Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://noagendasocial.com/users/eriner/statuses/110895353278581698">Matt Hamilton [Maryland] (eriner@noagendasocial.com)'s status on Wednesday, 16-Aug-2023 04:49:43 JST</a><a href="https://noagendasocial.com/@eriner" title="eriner@noagendasocial.com"><img src="https://gnusocial.jp/avatar/2324-48-20230922010214.webp" width="48" height="48" alt="Matt Hamilton [Maryland]" style="position: absolute; left: 0; top: 0;">Matt Hamilton [Maryland]</a><div><a href="https://poa.st/objects/7e2a0437-16d2-4955-be12-16fea0793e83" rel="in-reply-to">in reply to</a><ul><li><li><a href="https://gnusocial.jp/user/147450" title="niggy@poa.st">:niggy:</a></li></ul></div></section><article><p><a href="https://poa.st/users/niggy">@niggy</a> <a href="https://gleasonator.com/users/alex">@alex</a> this is correct (and what I would recommend to a client/org) but this is a hard sell for FOSS projects where you don’t control the OS or network layer. Best OSS projects can do is include a bunch of init runtime checks for the vulns and warn that external (to the software) config changes need to be made for security.</p><p>Then you get 9,999 GitHub tickets asking “how do I enable DNS rebind protection for &lt;insert random tech stack here&gt;</p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/1951630#notice-3831316">In conversation</a><time datetime="2023-08-16T04:49:43+09:00" title="Wednesday, 16-Aug-2023 04:49:43 JST">Wednesday, 16-Aug-2023 04:49:43 JST</time> <span>from <span><a href="https://noagendasocial.com/@eriner/110895353278581698" rel="external" title="Sent from noagendasocial.com via ActivityPub">noagendasocial.com</a></span></span><a href="https://noagendasocial.com/@eriner/110895353278581698">permalink</a></footer></blockquote>

Corresponding Notice

Embed this notice
Matt Hamilton [Maryland] (eriner@noagendasocial.com)'s status on Wednesday, 16-Aug-2023 04:49:43 JSTMatt Hamilton [Maryland]
in reply to
- Alex Gleason
- :niggy:
@niggy @alex this is correct (and what I would recommend to a client/org) but this is a hard sell for FOSS projects where you don’t control the OS or network layer. Best OSS projects can do is include a bunch of init runtime checks for the vulns and warn that external (to the software) config changes need to be made for security.
Then you get 9,999 GitHub tickets asking “how do I enable DNS rebind protection for <insert random tech stack here>
In conversationWednesday, 16-Aug-2023 04:49:43 JST from noagendasocial.compermalink

Public

Embed Notice

HTML Code

Corresponding Notice