberryPi and pneumatic tubes CERN Lecture Belt for the punishing environments of today’s physics lecture circuit We Give Thanks Matt Micene for helping us stay technically debt free David A. Wheeler, Josh Davis, and Dan Risacher for advocating open source in the DoD
This week, Dave and Gunnar talk about: spying, conspiracy theories, boxing and calculus in Ohio, Klingons in Illinois, the return of Nirmal, a ball peen update, and LUG parenting teachable moments. Subscribe via RSS or iTunes. Never trust a man with a mustache. Don King‘s Ohio training compound is close to Mike Tyson‘s Ohio abandoned mansion with tiger cages in Trumbull, OH Indian Government To Ban Use of US Email Services For Official Communications Google Facebook privacy disappointment of the week: Facebook To Overhaul Data Use Policy Sponsorship opportunity #1: Gunnar Advanced Computer Eyewear Life imitating art? From 2011: The Onion: Facebook “Is Truly A Dream Come True For The CIA” NSA compromised crypto standards? Tencent is giving away 10 TB worth of free cloud storage, Baidu and Qihoo 360 offer 1 TB Bruce Schneier on conspiracy theories “Secrets belong to a small assortment of individuals, and inevitably become hostage to private agendas.” — Malcolm Gladwell Watch Ask a Korean dismantle Malcolm Gladwell Praveen Swami in 2010: Wikileaks ‘secrets’ reveal the paranoid mindset of internet activists obsessed with conspiracies There’s always HavenCo Gunnar’s friend Evan Rose built the Sealand and HavenCo websites back in the day! Evan in hindsight: “Holy sh*tsnacks, that’s ugly” Career advice PSA: Public cloud salesmen should not flock to be smart watch salesmen OhioState’s calculus MOOC is on GitHub Jim Fowler makes Dave want to take calculus again Dave presenting via web with David A. Wheeler and Josh Davis at GovLoop Government Innovators Virtual Summit on September 10 Gunnar keynotes NC DataPalooza on September 12 Dave receiving AFCEA DC AFCEAN of the Month award at AFCEA DC’s Monthly Luncheon on September 16 Dave as panelist at GovLoop Agency of the Future on September 17 Gunnar presenting at NIST Cloud Computing and Mobility workshop on October 1-3 Dave as panelist at Symantec Government Symposium on October 2 Gartner ITxpo on October 6-10 Red Hat Government Symposium registration now open! Illinois Government Website Offers Klingon Translation, but not Vulcan Related: Star Trek III is back on Netflix streaming but Dave and Lauren don’t see the Klingon or Vulcan subtitle options on our Roku Movie of the week: There Will Be Blood A Partner We Like: Booz Allen Hamilton’s US Army Red Hat Summit Innovation Award video and success story are now live! Concerning trend: First the NFL, now IT suffers from the consequences repeated head trauma Sponsorship opportunity #2: The Economist app is amazing: articles in their distinctive font, and podcasting all rolled into one Sponsorship opportunity #3: We learn what “peening” is, and it’s not as inappropriate as you might think, thanks to Trey Oats and Adam Clater Parenting lesson learned: Don’t be a helicopter LUG parent and let your child find her own presenters Exhibit A Cutting Room Floor “Major Says” lives! Eric Mill of Sunlight posts a how-to for adding HTTPS your website for $0 Mark Bohannon‘s Open Source in Government update We Give Thanks Jim Fowler for making math education even more interesting and useful. Trey Oats and Adam Clater for peening best practices. Mel McGee for answering Lauren’s call to present on wearable computing at the Akron LUG!
This week, Dave and Gunnar talk about: snollygosters firing 9 or every 10 sysadmins, even yet still more Google and privacy, hands-free computing, Gunnar’s reputation management problems, and Dave’s “how to say no” weapons turned against him. Subscribe via RSS or iTunes. Dave gets incepted. Lauren mentioned on Crain’s Business Cleveland podcast HER Ideas in Motion hands-on learning for girls in technology and media arts How the Egts family rolls on Mother’s Day: Mother Daughter Hack Day Gunnar visits Sweden! Zach Sciales says nice things about Red Hat and the D&G Show! Automation Myths: The NSA Can’t Replace 90% of Its System Administrators Dave’s Confining Users with SELinux video series Red Hat is hiring Code By Voice Faster Than Keyboard Google Adds Your Flights, Reservations, and Purchases to Voice Search Google Cloud Storage now provides server-side encryption So you can store the data at rest w/encryption, but you need to decrypt it to work on it unless you use homomorphic encryption as discussed in D&G #9 Google says UK privacy laws can’t touch it Egts family spring break candidate: Principality of Sealand HavenCo Trsst: a distributed secure blog platform for the open web Man Crosses Twitter and Google Reader to Create Open Source Love Child Meet the Indie Web hackers who want to jailbreak the internet Groklaw Shuts Down, A Self-Described Casualty In The Privacy Wars PJ’s reasoning Open Technology Fund Lauren is a developer! Scratch on Raspberry Pi video now live! Major Hayden now uses Linux! (Wait, what?) Super fun flying club, from United: Inside United’s Secret Club for Top Fliers Gunnar at OSHERA on 5 September. Dave presenting via web with David A. Wheeler and Josh Davis at GovLoop Government Innovators Virtual Summit on September 10 Gunnar keynotes NC DataPalooza on September 12 Dave receiving AFCEA DC AFCEAN of the Month award at AFCEA DC’s Monthly Luncheon on September 16 Dave as panelist at GovLoop Agency of the Future on September 17 Gunnar presenting at NIST Cloud Computing and Mobility workshop on October 1 Dave as panelist at Symantec Government Symposium on October 2 Red Hat Government Symposium registration now open! Gunnar’s GCN article: Do you have a cloud exit strategy? Here’s one clear path. Headbangers Ball: Dave’s recap of FedScoop’s Lowering the Cost of Government with IT Summit Note the TV hanging from the ceiling to the right of the panelists Dave’s Fedscoop TV video Dan Walsh blogging about Dave’s software defined Multi Level Security video series D&G updated Blacklist: cyber, “software-defined” JBoss Enterprise Application Platform 6 in evaluation! Hellekson’s Law: request denied, for now Would a title of nobility make Gunnar more notable? The Magic of Incentives: Brazilian Journals’ Self-Citation Cartel Smashed CommaFeed backlinks from Wikipedia to D&G! “How to say no” update: Adam Clater makes Dave an offer he couldn’t refuse This is what it looked like There’s a difference between being right & being persuasive Word of the day that we aren’t allowed to use any more: snollygoster — an unprincipled but shrewd person Cutting Room Floor FeedBin: A new OSS RSS reader entrant ExplainShell: A command line explainer HT Jared Jennings: darcs is simpler and more fun than git. but http://hub.darcs.net and http://patch-tag.com aren’t quite github. Unrelated but delicious: D’Arc’s Pizza in Windber, PA Soylent Green, for real: “I didn’t get to be the reviews editor of a major technology website by reading stupid directions.” Heavy Metal Umlaut Quiz Beastie Boys’ “Sabotage” reenacted with librarians Black Flag’s Henry Rollins to keynote the 2013 California Library Association conference Knitters are banned from library due to dangerous needle use A creepy robot that can sneak under your door Plan ahead: Drone guidelines for Burning Man OpenDesk.cc Is Like Ikea For Open Source Zealots Regular expresssion crossword puzzle sites of the week We Give Thanks Rachel Wilkins Patel for getting girls into technology and media arts and being a great role model Zach Sciales for letting us know we’re helping! Dan Walsh for blogging about Dave’s MLS video series Adam Clater for using our mind tricks against us for everyone’s benefit Jared Jennings for the tip on Darcs