Linux and FOSS Supply Chain Issues – Hal Pomeranz – PSW #772
Linux systems are a collection of free and Open Source software-- some packaged by your distro, some built from source. How do you verify that your upstream isn't polluted by bad actors?
Segment Resources: https://github.com/evilsocket/opensnitch https://securityonionsolutions.com/software/ https://deer-run.com/users/hal/ https://archive.org/details/HalLinuxForensics
Announcements
Security Weekly listeners save $100 on their RSA Conference 2023 Full Conference Pass! RSA Conference will take place April 24-27 in San Francisco and on demand. To register using our discount code, please visit https://securityweekly.com/rsac2023 and use the code 53UCYBER! We hope to see you there!
Guest
A dynamic and experienced technology authority, Hal Pomeranz is the Founder and Technical Lead of Deer Run Associates, a consulting company focusing on Computer Forensic Investigations and Information Security. He has spent more than twenty years providing pragmatic Information Technology and Security solutions for some of the world’s largest commercial, government, and academic institutions. An expert in the investigation of Linux/Unix systems, Hal has provided Computer Forensic investigative support for several high-profile cases to both law enforcement and commercial clients.
Hosts
