Josh Bressers

This week on #OpenSourceSecurity I have a chat with [@algernon](

come-from.mad-scientist.club

git rerere, @algernon@come-from.mad-scientist.club

A tiny mouse, a hacker, a luddite, a malicious actor. Might be a little unhinged. "Little" is up for interpretation.Formerly (2017), former...

) about [@iocaine](

come-from.mad-scientist.club

iocaine powder, @iocaine@come-from.mad-scientist.club

Exploits of the deadliest poison known to AI.Tooting possibly interesting stats about @algernon's iocaine instance once a day or so.

) Iocaine creates a maze of garbage to trap scraping bots. I love this idea, it has amazing chaotic good energy! I learn all about how Iocaine works, and even got to see some dashboards showing off the size of the problem and how Iocaine handles it all.

Open Source Security

Iocaine poisons bots with Gergely Nagy

Josh talks to Gergely Nagy (algernon) about his tool Iocaine. Iocaine creates a maze to trap scraping bots in a world a fake pages they cannot esca...

This week on #OpenSourceSecurity I have a chat with @npub17mj5...0mhx about #Anubis, the tool that stops web AI scrapers The scale of web scraping is way worse than I expected, and blocking things is also a lot harder than I expected This is one of those conversations where I learned how little I know

Open Source Security

Anubis with Xe Iaso

Josh chats with Xe Iaso, the creator of Anubis the web AI firewall. We discuss how Anubis is tackling bots and scrapers. The discussion around the ...

#OpenSourceSecurity has a chat with @npub1klc0...sud3 about @npub1vv84...6fhk security Seth has a new whitepaper, there's a CFP open (which you should submit a paper to), and some discussion about the PSF grant situation It's always fun to chat with Seth, I learn a ton every time!

Open Source Security

Python Security with Seth Larson

In this episode Seth Larson gives us a cornucopia of topics relating to Python security. Seth discusses the Python Software Foundation’s decision...

I started using @Kagi HQ as my search engine The biggest surprise has been how jarring seeing a search page that isn't full of shit I didn't realize my brain has come to expect a page of garbage when I search for things, and it doesn't know what to do now

This week on #OpenSourceSecurity I talk to @npub1uy3s...kphj about his blog post about detecting an attack like xz in Debian It's a fascinating conversation about a very complicated topic There are things that could be detected, but this one would have been very very difficult

Open Source Security

Detecting XZ in Debian with Otto Kekäläinen

In this episode, Josh and Otto dive into the world of Debian packaging, exploring the challenges of supply chain security and the importance of tra...

New project idea Scream-o-pedia It's a clone of wikipedia, but filled with endless screaming

OK open source security nerds, I need your help I have a podcast youtube show thing called Open Source Security

Open Source Security

Open Source Security

I'm always looking for guests. Back when I changed formats in January I had a pretty large list of people sent to me as suggestions. I've made it through the list (it took me 10 months) If you know someone (or are someone) doing open source security work I would love a suggestion. DMs are open and there are other contact things on the website I especially like guests who are unsung heroes

The Register wrote a story about a single maintainer open source project, I think it's shameful and upsetting. So I wrote a blog post about it An absolutely ridiculous amount of open source is one person projects. I have the data to prove it

Open Source Security

Open Source is one person

The Register recently published a story titled Putin on the code: DoD reportedly relies on utility written by Russian dev. They should be ashamed o...

Is there a web browser that won’t try to shiv me in my sleep? #askingforafriend