Notices

1. Ludovic Courtès (civodul@toot.aquilenet.fr)'s status on Monday, 06-Sep-2021 11:10:29 CEST Ludovic Courtès

   Interesting how the US govt Executive Order on “cybersecurity” (May 2021) is clear and precise when it comes to software supply chain security: “using administratively separate build environments”, “employing automated tools […] to maintain trusted source code supply chains”, etc. (Rings a bell?)

   https://www.whitehouse.gov/briefing-room/presidential-actions/2021/05/12/executive-order-on-improving-the-nations-cybersecurity/

   #infosec

   • arnebab@rollenspiel.social's status on Monday, 06-Sep-2021 11:10:28 CEST ArneBab

     in reply to

     • Danny O'B

     @mala @civodul If they want to spend that the most efficient way, they should donate much of it to #nlnet. Those folks know what they are doing and have a proven track record of improving the status quo.

   • Danny O'B (mala@mastodon.social)'s status on Monday, 06-Sep-2021 11:10:28 CEST Danny O'B

     in reply to

     • ArneBab

     @ArneBab @civodul i would love to see what #nlnet would do with $10 billion

   • Be (be@fosstodon.org)'s status on Monday, 06-Sep-2021 11:10:28 CEST Be

     in reply to

     • Danny O'B
     • ArneBab

     @mala @ArneBab @civodul Hire a bunch of people to work on bootstrapping Guix? That would be great.

   • Danny O'B (mala@mastodon.social)'s status on Monday, 06-Sep-2021 11:10:29 CEST Danny O'B

     in reply to

     @civodul i think it’s worth looking at how Google responded to that order (with an apparent commitment of $10B): less because I think their approach is better or even valid, but because that position is what we will be swimming in for the next few years https://blog.google/technology/safety-security/why-were-committing-10-billion-to-advance-cybersecurity/