æva black
@aevavoom
Hacker, opensource geek, public speaker, advocate. Currently works at CISA. All opinions = 💯 mine. 🏍️/🏳️🌈/⚧️
ID:18809935
https://aeva.online/ 09-01-2009 18:35:08
17,2K Tweets
4,7K Followers
986 Following
The XZ backdoor discovered last month has reignited discussions about the security of OSS.
In this 5x5, we brought together Tobie Langel, [email protected], æva black, Stewart Scott, and CRob to discuss its implication for the OSS community. ⬇️
dfrlab.org/2024/05/01/the…
Had a great time on this podcast, catching up with old colleagues and talking about #opensource security and community!
It's time to return to the #BiohackingVillage at DEF CON! Bring your secure #medicaldevices , or elevate the event as a sponsor. Let's push the boundaries of cybersecurity and medical technology together!
#Cybersecurity #hackers #HealthTech #defcon32
Smith+Nephew USA, CanonMedical
Rob Underwood the biggest issue, honestly, is that people have taken for granted the gains that open source has made - and its future - and don't realize that both are under threat.
but there are signs - tiny ones, so far - that maybe that's changing. or could.
The XZ Utils compromise highlights the urgent need for software manufacturers to sustain the open source ecosystems they depend on. Read my teammates Jack Cable & æva black's blog on how Cybersecurity and Infrastructure Security Agency is approaching open source with a #SecureByDesign mindset: go.dhs.gov/JHf
CISA advisors Jack Cable and æva black describe in our latest blog how we are responding to the XZ Utils compromise and how every tech manufacturer should take a #SecureByDesign approach to securing open source software: go.dhs.gov/JHf
Public details of the xz hack mirror what so many #opensource maintainers have been worried about because most tech stacks are deeply dependent on volunteerism — so, burn out is a security concern.
Responsible Consumers
must be
Sustainable Contributors