Dining & Cooking<p>How Mediterranean Diet Chef Adds Plant-Based Protein to Meals <a href="https://www.diningandcooking.com/1951805/how-mediterranean-diet-chef-adds-plant-based-protein-to-meals/" rel="nofollow noopener noreferrer" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">diningandcooking.com/1951805/h</span><span class="invisible">ow-mediterranean-diet-chef-adds-plant-based-protein-to-meals/</span></a> <a href="https://vive.im/tags/Bean" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Bean</span></a> <a href="https://vive.im/tags/chef" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>chef</span></a> <a href="https://vive.im/tags/ChristinaSoteriou" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ChristinaSoteriou</span></a> <a href="https://vive.im/tags/day" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>day</span></a> <a href="https://vive.im/tags/fiber" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>fiber</span></a> <a href="https://vive.im/tags/GRAM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GRAM</span></a> <a href="https://vive.im/tags/legume" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>legume</span></a> <a href="https://vive.im/tags/meal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>meal</span></a> <a href="https://vive.im/tags/Mediterranean" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Mediterranean</span></a> <a href="https://vive.im/tags/MediterraneanVeganDiet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MediterraneanVeganDiet</span></a> <a href="https://vive.im/tags/MediterraneanVegetarianRecipes" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MediterraneanVegetarianRecipes</span></a> <a href="https://vive.im/tags/PlantBasedProtein" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PlantBasedProtein</span></a> <a href="https://vive.im/tags/pound" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pound</span></a> <a href="https://vive.im/tags/protein" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>protein</span></a> <a href="https://vive.im/tags/Salad" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Salad</span></a> <a href="https://vive.im/tags/Source" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Source</span></a> <a href="https://vive.im/tags/Tofu" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Tofu</span></a> <a href="https://vive.im/tags/VeganMediterraneanDiet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VeganMediterraneanDiet</span></a> <a href="https://vive.im/tags/VegetarianMediterraneanRecipes" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VegetarianMediterraneanRecipes</span></a> <a href="https://vive.im/tags/year" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>year</span></a></p>
Recent searches
No recent searches
Search options
Only available when logged in.
c.im is one of the many independent Mastodon servers you can use to participate in the fediverse.
C.IM is a general, mainly English-speaking Mastodon instance.
Administered by:
Server stats:
2.9Kactive users
c.im: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.3.6
#source
56 posts · 10 participants · 0 posts today
Morgan Fletcher :vbike:<p><span class="h-card" translate="no"><a href="https://mstdn.social/@Nigel_Purchase" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>Nigel_Purchase</span></a></span> please always provide the <a href="https://sfba.social/tags/source" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>source</span></a>, otherwise it's just a picture. </p><p><a href="https://www.theguardian.com/world/2025/mar/12/donald-trump-ireland-micheal-martin-white-house-meeting" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">theguardian.com/world/2025/mar</span><span class="invisible">/12/donald-trump-ireland-micheal-martin-white-house-meeting</span></a></p>
Hacker News<p>Released my full transputer OS, K&R C compiler and utilities (1996)</p><p><a href="https://nanochess.org/transputer_operating_system.html" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">nanochess.org/transputer_opera</span><span class="invisible">ting_system.html</span></a></p><p><a href="https://mastodon.social/tags/HackerNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HackerNews</span></a> <a href="https://mastodon.social/tags/transputer" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>transputer</span></a> <a href="https://mastodon.social/tags/OS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OS</span></a> <a href="https://mastodon.social/tags/KRCcompiler" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>KRCcompiler</span></a> <a href="https://mastodon.social/tags/retrocomputing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>retrocomputing</span></a> <a href="https://mastodon.social/tags/open" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>open</span></a> <a href="https://mastodon.social/tags/source" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>source</span></a> <a href="https://mastodon.social/tags/technology" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>technology</span></a> #1996</p>
Bytes Europe<p>“Armenia has no intentions of aggression.” Mirzoyan <a href="https://www.byteseu.com/823829/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">byteseu.com/823829/</span><span class="invisible"></span></a> <a href="https://pubeurope.com/tags/analysis" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>analysis</span></a> <a href="https://pubeurope.com/tags/Armenia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Armenia</span></a> <a href="https://pubeurope.com/tags/information" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>information</span></a> <a href="https://pubeurope.com/tags/Media" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Media</span></a> <a href="https://pubeurope.com/tags/News" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>News</span></a> <a href="https://pubeurope.com/tags/press" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>press</span></a> <a href="https://pubeurope.com/tags/RA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>RA</span></a> <a href="https://pubeurope.com/tags/Radar" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Radar</span></a> <a href="https://pubeurope.com/tags/RadarArmenia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>RadarArmenia</span></a> <a href="https://pubeurope.com/tags/Reliable" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Reliable</span></a> <a href="https://pubeurope.com/tags/RepublicOfArmenia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>RepublicOfArmenia</span></a> <a href="https://pubeurope.com/tags/source" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>source</span></a> <a href="https://pubeurope.com/tags/unbiased" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>unbiased</span></a></p>
Hacker News<p>The DuckDB Local UI</p><p><a href="https://duckdb.org/2025/03/12/duckdb-ui.html" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">duckdb.org/2025/03/12/duckdb-u</span><span class="invisible">i.html</span></a></p><p><a href="https://mastodon.social/tags/HackerNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HackerNews</span></a> <a href="https://mastodon.social/tags/DuckDB" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DuckDB</span></a> <a href="https://mastodon.social/tags/Local" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Local</span></a> <a href="https://mastodon.social/tags/UI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>UI</span></a> <a href="https://mastodon.social/tags/DuckDB" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DuckDB</span></a> <a href="https://mastodon.social/tags/Data" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Data</span></a> <a href="https://mastodon.social/tags/Analytics" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Analytics</span></a> <a href="https://mastodon.social/tags/Open" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Open</span></a> <a href="https://mastodon.social/tags/Source" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Source</span></a> <a href="https://mastodon.social/tags/UI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>UI</span></a> <a href="https://mastodon.social/tags/Tools" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Tools</span></a> <a href="https://mastodon.social/tags/Data" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Data</span></a> <a href="https://mastodon.social/tags/Science" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Science</span></a></p>
Hacker News<p>First official release of LLVM Flang</p><p><a href="https://blog.llvm.org/posts/2025-03-11-flang-new/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">blog.llvm.org/posts/2025-03-11</span><span class="invisible">-flang-new/</span></a></p><p><a href="https://mastodon.social/tags/HackerNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HackerNews</span></a> <a href="https://mastodon.social/tags/LLVM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LLVM</span></a> <a href="https://mastodon.social/tags/Flang" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Flang</span></a> <a href="https://mastodon.social/tags/Release" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Release</span></a> <a href="https://mastodon.social/tags/LLVM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LLVM</span></a> <a href="https://mastodon.social/tags/Flang" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Flang</span></a> <a href="https://mastodon.social/tags/News" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>News</span></a> <a href="https://mastodon.social/tags/Compiler" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Compiler</span></a> <a href="https://mastodon.social/tags/Development" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Development</span></a> <a href="https://mastodon.social/tags/Open" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Open</span></a> <a href="https://mastodon.social/tags/Source" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Source</span></a> <a href="https://mastodon.social/tags/Software" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Software</span></a></p>
Dining & Cooking<p>How I eat for better health <a href="https://www.diningandcooking.com/1948057/how-i-eat-for-better-health/" rel="nofollow noopener noreferrer" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">diningandcooking.com/1948057/h</span><span class="invisible">ow-i-eat-for-better-health/</span></a> <a href="https://vive.im/tags/articles" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>articles</span></a> <a href="https://vive.im/tags/HealthTipsAndWellnessAdvice" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HealthTipsAndWellnessAdvice</span></a> <a href="https://vive.im/tags/MakeIt" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MakeIt</span></a> <a href="https://vive.im/tags/MakeItLife" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MakeItLife</span></a> <a href="https://vive.im/tags/MakeItSuccess" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MakeItSuccess</span></a> <a href="https://vive.im/tags/makeit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>makeit</span></a> <a href="https://vive.im/tags/nutrition" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nutrition</span></a> <a href="https://vive.im/tags/Source" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Source</span></a>:tagname:CNBCUSSource</p>
podpod<p><a href="https://c.im/tags/podpodcast" class="mention hashtag" rel="tag">#<span>podpodcast</span></a> <a href="https://c.im/tags/openSourceSecurity" class="mention hashtag" rel="tag">#<span>openSourceSecurity</span></a><br />Episode 205 - The State of Open Source Security with Alyssa Miller from Snyk<br /><a href="https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_205_The_State_of_Open_Source_Security_with_Alyssa_Miller_from_Snyk.mp3?dest-id=542864" target="_blank" rel="nofollow noopener noreferrer" translate="no"><span class="invisible">https://</span><span class="ellipsis">traffic.libsyn.com/secure/open</span><span class="invisible">sourcesecuritypodcast/Episode_205_The_State_of_Open_Source_Security_with_Alyssa_Miller_from_Snyk.mp3?dest-id=542864</span></a><br /><a href="https://c.im/tags/episode" class="mention hashtag" rel="tag">#<span>episode</span></a> <a href="https://c.im/tags/source" class="mention hashtag" rel="tag">#<span>source</span></a> <a href="https://c.im/tags/security" class="mention hashtag" rel="tag">#<span>security</span></a> <a href="https://c.im/tags/alyssa" class="mention hashtag" rel="tag">#<span>alyssa</span></a> <a href="https://c.im/tags/miller" class="mention hashtag" rel="tag">#<span>miller</span></a> <a href="https://c.im/tags/snyk" class="mention hashtag" rel="tag">#<span>snyk</span></a><br />Josh and Kurt talk to Alyssa Miller from Snyk about the State of Open Source Security 2020 report. Alyssa was the report author and has some great insight into the current trends we're seeing in open source security. Some of the challenges developers face. We discuss the difficulty static and composition analysis scanners face. It's a great conversation! Show Notes The State of Open Source Security 2020 Alyssa's Twitter</p>
podpod<p><a href="https://c.im/tags/podpodcast" class="mention hashtag" rel="tag">#<span>podpodcast</span></a> <a href="https://c.im/tags/openSourceSecurity" class="mention hashtag" rel="tag">#<span>openSourceSecurity</span></a><br />Episode 252 - Is open source dangerous? Open source won, who cares, shut up!<br /><a href="https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_252_Is_open_source_dangerous_Open_source_won_who_cares_shut_up.mp3?dest-id=542864" target="_blank" rel="nofollow noopener noreferrer" translate="no"><span class="invisible">https://</span><span class="ellipsis">traffic.libsyn.com/secure/open</span><span class="invisible">sourcesecuritypodcast/Episode_252_Is_open_source_dangerous_Open_source_won_who_cares_shut_up.mp3?dest-id=542864</span></a><br /><a href="https://c.im/tags/episode" class="mention hashtag" rel="tag">#<span>episode</span></a> <a href="https://c.im/tags/source" class="mention hashtag" rel="tag">#<span>source</span></a> <a href="https://c.im/tags/dangerous" class="mention hashtag" rel="tag">#<span>dangerous</span></a> <a href="https://c.im/tags/source" class="mention hashtag" rel="tag">#<span>source</span></a> <a href="https://c.im/tags/cares" class="mention hashtag" rel="tag">#<span>cares</span></a> <a href="https://c.im/tags/shut" class="mention hashtag" rel="tag">#<span>shut</span></a><br />Josh and Kurt talk about a report on open source security from the Canadian Centre for Cyber Security. The title pretty much sums it up. Show Notes Security Considerations for Open Source Build an 8 bit computer from scratch</p>
podpod<p><a href="https://c.im/tags/podpodcast" class="mention hashtag" rel="tag">#<span>podpodcast</span></a> <a href="https://c.im/tags/openSourceSecurity" class="mention hashtag" rel="tag">#<span>openSourceSecurity</span></a><br />Episode 259 - What even is open source anymore?<br /><a href="https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_259_What_even_is_open_source_anymore.mp3?dest-id=542864" target="_blank" rel="nofollow noopener noreferrer" translate="no"><span class="invisible">https://</span><span class="ellipsis">traffic.libsyn.com/secure/open</span><span class="invisible">sourcesecuritypodcast/Episode_259_What_even_is_open_source_anymore.mp3?dest-id=542864</span></a><br /><a href="https://c.im/tags/episode" class="mention hashtag" rel="tag">#<span>episode</span></a> <a href="https://c.im/tags/source" class="mention hashtag" rel="tag">#<span>source</span></a><br />Josh and Kurt talk about the question "what is open source?" Why do we think it's broken today, and what sort of ideas about what should come next. Show Notes OSI Bruce Perens Post Open Source Josh's community blog post Corey Doctorow Uber Twitter thread</p>
podpod<p><a href="https://c.im/tags/podpodcast" class="mention hashtag" rel="tag">#<span>podpodcast</span></a> <a href="https://c.im/tags/openSourceSecurity" class="mention hashtag" rel="tag">#<span>openSourceSecurity</span></a><br />Episode 265 - The lies closed source can tell, open source can't<br /><a href="https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_265_The_lies_closed_source_can_tell_open_source_cant.mp3?dest-id=542864" target="_blank" rel="nofollow noopener noreferrer" translate="no"><span class="invisible">https://</span><span class="ellipsis">traffic.libsyn.com/secure/open</span><span class="invisible">sourcesecuritypodcast/Episode_265_The_lies_closed_source_can_tell_open_source_cant.mp3?dest-id=542864</span></a><br /><a href="https://c.im/tags/episode" class="mention hashtag" rel="tag">#<span>episode</span></a> <a href="https://c.im/tags/lies" class="mention hashtag" rel="tag">#<span>lies</span></a> <a href="https://c.im/tags/closed" class="mention hashtag" rel="tag">#<span>closed</span></a> <a href="https://c.im/tags/source" class="mention hashtag" rel="tag">#<span>source</span></a> <a href="https://c.im/tags/source" class="mention hashtag" rel="tag">#<span>source</span></a><br />Josh and Kurt talk about the PHP backdoor and the Ubiquity whistleblower. The key takeaway is to note how an open source project cannot cover up an incident, but closed source can and will cover up damaging information. Show Notes PHP backdoor Ubiquity coverup 3D printed TSA keys LockPickingLaywer Determining Key Shape from Sound Lock camera</p>
podpod<p><a href="https://c.im/tags/podpodcast" class="mention hashtag" rel="tag">#<span>podpodcast</span></a> <a href="https://c.im/tags/openSourceSecurity" class="mention hashtag" rel="tag">#<span>openSourceSecurity</span></a><br />Episode 279 - The audacity of Audacity: When open source goes rogue<br /><a href="https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_279_The_audacity_of_Audacity_When_open_source_goes_rogue.mp3?dest-id=542864" target="_blank" rel="nofollow noopener noreferrer" translate="no"><span class="invisible">https://</span><span class="ellipsis">traffic.libsyn.com/secure/open</span><span class="invisible">sourcesecuritypodcast/Episode_279_The_audacity_of_Audacity_When_open_source_goes_rogue.mp3?dest-id=542864</span></a><br /><a href="https://c.im/tags/episode" class="mention hashtag" rel="tag">#<span>episode</span></a> <a href="https://c.im/tags/audacity" class="mention hashtag" rel="tag">#<span>audacity</span></a> <a href="https://c.im/tags/audacity" class="mention hashtag" rel="tag">#<span>audacity</span></a> <a href="https://c.im/tags/source" class="mention hashtag" rel="tag">#<span>source</span></a> <a href="https://c.im/tags/rogue" class="mention hashtag" rel="tag">#<span>rogue</span></a><br />Josh and Kurt talk about the events happening to the Audacity audio editor. What happens if a popular open source application is acquired by an unknown entity? Can this happen to other open source projects? What can we do about it? Show Notes SGDQ Paper Mario Paper Mario Arbitrary Code Execution explained Freenode Audacity acquired by Muse Group Audacity fork</p>
podpod<p><a href="https://c.im/tags/podpodcast" class="mention hashtag" rel="tag">#<span>podpodcast</span></a> <a href="https://c.im/tags/openSourceSecurity" class="mention hashtag" rel="tag">#<span>openSourceSecurity</span></a><br />Episode 285 - Open source owes you nothing!<br /><a href="https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_285_Open_source_owes_you_nothing.mp3?dest-id=542864" target="_blank" rel="nofollow noopener noreferrer" translate="no"><span class="invisible">https://</span><span class="ellipsis">traffic.libsyn.com/secure/open</span><span class="invisible">sourcesecuritypodcast/Episode_285_Open_source_owes_you_nothing.mp3?dest-id=542864</span></a><br /><a href="https://c.im/tags/episode" class="mention hashtag" rel="tag">#<span>episode</span></a> <a href="https://c.im/tags/source" class="mention hashtag" rel="tag">#<span>source</span></a> <a href="https://c.im/tags/owes" class="mention hashtag" rel="tag">#<span>owes</span></a><br />Josh and Kurt talk about open source bugs. What happens if a project decides to close most of their bugs? Nothing really. Bug trackers aren't a help desk. Show Notes Emacs closes 45% of bugs UVI Tesla investigation UK COVID spreadsheet</p>
podpod<p><a href="https://c.im/tags/podpodcast" class="mention hashtag" rel="tag">#<span>podpodcast</span></a> <a href="https://c.im/tags/openSourceSecurity" class="mention hashtag" rel="tag">#<span>openSourceSecurity</span></a><br />Episode 286 - Open source supply chain with Google's Dan Lorenc<br /><a href="https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_286_Open_source_supply_chain_with_Googles_Dan_Lorenc.mp3?dest-id=542864" target="_blank" rel="nofollow noopener noreferrer" translate="no"><span class="invisible">https://</span><span class="ellipsis">traffic.libsyn.com/secure/open</span><span class="invisible">sourcesecuritypodcast/Episode_286_Open_source_supply_chain_with_Googles_Dan_Lorenc.mp3?dest-id=542864</span></a><br /><a href="https://c.im/tags/episode" class="mention hashtag" rel="tag">#<span>episode</span></a> <a href="https://c.im/tags/source" class="mention hashtag" rel="tag">#<span>source</span></a> <a href="https://c.im/tags/supply" class="mention hashtag" rel="tag">#<span>supply</span></a> <a href="https://c.im/tags/chain" class="mention hashtag" rel="tag">#<span>chain</span></a> <a href="https://c.im/tags/googles" class="mention hashtag" rel="tag">#<span>googles</span></a> <a href="https://c.im/tags/dan" class="mention hashtag" rel="tag">#<span>dan</span></a> <a href="https://c.im/tags/lorenc" class="mention hashtag" rel="tag">#<span>lorenc</span></a><br />Josh and Kurt talk to Dan Lorenc from Google about supply chain security. What's currently going on in this space and what sort of new thing scan we look forward to? We discuss Google's open source use, Project Sigstore, the SLSA framework and more. Show Notes Dan's Twitter Sigstore SLSA Framework</p>
podpod<p><a href="https://c.im/tags/podpodcast" class="mention hashtag" rel="tag">#<span>podpodcast</span></a> <a href="https://c.im/tags/openSourceSecurity" class="mention hashtag" rel="tag">#<span>openSourceSecurity</span></a><br />Episode 295 - Open source security isn't free<br /><a href="https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_295_Open_source_security_isnt_free.mp3?dest-id=542864" target="_blank" rel="nofollow noopener noreferrer" translate="no"><span class="invisible">https://</span><span class="ellipsis">traffic.libsyn.com/secure/open</span><span class="invisible">sourcesecuritypodcast/Episode_295_Open_source_security_isnt_free.mp3?dest-id=542864</span></a><br /><a href="https://c.im/tags/episode" class="mention hashtag" rel="tag">#<span>episode</span></a> <a href="https://c.im/tags/source" class="mention hashtag" rel="tag">#<span>source</span></a> <a href="https://c.im/tags/security" class="mention hashtag" rel="tag">#<span>security</span></a><br />Josh and Kurt talk about Josh's electric car and new job. We then talk about the recent UAParser.js malware incident. There have been a lot of calls to do more to secure open source, but nobody seems to have any concrete proposals or suggestions to fund any of these activities. Show Notes UAParser.js CISA announcement</p>
podpod<p><a href="https://c.im/tags/podpodcast" class="mention hashtag" rel="tag">#<span>podpodcast</span></a> <a href="https://c.im/tags/openSourceSecurity" class="mention hashtag" rel="tag">#<span>openSourceSecurity</span></a><br />Episode 296 - Is Trojan Source a vulnerability?<br /><a href="https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_296_Is_Trojan_Source_a_vulnerability.mp3?dest-id=542864" target="_blank" rel="nofollow noopener noreferrer" translate="no"><span class="invisible">https://</span><span class="ellipsis">traffic.libsyn.com/secure/open</span><span class="invisible">sourcesecuritypodcast/Episode_296_Is_Trojan_Source_a_vulnerability.mp3?dest-id=542864</span></a><br /><a href="https://c.im/tags/episode" class="mention hashtag" rel="tag">#<span>episode</span></a> <a href="https://c.im/tags/trojan" class="mention hashtag" rel="tag">#<span>trojan</span></a> <a href="https://c.im/tags/source" class="mention hashtag" rel="tag">#<span>source</span></a> <a href="https://c.im/tags/vulnerability" class="mention hashtag" rel="tag">#<span>vulnerability</span></a><br />Josh and Kurt talk about the new Trojan Source bug. We don't always agree on if this is a vulnerability (it's not), but by the end we come to an agreement that ASCII is out, Unicode is in. We don't live in a world where you can make a realistic suggestion to return to using only ASCII. There are a lot of weird moving parts with this one. Show Notes Trojan Source oss-security message GitHub example</p>
podpod<p><a href="https://c.im/tags/podpodcast" class="mention hashtag" rel="tag">#<span>podpodcast</span></a> <a href="https://c.im/tags/openSourceSecurity" class="mention hashtag" rel="tag">#<span>openSourceSecurity</span></a><br />Episode 306 - Open source isn't broken, it's an experience<br /><a href="https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_306_Open_source_isnt_broken_its_an_experience.mp3?dest-id=542864" target="_blank" rel="nofollow noopener noreferrer" translate="no"><span class="invisible">https://</span><span class="ellipsis">traffic.libsyn.com/secure/open</span><span class="invisible">sourcesecuritypodcast/Episode_306_Open_source_isnt_broken_its_an_experience.mp3?dest-id=542864</span></a><br /><a href="https://c.im/tags/episode" class="mention hashtag" rel="tag">#<span>episode</span></a> <a href="https://c.im/tags/source" class="mention hashtag" rel="tag">#<span>source</span></a> <a href="https://c.im/tags/broken" class="mention hashtag" rel="tag">#<span>broken</span></a> <a href="https://c.im/tags/experience" class="mention hashtag" rel="tag">#<span>experience</span></a><br />Josh and Kurt talk about the faker and colors NPM events. There is a lot of discussion around open source being broken or somehow failing because of these events. The real answer is open source is an experience. How we interact with our dependencies determines what the experience looks like. Show Notes Developer corrupts colors and faker Will Wright Pee Internet Anonymity</p>
podpod<p><a href="https://c.im/tags/podpodcast" class="mention hashtag" rel="tag">#<span>podpodcast</span></a> <a href="https://c.im/tags/openSourceSecurity" class="mention hashtag" rel="tag">#<span>openSourceSecurity</span></a><br />Episode 308 - Welcome to the jungle - How to talk about open source security<br /><a href="https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_308_Welcome_to_the_jungle_How_to_talk_about_open_source_security.mp3?dest-id=542864" target="_blank" rel="nofollow noopener noreferrer" translate="no"><span class="invisible">https://</span><span class="ellipsis">traffic.libsyn.com/secure/open</span><span class="invisible">sourcesecuritypodcast/Episode_308_Welcome_to_the_jungle_How_to_talk_about_open_source_security.mp3?dest-id=542864</span></a><br /><a href="https://c.im/tags/episode" class="mention hashtag" rel="tag">#<span>episode</span></a> <a href="https://c.im/tags/jungle" class="mention hashtag" rel="tag">#<span>jungle</span></a> <a href="https://c.im/tags/talk" class="mention hashtag" rel="tag">#<span>talk</span></a> <a href="https://c.im/tags/source" class="mention hashtag" rel="tag">#<span>source</span></a> <a href="https://c.im/tags/security" class="mention hashtag" rel="tag">#<span>security</span></a><br />Josh and Kurt talk about how to get attention for security problems. Recent research around Twitter credentials checked into GitHub showed us how to get a lot of attention when compared to a problem like Log4Shell which took years before anyone really picked up on the problem. It's hard to talk about security sometimes. Show Notes Josh's computer vision code Twitter secrets Qualys pwnkit</p>
podpod<p><a href="https://c.im/tags/podpodcast" class="mention hashtag" rel="tag">#<span>podpodcast</span></a> <a href="https://c.im/tags/openSourceSecurity" class="mention hashtag" rel="tag">#<span>openSourceSecurity</span></a><br />Episode 309 - The bright future of open source security<br /><a href="https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_309_The_bright_future_of_open_source_security.mp3?dest-id=542864" target="_blank" rel="nofollow noopener noreferrer" translate="no"><span class="invisible">https://</span><span class="ellipsis">traffic.libsyn.com/secure/open</span><span class="invisible">sourcesecuritypodcast/Episode_309_The_bright_future_of_open_source_security.mp3?dest-id=542864</span></a><br /><a href="https://c.im/tags/episode" class="mention hashtag" rel="tag">#<span>episode</span></a> <a href="https://c.im/tags/bright" class="mention hashtag" rel="tag">#<span>bright</span></a> <a href="https://c.im/tags/future" class="mention hashtag" rel="tag">#<span>future</span></a> <a href="https://c.im/tags/source" class="mention hashtag" rel="tag">#<span>source</span></a> <a href="https://c.im/tags/security" class="mention hashtag" rel="tag">#<span>security</span></a><br />Josh and Kurt talk about NPM requiring 2FA for the top 100 packages. We discuss the new Alpha and Omega projects from the OpenSSF and what it could mean for the future of open source security. Then we end on a note about the new Samba critical vulnerability. Show Notes NPM requires 2FA OpenSSF Alpha and Omega David A. Wheeler episode Linux Foundation LFX Samba Advisory</p>
podpod<p><a href="https://c.im/tags/podpodcast" class="mention hashtag" rel="tag">#<span>podpodcast</span></a> <a href="https://c.im/tags/openSourceSecurity" class="mention hashtag" rel="tag">#<span>openSourceSecurity</span></a><br />Episode 316 - You have to use open source<br /><a href="https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_316_You_have_to_use_open_source.mp3?dest-id=542864" target="_blank" rel="nofollow noopener noreferrer" translate="no"><span class="invisible">https://</span><span class="ellipsis">traffic.libsyn.com/secure/open</span><span class="invisible">sourcesecuritypodcast/Episode_316_You_have_to_use_open_source.mp3?dest-id=542864</span></a><br /><a href="https://c.im/tags/episode" class="mention hashtag" rel="tag">#<span>episode</span></a> <a href="https://c.im/tags/source" class="mention hashtag" rel="tag">#<span>source</span></a><br /> Josh and Kurt talk about the latest NPM backdoored package. It feels like this keeps happening. We talk about why this is and why it's probably OK. Kurt fixes Linus' Law, in open source the superpower isn't bugs are shallow (they're not), the superpower is security bugs in open source can't be ignored. Show Notes node-ipc protestware</p>
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload