Edit History
Optional description
What to report
Reason
Report

JSJ 357: Event-Stream & Package Vulnerabilities with Richard Feldman and Hillel Wayne 2019 Podcast Ep.

JSJ 357: Event-Stream & Package Vulnerabilities with Richard Feldman and Hillel Wayne JSJ 357: Event-Stream & Package Vulnerabilities with Richard Feldman and Hillel Wayne
00
Affinity
0%
0.5
0%
1
0%
1.5
0%
2
0%
2.5
0%
3
0%
3.5
0%
4
0%
4.5
0%
5
0%
Recent Ratings
First Ratings
Top Lists
Not added to a list yet. :(
My Tags
No tags added.
My Lists
Not added to a list.
Choose a list
New list name
New list description
Item description
My Catalog
Length
1h 10m
Country
United States
Release Dates
2019-03-26
Description
Sponsors Triplebyte Sentry use the code "devchat" for $100 credit Clubhouse CacheFly Panel Aaron Frost AJ O'Neal Chris Ferdinandi Joe Eames Aimee Knight Charles Max Wood Joined by special guests: Hillel Wayne and Richard Feldman Episode Summary In this episode of JavaScript Jabber, Hillel Wayne kicks off the podcast by giving a short background about his work, explains the concepts of formal methods and the popular npm package - event-stream, in brief. The panelists then dive into the recent event-stream attack and discuss it at length, focusing on different package managers and their vulnerabilities, as well as the security issues associated with them. They debate on whether paying open source developers for their work, thereby leading to an increase in contribution, would eventually help in improving security or not. They finally talk about what can be done to fix certain dependencies and susceptibilities to prevent further attacks and if there are any solutions that can make things both convenient and secure for users. Links STAMP model in accident investigation Hillel's Twitter Hillel's website Richard's Twitter Stamping on Event-Stream Picks Joe Eames: Stuffed Fables Aimee Knight: SRE book - Google Lululemon leggings DVSR - Band Aaron Frost: JSConf US Chris Ferdinandi: Paws New England Vanilla JS Guides Charles Max Wood: Sony Noise Cancelling Headphones KSL Classifieds Upwork Richard Feldman: Elm in Action Sentinels of the Multiverse Hillel Wayne: Elm in the Spring Practical TLA+ Nina Chicago - Knitting Tomb Trader
Podcast
provider
host
No host added (Edit page)
Other Roles
No other roles added (Edit page)

Reviews

All Reviews
No reviews yet. :(

Comments

No comments yet. :(
Reason for report
Description