Eric Geller

@ericgeller ↗

Deleted No

Hibernated Yes

Last Checked Nov. 18, 2022

Created

Thu May 12 13:55:38 +0000 2022

Likes

Retweets

Source

TweetDeck

View Raw Data

JSON Data

View on Twitter

Likely Available

Eric Geller @ericgeller

Other ideas: * Info sharing to identify dependencies & most critical projects * Promoting use of digital signatures to prevent code tampering like w/ SolarWinds * Independent audits of up to 200 most critical OSS components * Adding security tools to software build systems — PolitiTweet.org

Posted May 12, 2022 Hibernated

Preceded By

Eric Geller @ericgeller

Another proposal is to promote and assist with the conversion of OSS projects from programming languages like C++ to memory-safe languages like Rust. Memory safety issues account for huge %s of flaws that Microsoft and Google find. https://t.co/dQMuBc3POB https://t.co/mYsE7j4vwY — PolitiTweet.org

Posted May 12, 2022 Hibernated

Followed By

Eric Geller @ericgeller

OpenSSF estimates that its plan will cost ~$68 million in the first year and ~$80 million per year after that. But these costs largely cover hiring staff, so if big companies are willing to loan employees to the effort, the actual cost could be less. https://t.co/66tMvhB6sr — PolitiTweet.org

Posted May 12, 2022 Hibernated