DevSecOps
US DoJ Makes PyPI Give Up User Data ¦ Tape Storage: Not Dead
Richi Jennings | | backup, backup and recovery, backups, Canary, data backup, databackup, database backup, HPE, ibm, LTO, PyPi, Python, Python Software Foundation, Quantum Corporation, Ransomware, storage, tape, The Long ViewIn this week’s #TheLongView: PyPI complies with a “string of subpoenas,” and LTO continues to grow, despite predictions of its demise ...
FIDO/WebAuthn Passkeys is Inevitable: Get on the Train ¦ IBM CEO Hates WFH
Richi Jennings | | 2FA, Arvind Krishna, authentication, devsecops, FIDO, google, Hybrid Work environment, ibm, managing remote workers, MFA, multi-factor authentication, multifactor authentication, Passkeys, Remote work, The Long View, two factor, WebAuthn, WFH, work from home, working from homeIn this week’s #TheLongView: The Passkeys authentication standard gets a huge boost, and Arvind Krishna wants workers back in the office ...
Linux 6.3: What’s New ¦ AWS Layoffs are a Worry
Richi Jennings | | Amazon, Amazon Web Services, AWS, careers, DevOps careers, layoffs, linux, Linux 6.3, tech layoffs, The Long ViewIn this week’s #TheLongView: A new Linux kernel drops and layoffs at Amazon Web Services point to trouble ...
Android Apps Must Let Users Delete Data ¦ RISC-V in the Data Center
Richi Jennings | | Android, ARM, data center, data privacy, devsecops, GDPR, Google Play Data safety section, Green data center, IaaS, privacy, RISC-V, The Long View, x86 platformIn this week’s #TheLongView: Google forces apps to make deleting users’ data easier, and the RISC-V drumbeat grows louder ...
npm is Scam-Spam Cesspool ¦ Google in Microsoft Antitrust Thrust
Richi Jennings | | Amit Zavery, azure, code repo, code repositories, code repository, GOOG, GOOGL, google, Google Cloud, IaaS, microsoft, Microsoft Azure, MSFT, NPM, npm registry, open source, public repository, Repos, repositories, repository, Repository Security, SEO, Software Supply Chain, software supply chain attacks, Software Supply Chain Security, Software Supply Chains, softwaresupplychain, source code repository, spam, supply chain, supply chain attacks, supply chain security, The Long ViewIn this week’s #TheLongView: The npm registry suffers spam infestation, and Microsoft makes Google sad ...
Dev of core-js Will Flip Table ¦ Another 451 PyPI Maldeps
Richi Jennings | | core-js, Denis Pushkarev, JavaScript, open source, PyPi, Russia, Software Supply Chain, Software Supply Chain Security, softwaresupplychain, supply chain attacks, supply chain security, The Long ViewIn this week’s #TheLongView: Denis Pushkarev is fed up with core-js freeloaders, and hundreds more malicious packages found at PyPI ...
OpenAI Hires 1,000 Low Wage Coders to Retrain Copilot ¦ Netflix Blocks Password Sharing
Richi Jennings | | ChatGPT, Codex, github, GitHub Copilot, gitops, microsoft, Netflix, open source, OpenAI, password policies, The Long ViewIn this week’s #TheLongView: ChatGPT darling OpenAI wants people to write code in English, and the unintended consequences of blocking shared accounts ...
Putting the Security Into DevSecOps
The non-Newtonian fluid that’s composed of cornstarch and water has been around a long time, but Dr. Seuss’ 1949 book was the impetus for what it’s often called today – Oobleck, from ...
The 6 Pillars of DevSecOps: Pillar One-Collective Responsibility
With the increased interest in DevSecOps, the Cloud Security Alliance (CSA) and Software Assurance Forum for Excellence in Code (SAFECode) brought together a DevSecOps Working Group to identify and share best practices ...
WhiteSource Offers Free Spring4Shell Vulnerability Tool
WhiteSource has launched a free command-line interface (CLI) tool that detects vulnerable open source Spring4Shell vulnerabilities (CVE-2022-22965) that are impacting Java applications built using the Spring development framework. Susan St. Clair, director ...
What to Expect When Transitioning to DevSecOps
How do you ensure your DevOps pipeline is secure? Does DevSecOps protect you against serious breaches or is it just a way to allay the concerns of stakeholders about security in DevOps? ...
Akamai: Buying Linode | Firefox: Not OK | Gone: Google Vaccine Mandate
Richi Jennings | | Akamai, careers, COVID-19, Failure is the foundation of success—and the means by which it is achieved, Firefox, Gecko, Great Resignation, Linode, Mozilla, remote workers, The Long View, WFH, work from homeIn this week’s The Long View: Linode bought by Akamai, Firefox market share “measly,” and Google brings staff back to the office ...
