Mastodon Feed
Reblogged by kornel ("Kornel"):
tommorris ("Tom Morris") wrote:
How to solve software supply chain concerns (management edition)
- require everyone fill in a form explaining why Python devs have Python on their laptops
- have OSS contributors send passport scans, use wallet names, and fill in tiresome CLAs
- corporate spyware on everything because MDM and AV wouldn’t be an attack vector
- if it is in a docker container it can’t ever harm us
- pay cloud supplier to tell us vulns don’t exist
- bring back password rotation policies
- another e-learning course