Open source maintainer Jordan Harband on why paying maintainers improves open source security

Поделиться
HTML-код
  • Опубликовано: 13 май 2024
  • Shortly after the xz utils backdoor hack was uncovered, Tidelift gathered together a group of open source maintainers across the Javascript, Java, and Python ecosystems to hear not only how the xz hack impacted their work (spoiler alert: this attack reverberated across ALL ecosystems, not just in the Linux OS!), but also how it made them feel.
    In this clip, we hear from JavaScript open source maintainer, Jordan Harband. Here he breaks down why
    You can watch the entirety of the panel on-demand here: explore.tidelift.com/c/life-a...
    Learn more about xz: tidelift.com/resources/xz-bac...
    Transcript:
    While it's great to pursue automated fixes, the real problem is trust of humans. And if you want to increase your ability to trust humans, you need to both ensure that they are not incentivized to do bad things, and you also want to have leverage over them. And injecting capital into their projects is a pretty good way to achieve both. So I feel like while money is not the answer, it seems like it's the fastest, like lowest hanging fruit available at the moment. When enough money isn't the big problem, then we can look at what the next step should be. But we're a long way away from that state.
  • НаукаНаука

Комментарии •

Следующие
Автовоспроизведение
What Everyone Missed About The Linux Hack20:24What Everyone Missed About The Linux Hack
What Everyone Missed About The Linux HackTheo - t3․gg
Просмотров 282 тыс.
Is Open Source More Secure?10:07Is Open Source More Secure?
Is Open Source More Secure?IBM Technology
Просмотров 13 тыс.
The CrowdStrike Problem Isn’t A Simple Fix…13:04The CrowdStrike Problem Isn’t A Simple Fix…
The CrowdStrike Problem Isn’t A Simple Fix…Theo - t3․gg
Просмотров 145 тыс.
The Evil Minecraft Mod That Destroys Your Game28:58The Evil Minecraft Mod That Destroys Your Game
The Evil Minecraft Mod That Destroys Your GameWifies
Просмотров 398 тыс.
JADE - Angel Of My Dreams (Official Video)03:52JADE - Angel Of My Dreams (Official Video)
JADE - Angel Of My Dreams (Official Video)JADEVEVO
Просмотров 1,9 млн
Pokémon Sword, but I only use In-Game Trades42:08Pokémon Sword, but I only use In-Game Trades
Pokémon Sword, but I only use In-Game TradesMandJTV Plays
Просмотров 236 тыс.
Hosting a Game Show to quiz Pokémon YouTubers54:45Hosting a Game Show to quiz Pokémon YouTubers
Hosting a Game Show to quiz Pokémon YouTubersAlpharad
Просмотров 660 тыс.
Free and Open Source software licenses explained15:24Free and Open Source software licenses explained
Free and Open Source software licenses explainedThe Linux Experiment
Просмотров 84 тыс.
The Tidelift Subscription: Eliminating risk from bad open source packages2:59The Tidelift Subscription: Eliminating risk from bad open source packages
The Tidelift Subscription: Eliminating risk from bad open source packagesTidelift
Просмотров 150
CROC Talks - XZ Utils backdoor explained12:58CROC Talks - XZ Utils backdoor explained
CROC Talks - XZ Utils backdoor explainedWiz
Просмотров 2,5 тыс.
The 11 Best Linux Distributions16:23The 11 Best Linux Distributions
The 11 Best Linux DistributionsTitus Tech Talk
Просмотров 176 тыс.
Challenging Full Stack Developer: First Open Source Contribution (iOS App)@ezsnippat39:21Challenging Full Stack Developer: First Open Source Contribution (iOS App)@ezsnippat
Challenging Full Stack Developer: First Open Source Contribution (iOS App)@ezsnippatHarnoor Singh
Просмотров 204 тыс.
Interview w/ a Linux Administrator | Excellent Show!!32:51Interview w/ a Linux Administrator | Excellent Show!!
Interview w/ a Linux Administrator | Excellent Show!!Information Technology Q & A Show
Просмотров 90 тыс.
HackTheBox - Perfection29:25HackTheBox - Perfection
HackTheBox - PerfectionIppSec
Просмотров 11 тыс.
secret backdoor found in open source software (xz situation breakdown)8:28secret backdoor found in open source software (xz situation breakdown)
secret backdoor found in open source software (xz situation breakdown)Low Level Learning
Просмотров 431 тыс.
OPEN SOURCE alternatives to the MOST POPULAR productivity apps!15:37OPEN SOURCE alternatives to the MOST POPULAR productivity apps!
OPEN SOURCE alternatives to the MOST POPULAR productivity apps!The Linux Experiment
Просмотров 1,2 млн
Оживляем КРУТОЙ Ноутбук ASUS Zenbook UX433FAC для ДЗЕН-БЛОГЕРА / ПЕРЕСТАЛ ВКЛЮЧАТЬСЯ и ЗАРЯЖАТЬСЯ25:03Оживляем КРУТОЙ Ноутбук ASUS Zenbook UX433FAC для ДЗЕН-БЛОГЕРА / ПЕРЕСТАЛ ВКЛЮЧАТЬСЯ и ЗАРЯЖАТЬСЯ
Оживляем КРУТОЙ Ноутбук ASUS Zenbook UX433FAC для ДЗЕН-БЛОГЕРА / ПЕРЕСТАЛ ВКЛЮЧАТЬСЯ и ЗАРЯЖАТЬСЯnotebook-31
Просмотров 77 тыс.
Красиво, но телефон жаль00:32Красиво, но телефон жаль
Красиво, но телефон жальБесполезные Новости
Просмотров 1,3 млн
PART 52 || DIY Wireless Switch forElectronic Lights - Easy Guide!01:01PART 52 || DIY Wireless Switch forElectronic Lights - Easy Guide!
PART 52 || DIY Wireless Switch forElectronic Lights - Easy Guide!HUBAB__OFFICIAL
Просмотров 66 млн
Prices & Poco M4 Pro 5G01:00Prices & Poco M4 Pro 5G
Prices & Poco M4 Pro 5Gyoungfix
Просмотров 252 тыс.
MacBook Pro 16 M1 Pro не включается. Замена аккумулятора00:50MacBook Pro 16 M1 Pro не включается. Замена аккумулятора
MacBook Pro 16 M1 Pro не включается. Замена аккумулятораТЕХНОБЛОГ ГУБАРЕВ СЕРГЕЙ
Просмотров 31 тыс.
OZON РАЗБИЛИ 3 КОМПЬЮТЕРА00:57OZON РАЗБИЛИ 3 КОМПЬЮТЕРА
OZON РАЗБИЛИ 3 КОМПЬЮТЕРАКинг Комп Shorts
Просмотров 1,8 млн
ЧТО В ТЕЛЕФОНЕ У ГЛЕНТА ?! РИВИВИ ?!😲04:03ЧТО В ТЕЛЕФОНЕ У ГЛЕНТА ?! РИВИВИ ?!😲
ЧТО В ТЕЛЕФОНЕ У ГЛЕНТА ?! РИВИВИ ?!😲DARKEN
Просмотров 91 тыс.
Гениальное решение для вашего телевизора00:18Гениальное решение для вашего телевизора
Гениальное решение для вашего телевизораДизайнерское Логово
Просмотров 19 тыс.