

Feross Aboukhadijeh - Socket
Jan 16, 2024
Open source legend Feross Aboukhadijeh discusses his journey into open source, challenges of open source funding, and his company Socket. Socket aims to level up OSS security and can detect complex vulnerabilities using static and dynamic analysis. They delve into the world of open source security, including device identifiers, managing open source packages, controversial funding experiments, the risks of relying on code maintainers, and the importance of considering the software supply chain.
Chapters
Transcript
Episode notes
1 2 3 4 5 6 7 8
Introduction
00:00 • 6min
Device Identifiers and Managing Open Source Packages
05:36 • 12min
Value Capture in Open Source and Controversial Funding Experiment
17:23 • 5min
Backlash and Changes
22:49 • 6min
Teaching Web Security and Building a Tool for Developers
29:04 • 5min
The Risks of Relying on Code and Package Maintainers
34:10 • 28min
Future Plans and Enhancements for Sockett
01:01:46 • 2min
The Future of Open Source and Security
01:03:51 • 4min