
No more vibecoding. The CRA (Cyber Resilience Act) is coming and you'd better be prepared. @pitrh has written a very good article about it, recommended read.
The EU is doubling down hard on the nonsense we've had to tolerate way too long
#Tag
No more vibecoding. The CRA (Cyber Resilience Act) is coming and you'd better be prepared. @pitrh has written a very good article about it, recommended read.
The EU is doubling down hard on the nonsense we've had to tolerate way too long
No more vibecoding. The CRA (Cyber Resilience Act) is coming and you'd better be prepared. @pitrh has written a very good article about it, recommended read.
The EU is doubling down hard on the nonsense we've had to tolerate way too long
EU CRA: It's Later Than You Think, Time to Engineer Up! https://nxdomain.no/~peter/eu_cra_its_later_than_you_think_time_to_engineer_up.html (or tracked https://bsdly.blogspot.com/2025/09/eu-cra-its-later-than-you-think-time-to.html) for your weekend #sbom #development #software #engineering reading #cra #resilience
🔔 Software Freedom in Europe 2025! 🚀🎉
This year we remained engaged in enforcing the #DMA, intervening in the Apple vs EC legal case; we participated in the debates around the #CRA and public procurement to ensure that #FreeSoftware is embedded in Europe’s digital future.
We continued providing legal support and improved REUSE, while involving teenagers with YH4F, and we reached new audiences with the new Ada & Zangemann movies.
Find out more in our yearly report: https://fsfe.org/news/2025/news-20250926-01.en.html
📣 Attac Paris Nord-Ouest fait son cinéma !
🎥 Le festival Images Mouvementées revient pour une 23è édition du 2 octobre au 16 octobre 2025, les mardis et jeudis au cinéma 5 Caumartin, 101 rue Saint-Lazare, 75009 Paris.
Un fil sur la programmation 🧵👇
Le boost renforce les luttes!
Retrouvez-nous sur les internets mondiaux :
👉 https://www.instagram.com/festival_images_mouvementees/
👉 https://pno.site.attac.org/
👉 https://www.imagesmouvementees.fr/
👉 https://t.me/attacPNO
#Cinéma #Attac #AttacParisNordOuest #ImagesMouvementées #Ciné5Caumartin #Paris #ServicesPublics #Avortement #CRA #Ecologie #Immigration #Xenophobie
EU CRA: It's Later Than You Think, Time to Engineer Up! https://nxdomain.no/~peter/eu_cra_its_later_than_you_think_time_to_engineer_up.html (or tracked https://bsdly.blogspot.com/2025/09/eu-cra-its-later-than-you-think-time-to.html) for your weekend #sbom #development #software #engineering reading #cra #resilience
🔔 Software Freedom in Europe 2025! 🚀🎉
This year we remained engaged in enforcing the #DMA, intervening in the Apple vs EC legal case; we participated in the debates around the #CRA and public procurement to ensure that #FreeSoftware is embedded in Europe’s digital future.
We continued providing legal support and improved REUSE, while involving teenagers with YH4F, and we reached new audiences with the new Ada & Zangemann movies.
Find out more in our yearly report: https://fsfe.org/news/2025/news-20250926-01.en.html
📣 Attac Paris Nord-Ouest fait son cinéma !
🎥 Le festival Images Mouvementées revient pour une 23è édition du 2 octobre au 16 octobre 2025, les mardis et jeudis au cinéma 5 Caumartin, 101 rue Saint-Lazare, 75009 Paris.
Un fil sur la programmation 🧵👇
Le boost renforce les luttes!
Retrouvez-nous sur les internets mondiaux :
👉 https://www.instagram.com/festival_images_mouvementees/
👉 https://pno.site.attac.org/
👉 https://www.imagesmouvementees.fr/
👉 https://t.me/attacPNO
#Cinéma #Attac #AttacParisNordOuest #ImagesMouvementées #Ciné5Caumartin #Paris #ServicesPublics #Avortement #CRA #Ecologie #Immigration #Xenophobie
Do you understand security for VPNs used by regular people for privacy purposes? We could use your perspective to help write the CRA standard for VPNs.
If €450/day would make it possible for you to participate in this or any other CRA standardization work, the call for funding applications is open until September 19:
https://cyberstand.eu/8th-specific-service-procedure
Work funded by EFTA and EC #CRA
Do you understand security for VPNs used by regular people for privacy purposes? We could use your perspective to help write the CRA standard for VPNs.
If €450/day would make it possible for you to participate in this or any other CRA standardization work, the call for funding applications is open until September 19:
https://cyberstand.eu/8th-specific-service-procedure
Work funded by EFTA and EC #CRA
Canadian government says individuals’ email addresses and phone numbers associated with CRA, ESDC and CBSA accounts were accessed in a cyberattack.
https://toronto.citynews.ca/2025/09/09/federal-government-says-emails-phone-numbers-accessed-in-cyberattack/
- - -
Le gouvernement canadien dit que les adresses courriel et les numéros de téléphone associés aux comptes de l'ARC, d’EDSC et de l’ASFC ont été consultés lors d'une cyberattaque.
#Canada#InfoSec#InformationSecurity#Cybersécurité#CRA#ARC#CBSA#ASFC#ESDC#EDSC
Canadian government says individuals’ email addresses and phone numbers associated with CRA, ESDC and CBSA accounts were accessed in a cyberattack.
https://toronto.citynews.ca/2025/09/09/federal-government-says-emails-phone-numbers-accessed-in-cyberattack/
- - -
Le gouvernement canadien dit que les adresses courriel et les numéros de téléphone associés aux comptes de l'ARC, d’EDSC et de l’ASFC ont été consultés lors d'une cyberattaque.
#Canada#InfoSec#InformationSecurity#Cybersécurité#CRA#ARC#CBSA#ASFC#ESDC#EDSC
If you are a #FreeSoftware manufacturer, project, or a potential steward under the Cyber Resilience Act #CRA , please contribute by filling out those surveys (best already by end of July):
Potential Free Software stewards (EN)
https://dialog-cybersicherheit.limesurvey.net/146965?lang=en
Free Software projects (EN)
https://dialog-cybersicherheit.limesurvey.net/241948?lang=en
Manufacturer (EN)
https://dialog-cybersicherheit.limesurvey.net/582853?lang=en
I'm curious: you characterize the EU #CRA as requiring #SBOM's *specifically*. I know the License Compliance Industrial Complex wants it to be true, but I researched this issue for my #FOSDEM 2025 talk…
https://fosdem.org/2025/schedule/event/fosdem-2025-6155-is-there-really-an-sbom-mandate-/
… & IIUC CRA *doesn't* specify SBOMs specifically.
IMO, if the vendor gives the customer complete, Corresponding Source & a 100% @reproducible_builds they've complied with CRA. No one has shown me anything that disproves that.
Cybersecurity Risk Assessment Request
https://daniel.haxx.se/blog/2025/07/11/cybersecurity-risk-assessment-request/
Cybersecurity Risk Assessment Request
https://daniel.haxx.se/blog/2025/07/11/cybersecurity-risk-assessment-request/
I'm curious: you characterize the EU #CRA as requiring #SBOM's *specifically*. I know the License Compliance Industrial Complex wants it to be true, but I researched this issue for my #FOSDEM 2025 talk…
https://fosdem.org/2025/schedule/event/fosdem-2025-6155-is-there-really-an-sbom-mandate-/
… & IIUC CRA *doesn't* specify SBOMs specifically.
IMO, if the vendor gives the customer complete, Corresponding Source & a 100% @reproducible_builds they've complied with CRA. No one has shown me anything that disproves that.
A space for Bonfire maintainers and contributors to communicate