JSJ 357: Event-Stream & Package Vulnerabilities with Richard Feldman and Hillel Wayne - podcast episode cover

JSJ 357: Event-Stream & Package Vulnerabilities with Richard Feldman and Hillel Wayne

Mar 26, 20191 hr 10 min
--:--
--:--
Listen in podcast apps:
Metacast
Spotify
Youtube
RSS

Episode description

SponsorsPanel
  • Aaron Frost
  • AJ O’Neal
  • Chris Ferdinandi
  • Joe Eames
  • Aimee Knight
  • Charles Max Wood
Joined by special guests: Hillel Wayne and Richard FeldmanEpisode SummaryIn this episode of JavaScript Jabber, Hillel Wayne kicks off the podcast by giving a short background about his work, explains the concepts of formal methods and the popular npm package - event-stream, in brief. The panelists then dive into the recent event-stream attack and discuss it at length, focusing on different package managers and their vulnerabilities, as well as the security issues associated with them. They debate on whether paying open source developers for their work, thereby leading to an increase in contribution, would eventually help in improving security or not. They finally talk about what can be done to fix certain dependencies and susceptibilities to prevent further attacks and if there are any solutions that can make things both convenient and secure for users.LinksPicksJoe Eames:Aimee Knight:Aaron Frost:Chris Ferdinandi:Charles Max Wood:Richard Feldman:Hillel Wayne:Special Guests: Hillel Wayne and Richard Feldman.

Support this podcast at — https://redcircle.com/javascript-jabber/donations

Privacy & Opt-Out: https://redcircle.com/privacy

Become a supporter of this podcast: https://www.spreaker.com/podcast/javascript-jabber--6102064/support.
For the best experience, listen in Metacast app for iOS or Android
Open in Metacast
JSJ 357: Event-Stream & Package Vulnerabilities with Richard Feldman and Hillel Wayne | JavaScript Jabber podcast - Listen or read transcript on Metacast