No more vibecoding. The CRA (Cyber Resilience Act) is coming and you'd better be prepared. @pitrh has written a very good article about it, recommended read.

The EU is doubling down hard on the nonsense we've had to tolerate way too long

#EU #CRA #CyberResilienceAct #Protection #Framework

No more vibecoding. The CRA (Cyber Resilience Act) is coming and you'd better be prepared. @pitrh has written a very good article about it, recommended read.

The EU is doubling down hard on the nonsense we've had to tolerate way too long

#EU #CRA #CyberResilienceAct #Protection #Framework

EU CRA: It's Later Than You Think, Time to Engineer Up! https://nxdomain.no/~peter/eu_cra_its_later_than_you_think_time_to_engineer_up.html (or tracked https://bsdly.blogspot.com/2025/09/eu-cra-its-later-than-you-think-time-to.html) for your weekend #sbom #development #software #engineering reading #cra #resilience

🔔 Software Freedom in Europe 2025! 🚀🎉

This year we remained engaged in enforcing the #DMA, intervening in the Apple vs EC legal case; we participated in the debates around the #CRA and public procurement to ensure that #FreeSoftware is embedded in Europe’s digital future.
We continued providing legal support and improved REUSE, while involving teenagers with YH4F, and we reached new audiences with the new Ada & Zangemann movies.

Find out more in our yearly report: https://fsfe.org/news/2025/news-20250926-01.en.html

📣 Attac Paris Nord-Ouest fait son cinéma !

🎥 Le festival Images Mouvementées revient pour une 23è édition du 2 octobre au 16 octobre 2025, les mardis et jeudis au cinéma 5 Caumartin, 101 rue Saint-Lazare, 75009 Paris.

Un fil sur la programmation 🧵👇

Le boost renforce les luttes!

Retrouvez-nous sur les internets mondiaux :
👉 https://www.instagram.com/festival_images_mouvementees/
👉 https://pno.site.attac.org/
👉 https://www.imagesmouvementees.fr/
👉 https://t.me/attacPNO

#Cinéma #Attac #AttacParisNordOuest #ImagesMouvementées #Ciné5Caumartin #Paris #ServicesPublics #Avortement #CRA #Ecologie #Immigration #Xenophobie

EU CRA: It's Later Than You Think, Time to Engineer Up! https://nxdomain.no/~peter/eu_cra_its_later_than_you_think_time_to_engineer_up.html (or tracked https://bsdly.blogspot.com/2025/09/eu-cra-its-later-than-you-think-time-to.html) for your weekend #sbom #development #software #engineering reading #cra #resilience

🔔 Software Freedom in Europe 2025! 🚀🎉

This year we remained engaged in enforcing the #DMA, intervening in the Apple vs EC legal case; we participated in the debates around the #CRA and public procurement to ensure that #FreeSoftware is embedded in Europe’s digital future.
We continued providing legal support and improved REUSE, while involving teenagers with YH4F, and we reached new audiences with the new Ada & Zangemann movies.

Find out more in our yearly report: https://fsfe.org/news/2025/news-20250926-01.en.html

📣 Attac Paris Nord-Ouest fait son cinéma !

🎥 Le festival Images Mouvementées revient pour une 23è édition du 2 octobre au 16 octobre 2025, les mardis et jeudis au cinéma 5 Caumartin, 101 rue Saint-Lazare, 75009 Paris.

Un fil sur la programmation 🧵👇

Le boost renforce les luttes!

Retrouvez-nous sur les internets mondiaux :
👉 https://www.instagram.com/festival_images_mouvementees/
👉 https://pno.site.attac.org/
👉 https://www.imagesmouvementees.fr/
👉 https://t.me/attacPNO

#Cinéma #Attac #AttacParisNordOuest #ImagesMouvementées #Ciné5Caumartin #Paris #ServicesPublics #Avortement #CRA #Ecologie #Immigration #Xenophobie

Do you understand security for VPNs used by regular people for privacy purposes? We could use your perspective to help write the CRA standard for VPNs.

If €450/day would make it possible for you to participate in this or any other CRA standardization work, the call for funding applications is open until September 19:

https://cyberstand.eu/8th-specific-service-procedure

Work funded by EFTA and EC #CRA

Do you understand security for VPNs used by regular people for privacy purposes? We could use your perspective to help write the CRA standard for VPNs.

If €450/day would make it possible for you to participate in this or any other CRA standardization work, the call for funding applications is open until September 19:

https://cyberstand.eu/8th-specific-service-procedure

Work funded by EFTA and EC #CRA

Canadian government says individuals’ email addresses and phone numbers associated with CRA, ESDC and CBSA accounts were accessed in a cyberattack.

https://toronto.citynews.ca/2025/09/09/federal-government-says-emails-phone-numbers-accessed-in-cyberattack/
- - -
Le gouvernement canadien dit que les adresses courriel et les numéros de téléphone associés aux comptes de l'ARC, d’EDSC et de l’ASFC ont été consultés lors d'une cyberattaque.

https://www.lapresse.ca/actualites/2025-09-09/cyberattaque/fuite-de-donnees-personnelles-liees-a-des-sites-gouvernementaux.php

#Canada#InfoSec#InformationSecurity#Cybersécurité#CRA#ARC#CBSA#ASFC#ESDC#EDSC

Canadian government says individuals’ email addresses and phone numbers associated with CRA, ESDC and CBSA accounts were accessed in a cyberattack.

https://toronto.citynews.ca/2025/09/09/federal-government-says-emails-phone-numbers-accessed-in-cyberattack/
- - -
Le gouvernement canadien dit que les adresses courriel et les numéros de téléphone associés aux comptes de l'ARC, d’EDSC et de l’ASFC ont été consultés lors d'une cyberattaque.

https://www.lapresse.ca/actualites/2025-09-09/cyberattaque/fuite-de-donnees-personnelles-liees-a-des-sites-gouvernementaux.php

#Canada#InfoSec#InformationSecurity#Cybersécurité#CRA#ARC#CBSA#ASFC#ESDC#EDSC

#CRA #CyberResilienceAct#REDDA

#CRA #CyberResilienceAct#REDDA

If you are a #FreeSoftware manufacturer, project, or a potential steward under the Cyber Resilience Act #CRA , please contribute by filling out those surveys (best already by end of July):

Potential Free Software stewards (EN)
https://dialog-cybersicherheit.limesurvey.net/146965?lang=en

Free Software projects (EN)
https://dialog-cybersicherheit.limesurvey.net/241948?lang=en

Manufacturer (EN)
https://dialog-cybersicherheit.limesurvey.net/582853?lang=en

I'm curious: you characterize the EU #CRA as requiring #SBOM's *specifically*. I know the License Compliance Industrial Complex wants it to be true, but I researched this issue for my #FOSDEM 2025 talk…
https://fosdem.org/2025/schedule/event/fosdem-2025-6155-is-there-really-an-sbom-mandate-/
… & IIUC CRA *doesn't* specify SBOMs specifically.
IMO, if the vendor gives the customer complete, Corresponding Source & a 100% @reproducible_builds they've complied with CRA. No one has shown me anything that disproves that.

Cybersecurity Risk Assessment Request

https://daniel.haxx.se/blog/2025/07/11/cybersecurity-risk-assessment-request/

#curl#CRA

I'm curious: you characterize the EU #CRA as requiring #SBOM's *specifically*. I know the License Compliance Industrial Complex wants it to be true, but I researched this issue for my #FOSDEM 2025 talk…
https://fosdem.org/2025/schedule/event/fosdem-2025-6155-is-there-really-an-sbom-mandate-/
… & IIUC CRA *doesn't* specify SBOMs specifically.
IMO, if the vendor gives the customer complete, Corresponding Source & a 100% @reproducible_builds they've complied with CRA. No one has shown me anything that disproves that.