printing a shirt with "my lack of adequate financial compensation constitutes a supply chain security risk" and wearing it to conferences
Discussion
Loading...
Post
@hipsterelectron I'll buy that shirt
@hipsterelectron Goood idea as it is an security risk in itself
@hipsterelectron Reminds me of the recent-ish attack in Brazil where they exploited an underpaid worker into selling work credentials that allowed for $$$$$$$ BRL to be transferred in a short period of time.https://www.msn.com/en-us/money/markets/devastating-pix-payment-system-hack-drains-100-million-from-brazilian-banks/ar-AA1I6mRU
@jufajardini there is indeed one intended interpretation about actively compromising security for financial gain, because suits think everyone else is as selfish as they are!
but the SBOM remark was intended to identify how the SBOM is designed around a view of software as static and frozen in time, even though the term "artifact" from scholars of history is not about the importance or utility of the object, but what can be inferred about the processes that generated the object. a software artifact could try something similar, though
@jufajardini a "sustainability SBOM" that identifies the transitive funding sources behind each dependency would begin to look a lot more like a tax return
"put that in your SBOM" on the back
@hipsterelectron
...and smoke it!
charlie marsh didn't want to compensate me for the zip extraction work i did and got CVEd because you can't expect to just use a trick without the context that led up to figuring it out in the first place https://astral.sh/blog/uv-security-advisory-cve-2025-54368 so this is no longer like a joke it's just the facts
bonfire.cafe
A space for Bonfire maintainers and contributors to communicate
Automatic federation enabled