Sign up to save your podcasts
Or
Share Tech Debt Burndown Podcast Series 2 E4: Gene Spafford
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Tech Debt Burndown Podcast Series 2 E4: Gene Spafford
Recording date: Apr 17, 2023
Download at Apple Podcasts, Google Podcasts, Spotify, iHeartRadio, Spreaker or wherever you get your podcasts.
“They’re statistical models based on language corpuses and the output of these things can be shown in some cases to be stunningly incorrect.” - Gene Spafford
Gene opens with a comment about the “tendency of the industry to jump on hot trends”, and that sets the scene for much of the discussion, which goes on to touch blockchain, and of course ‘AI’.
We touch upon topics where Gene and his co-authors go into more detail in Cybersecurity Myths and Misconceptions such as where liability should be placed to better incetivise the creation of spftware that’s safe, secure and reliable. Though Gene acknowledges that we don’t (yet) even have good metrics for those terms. That leads into some discussion on whether organisations like the Open Source Security Foundation (OpenSSF) can fill some of the gaps.
Before closing we get to some discussion of the European Union Cyber Resiliance Act (CRA) and some of the consequences that might have for open source software.
View all episodes
By Nick Selby and Chris SwanRecording date: Apr 17, 2023
Download at Apple Podcasts, Google Podcasts, Spotify, iHeartRadio, Spreaker or wherever you get your podcasts.
“They’re statistical models based on language corpuses and the output of these things can be shown in some cases to be stunningly incorrect.” - Gene Spafford
Gene opens with a comment about the “tendency of the industry to jump on hot trends”, and that sets the scene for much of the discussion, which goes on to touch blockchain, and of course ‘AI’.
We touch upon topics where Gene and his co-authors go into more detail in Cybersecurity Myths and Misconceptions such as where liability should be placed to better incetivise the creation of spftware that’s safe, secure and reliable. Though Gene acknowledges that we don’t (yet) even have good metrics for those terms. That leads into some discussion on whether organisations like the Open Source Security Foundation (OpenSSF) can fill some of the gaps.
Before closing we get to some discussion of the European Union Cyber Resiliance Act (CRA) and some of the consequences that might have for open source software.