Techlore Surveillance Report

Beware Of This Kind of Software - SR153

Oct 16, 2023
The podcast discusses the issues with unmaintained open source projects, a significant protocol vulnerability, data breaches affecting companies, the city of Oakland's plans to purchase more automated license plate readers, recent open source news like the Delete Act and Ubuntu 23.10 release, and the prevalence of backdoor firmware in Android devices.
Ask episode
AI Snips
Chapters
Transcript
Episode notes
INSIGHT

Most Open Source Projects Are Unmaintained

  • Only about 11% of ~1.2M open source projects are actively maintained, meaning most are stagnant.
  • Open source status alone does not guarantee security or timely vulnerability fixes.
ADVICE

Verify Project Activity Before Installing

  • Check a project's repository activity before installing and avoid projects dormant for two+ years.
  • Apply the same maintenance scrutiny to proprietary software before trusting it with sensitive data.
ADVICE

Rotate Cards After Payment Breaches

  • Watch for large vendor breaches and assume exposed customers must rotate credentials and cards.
  • Cancel or replace payment cards after breaches that include card numbers and CVVs.
Get the Snipd Podcast app to discover more snips from this episode
Get the app