Sudo Show 35: Busting Open Source Security Myths

Channel:
United States Destination Linux
Subscribers:
21,200
Published on ● Video Link: https://www.youtube.com/watch?v=wqRewF4lE3s


Duration: 34:14
349 views
0

Eric and Brandon sit down and look into some of the biggest security myths around Open Source software and one by one debunk them right on the show!

[Destination Linux Network](https://destinationlinux.network)
[Sudo Show Website](https://sudo.show)
[Sponsor: Bitwarden](https://bitwarden.com/dln)
[Sponsor: Digital Ocean](https://do.co/dln-mongo)
[Sudo Show Swag](https://sudo.show/swag)

Contact Us:
[DLN Discourse](https://sudo.show/discuss)
[Email Us!](mailto:contact@sudo.show)
[Sudo Matrix Room](https://sudo.show/matrix)

[Heartbleed](https://heartbleed.com)
[Sophos: Venom Virtual Machine Escape Bug](https://nakedsecurity.sophos.com/2015/05/14/the-venom-virtual-machine-escape-bug-what-you-need-to-know)
[Tidelift Blog: More than Half of Maintainers Have Quit or Considered Quitting, and Here’s Why](https://blog.tidelift.com/finding-5-more-than-half-of-maintainers-have-quit-or-considered-quitting-and-heres-why)
[Jaeger Tracing](https://www.jaegertracing.io/)
[Article: Measure the Health of Open Source Communities](https://www.linux.com/news/measuring-the-health-of-open-source-communities)

[Open Source Security Foundation (OpenSSF)](https://openssf.org)
[Article: Google Releases New Open Source Seucirty Software Program Scorecards](https://www.zdnet.com/google-amp/article/google-releases-new-open-source-security-software-program-scorecards)
[GitHub: OSSF Scorecard](https://github.com/ossf/scorecard)
[LFX Insights](https://insights.lfx.linuxfoundation.org/projects)

[Tidelift](https://tidelift.com)
[Open Collective](https://opencollective.com)

## Chapters

00:00 Intro
00:42 Welcome
01:14 Sponsor - Bitwarden
02:40 Sponsor - Digital Ocean
03:42 OSS Has Vulnerabilities
07:45 Free means cheap
14:53 Heartbleed Bug
20:25 Open Source is Amature
24:29 OpenSSF Scorecard
33:07 Wrap Up



Other Videos By Destination Linux


2021-10-19Tesla Effect: A Tex Murphy Adventure w/ CubicleNate | Game Sphere
2021-10-18PinePhone Pro: Exclusive Interview with Pine64 | Destination Linux 248
2021-10-15PinePhone Pro Is Here! (Exclusive Interview with Pine64)
2021-10-14Sudo Show 36: Kubos, Managing Your Hardware in Space
2021-10-13Linus Going from Windows to Linux? | DLN Xtend 78
2021-10-11Is Firefox Slowly Dying? Can Mozilla Save It? | Destination Linux 247
2021-10-08Fairphone 4 Rains On Apple's Parade! | Hardware Addicts 45
2021-10-07Video Game Ratings: What Are ESRB Ratings? | Game Sphere
2021-10-06One Prediction Down | DLN Xtend 77
2021-10-04Linus Tech Tips Linux Challenge & Malware Found In WSL | Destination Linux 246
2021-09-30Sudo Show 35: Busting Open Source Security Myths
2021-09-29Our Journey into Tech | DLN Xtend 76
2021-09-27What Linux Needs For Desktop Domination | Destination Linux 245
2021-09-22Battle of the Browsers, they all Lose | DLN Xtend 75
2021-09-20DL's MegaList of Software Alternatives | Destination Linux 244
2021-09-16Sudo Show 34: Growing Your Remote Team with Jasmine Tsai of Mux
2021-09-15KDE Plasma It’s Not All Love | DLN Xtend 74
2021-09-13Vivaldi CEO Interview: Jon Stephenson von Tetzchner | Destination Linux 243
2021-09-10ARM's Dominance Is At Risk With RISC-V | Hardware Addicts 44
2021-09-09The Wolf Among Us w/ Michael Tunnell of DLN | Game Sphere 15
2021-09-08Is the GNOME way the only way? | DLN Xtend 73


Tags:
it
devops
cloud
enterprise
open source
itguyeric
sudo show
career
technology
red hat
brandon johnson
open-tech
myth
hearbleed
openssf