Syndicate content terriko
terriko - Dreamwidth Studios
Updated: 2 hours 22 min ago

OSB 2015 - Bringing Security to Your Open Source Project (Video & Slides)

3 hours 9 min ago
This is crossposted from, my personal maker blog. If you want to link to this post, please use the original link since the formatting there is usually better.

I gave two talks at Open Source Bridge this year, and they’ve recently put the videos online. Here’s the more serious and informative of the two:

Bringing Security to Your Open Source Project

Abstract: With high profile breaches in open source projects, the issue of security has become one of great import to many people. But many projects, especially smaller ones, are intimidated by the idea of a security audit. This talk will discuss ways for smaller projects to experiment, learn, and even have fun improving their security. No PhDs in security required!

Video embedded below:

[ video Link] [youtube link]

I’m a bit sad that they cut out the introduction I got; it was pretty hilarious.

The motivation behind this talk is that when I tell people in open source communities that I do security for open source projects, I get a lot of interest but people always say they don’t know where to start and quite a lot of them buy into the idea that somehow just being open source makes you secure. That can be a big push towards security for some projects, but it’s not a panacea, so this talk is an intro to how to do a security hackathon and be welcoming to folk who want to help with your security.

[Bringing Security to Your Open Source Project (Slides)] The slides are in the video as well, but sometimes this is easier! If you look at the slides, you can also see a rough version of what I’d planned to say in the notes section.

One of these days I’ll transcribe the talk and set up a blog post with slides as images for folk who don’t aren’t into videos for whatever reason (I know I don’t watch very many myself unless I’m multitasking), but I thought I’d share the video first rather than wait. Hope you like it!

comment count unavailable comments
Categories: LinuxChix bloggers

A simple hat in progress

Mon, 2015-10-05 06:59
This is crossposted from, my personal maker blog. If you want to link to this post, please use the original link since the formatting there is usually better.

Most of my energies have gone into the house lately, but that doesn’t mean I haven’t been making things too, just that I haven’t had as much time for writing up of late. So here’s what’s currently on the needles while I start sorting through the backlog of photos and creations:

A simple hat in progress

This is from a little ball of Misti Alpaca that I picked up on the last day of my tatting class (more on that later!) as a treat. And it *is* a treat. I wish I could justify the cost and time of a sweater made out of this stuff — its light, soft, and seems pretty warm. Maybe someday.

The plan, half-executed, is to make a little tiny soft hat that can be stuffed in a jacket pocket. A thin tuque, I guess. Since it’s dark, it currently reminds me of what my sister and I called “crime hats” on Buffy (due to her penchant for putting on a tuque before doing anything vaguely criminal in a several episodes).

Pattern so far:

Yarn? Misti Tui from Misti Alpaca. Sport weight, chains of thin alpaca.

What’s the gauge? 6 st/inch on US 7 (4.5mm)

What’s my head circumference? Around 21 inches

Since I didn’t want much negative ease (i.e. stretch), that meant 21×6 = cast on 126 stitches

Brim ribbing: k3, p1, k1, p1 repeat 21 times

Repeat brim rows until you reach an inch or so then switch to stockinette

My plan is to continue the stockinette without decreases to make slight kitty ears. We’ll see how it works out!

comment count unavailable comments
Categories: LinuxChix bloggers

Current state of the house/me

Sun, 2015-10-04 18:40
Sorry about the crummy and poorly written update, but since people keep asking me:
  1. Hardwood floors are in and don't stink so much any more from the finishing (it was really bad for a week or so)
  2. Tile floors are started, but the decorative tile bit is apparently slow-going. No ETA.
  3. Still no baseboards, but they'll happen after the tile is done.
  4. I still want to do one more coat on the laundry room but ugh, so tired of it all.
  5. Still some touch-ups where we got wall paint on the ceiling but I need John for some of them so they'll keep 'till after he's back.
  6. I think we're probably hiring pros for the rest.  Definitely for the tall parts, but we've been so wiped out lately that I think paying pros is the right compromise.
  7. Unpacking has started, but it's slow because I can't carry that much on my own and we don't want to put up all the shelving until the baseboards are in.
  8. There's still a *lot* of cleanup needed from the construction and reno; there's drywall and sawdust everywhere and tape and paint buckets and ladders in random locations around the house.
I'm without support this week to deal with cleanup and minor unpacking.  Let's be honest, I was without very much support last week too because he had demos to prep, and the week before that because he was getting artemis ready, and there was the week where J's parents were visiting (which was a nice break!) and there was some travel before that too.  J's doing the best he can given his travel schedule but between his travel and mine we're looking at only a handful of days of overlap where we're both in the same city for all of October.

We got some living room furniture up while we were both here so I can sit and read in my big comfy chair, and that's nice.  And now when I clean things they don't immediately get covered in sawdust or drywall, which is an amazing luxury that has not been true for all of September and some of August. Hopefully we'll be able to find a new cleaning service, but there's not much point at the moment.

I did get my desktop up and running so I can play video games for some escapism.  Still haven't found most of the cables or my keyboard and mouse, so it's kind of cobbled together and has no sound, but we made do last night.

Did some digital cleanup today too.  Reviewed a couple of ebooks that I won't repost here because frankly, they were both in need of editing (The down side to getting free books off the internet in exchange for fair review, I guess), but you can read them at that link if deeply flawed larpers and psycho-magical crime-fighting lesbian vs lovecraftian horrors are your kind of thing.  You'll be disappointed, though; I was.  Answered some emails that had been sitting in my inbox; if you were expecting an answer from me on the subject of something or other, re-send because I'm pretty sure I answered anything that still needed answering but I might have been heavy-handed with the archive button.  Declined some job interview related requests.  Unsubscribed from a lot of mailing lists, probably should unsubscribe from more since I'm not really reading them.

I've got a bunch of of posts I need to write and queue up on my maker blog, but not sure if I'll get started on those tonight.  Want to hit up the farmer's market and I'm betting once I'm outside coming back in to sit at a computer for hours won't seem so appealing!

comment count unavailable comments
Categories: LinuxChix bloggers