The Recompiler Podcast Christie Koehler and Recompiler Media

This episode we talk about Amazon’s AI recruiting fail, Wordpress accessibility issues, Google+ and more. 

https://recompilermag.com/2018/10/16/episode-75-do-we-need-to-faraday-cage-your-office

Community Event Planning pre-order. Still time to get in on the book previews!
https://community-events-2.backerkit.com/hosted_preorders

Survey for event organizers
https://airtable.com/shrvbemYqHvL1Z7tt

Issue 10 - Science! It’s shipping. Back order sale use code READER18 for buy 2, get 3rd 1/2 off!
https://shop.recompilermag.com

Amazon scraps secret AI recruiting tool that showed bias against women | Reuters
https://www.reuters.com/article/us-amazon-com-jobs-automation-insight/amazon-scraps-secret-ai-recruiting-tool-that-showed-bias-against-women-idUSKCN1MK08G

I have resigned as the WordPress accessibility team lead. Here is why. - Rian Rietveld
https://rianrietveld.com/2018/10/09/i-have-resigned-the-wordpress-accessibility-team/

A Plan for 5.0 – Make WordPress Core
https://make.wordpress.org/core/2018/10/03/a-plan-for-5-0/

JAMstack | JavaScript, APIs, and Markup
https://jamstack.org/

Google is shutting down Google+ following massive data exposure
https://www.engadget.com/2018/10/08/google-shutting-down-google-plus/

Google faces mounting pressure from Congress over Google+ privacy flaw - The Verge
https://www.theverge.com/2018/10/11/17964134/google-plus-congress-privacy-data-vulnerability

Tampered Chinese Ethernet port used to hack ‘major US telecom,’ says Bloomberg report
https://www.theverge.com/platform/amp/2018/10/9/17955848/supermicro-telecom-server-hack-apple-amazon

Zotero Blog » Blog Archive » Improved PDF retrieval with Unpaywall integration
https://www.zotero.org/blog/improved-pdf-retrieval-with-unpaywall-integration/

Julia Evans Zines
https://jvns.ca/zines/
https://jvns.ca/blog/2018/09/23/why-sell-zines/

Let’s Pair!
https://www.kickstarter.com/projects/marlenac/lets-pair

This episode we talk about Chinese spy chips, new sophisticated voice phishing schemes, and Facebook’s huge security breach.

https://recompilermag.com/2018/10/12/episode-74-there-is-pumpkin-spice-in-the-air

Community Event Planning pre-order. Still time to get in on the book previews.
https://community-events-2.backerkit.com/hosted_preorders

Survey for event organizers. Please fill it out!
https://airtable.com/shrvbemYqHvL1Z7tt

Issue 10 - Science! It’s shipping. Back order sale use code READER18 for buy 2, get 3rd 1/2 off!
https://shop.recompilermag.com

China planted spy chips in computers from Portland-based Elemental, Bloomberg reports | OregonLive.com
https://www.oregonlive.com/silicon-forest/index.ssf/2018/10/chinese_planted_spy_chips_insi.html

The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies - Bloomberg
https://www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies

The Big Hack: Amazon, Apple, Supermicro, and Beijing Respond - Bloomberg
https://www.bloomberg.com/news/articles/2018-10-04/the-big-hack-amazon-apple-supermicro-and-beijing-respond

Chinese Hackers Have Allegedly Compromised the Supply Chain to Spy on Amazon and Apple
https://motherboard.vice.com/en_us/article/gye8w4/chinese-supply-chain-hack-apple-bloomberg

Voice Phishing Scams Are Getting More Clever — Krebs on Security
https://krebsonsecurity.com/2018/10/voice-phishing-scams-are-getting-more-clever/

Facebook says nearly 50m users compromised in huge security breach | Technology | The Guardian
https://www.theguardian.com/technology/2018/sep/28/facebook-50-million-user-accounts-security-berach

Kim Zetter on Twitter: "The Facebook breach gets even worse - it's not just that an attacker who has your Facebook token can access other accounts you've used your Facebook account to access, he/she can access accounts you haven't even used Facebook to access… https://t.co/BCCpuPG9XI"
https://twitter.com/kimzetter/status/1046806168348160000?s=21

jason polakis on Twitter: "Given the scale and severity of the @facebook breach, I’ll share some thoughts based on our recent @USENIXSecurity paper with @m0eb1t, amrutha, @kaytwo, @stevecheckoway, where we explored the ramifications of your Facebook account being compromised. https://t.co/6gS2ERrGvO (1/n)"
https://twitter.com/jpolakis/status/1046086964410294272

Facebook Security Bug Affects 90M Users — Krebs on Security
https://krebsonsecurity.com/2018/09/facebook-security-bug-affects-90m-users/

O Single Sign-Off, Where Art Thou? An Empirical Analysis of Single Sign-On Account Hijacking and Session Management on the Web
https://www.cs.uic.edu/~polakis/papers/sso-usenix18.pdf

Can Mark Zuckerberg Fix Facebook Before It Breaks Democracy? | The New Yorker
https://www.newyorker.com/magazine/2018/09/17/can-mark-zuckerberg-fix-facebook-before-it-breaks-democracy

Burgerville Notifies Guests of Data Breach
https://www.prnewswire.com/news-releases/burgerville-notifies-guests-of-data-breach-300723908.html

THE WILD INNER WORKINGS OF A BILLION-DOLLAR HACKING GROUP
https://www.wired.com/story/fin7-wild-inner-workings-billion-dollar-hacking-group/

Episode 69: We’ll just make a pickle grid – The Recompiler
https://recompilermag.com/2018/08/10/episode-69-well-just-make-a-pickle-grid/

MIDI unicorn
https://www.youtube.com/watch?v=i3tiuGVDDkk

Willamette River presents stunning lidar image on poster from Department of Geology | OregonLive.com
https://www.oregonlive.com/travel/index.ssf/2013/04/willamette_river_presents_stun.html

This episode we talk about moral clauses in FOSS licenses, ShotSpotter’s partnership with Verizon, how Buffer bought out its VCs, and WayMo.

https://recompilermag.com/2018/10/11/episode-73-a-bold-move

Devopsdays Portland - SEPTEMBER 11-13, 2018 - RECOMPILERFRIENDS 20% discount
http://devopsdays.org/events/2018-portland/

Community Event Planning pre-order
Still time to get in on the book previews
https://community-events-2.backerkit.com/hosted_preorders

Survey for event organizers
https://airtable.com/shrvbemYqHvL1Z7tt

Call for Contributors, Issue 12 Machines and Things
https://recompilermag.com/2018/07/24/call-for-contributors-for-issue-12-machines-things/

Major Open Source Project Revokes Access to Companies That Work with ICE
https://motherboard.vice.com/en_us/article/8xbynx/major-open-source-project-revokes-access-to-companies-that-work-with-ice

Stop using my tools, racists
https://github.com/palantir/blueprint/issues/2876

Palantir employees are racist and they need to stop using my tools
https://github.com/palantir/blueprint/issues/2877

Add text to MIT License banning ICE collaborators
https://github.com/lerna/lerna/pull/1616

Please remove jamiebuilds as maintainer for CoC violations
https://github.com/lerna/lerna/issues/1630

Remove Microsoft from Restrictive License
https://github.com/lerna/lerna/pull/1631

Restore unmodified MIT license
https://github.com/lerna/lerna/pull/1633

SPDX license list
https://spdx.org/licenses/index.html

My potted view on adding extra ethical clauses to open source licenses
https://mastodon.social/@mala/100642002012668168

ShotSpotter Expands Verizon Partnership With Reseller Agreement for Gunshot Detection Services
http://globenewswire.com/news-release/2018/08/28/1557516/0/en/ShotSpotter-Expands-Verizon-Partnership-With-Reseller-Agreement-for-Gunshot-Detection-Services.html

Ingrid Burrington on Twitter: "So one way to read this is it's a way for Shotspotter installations to avoid any resident pushback by burying them in a contract–instead of making SST a line item, it's just tacked onto a broader services agreement with Verizon that wouldn't otherwise raise eyebrows."
https://twitter.com/lifewinning/status/1035211677375946752

Rochester man shot by police sues cops, city, and ShotSpotter
https://www.democratandchronicle.com/story/news/2018/08/30/silvon-simmons-rochester-police-officer-joseph-ferrigno-gun-lawsuit/1119014002/

We Spent $3.3M Buying Out Investors: Why and How We Did It
https://open.buffer.com/buying-out-investors/

Amir Efrati on Twitter: "Just out: The truth about Waymo... https://t.co/q9Oet5j5Ck"
https://twitter.com/amir/status/1034442936774258688

A day in the life of a Waymo self-driving taxi - The Verge
https://www.theverge.com/2018/8/21/17762326/waymo-self-driving-ride-hail-fleet-management

Donut County
http://donutcounty.com/

Martin “Sexy Nuclear Disarmament” Pfeiffer🏳️‍🌈 on Twitter: "🚨NOW PUBLICLY ACCESSIBLE🚨 Find below the link to my complete archive of 1951-1997 Sandia nuclear laboratory documents from my FOIA. https://t.co/Z8BzUTdF6g You can also support my work at: https://t.co/GzHV653OGL or https://t.co/tvFac0gW44… https://t.co/243xjjkj5k"
https://twitter.com/i/web/status/1035331181141581824

This episode we’re talking about Wickr’s use of domain-fronting and other anti-censorship techniques, HashWick vulnerability, Verizon throttling emergency responders data cellular connections, licensing shenanigans.

https://recompilermag.com/2018/10/11/episode-72-ive-just-confused-myself

Devopsdays Portland - SEPTEMBER 11-13, 2018 - RECOMPILERFRIENDS 20% discount
http://devopsdays.org/events/2018-portland/
RECOMPILERFRIENDS is a 20% off discount

Community Event Planning pre-order
https://community-events-2.backerkit.com/hosted_preorders

Survey for event organizers
https://airtable.com/shrvbemYqHvL1Z7tt

Call for Contributors, Issue 12 Machines and Things
https://recompilermag.com/2018/07/24/call-for-contributors-for-issue-12-machines-things/

Wickr has a new plan for dodging internet blocks - The Verge
https://www.theverge.com/2018/8/23/17770384/wickr-psiphon-partnership-internet-censorship

HashWick V8 Vulnerability
https://darksi.de/12.hashwick-v8-vulnerability/

Node.js and the "HashWick" vulnerability
https://nodesource.com/blog/node-js-and-the-hashwick-vulnerability/

Verizon throttled fire department’s “unlimited” data during Calif. wildfire | Ars Technica
https://arstechnica.com/tech-policy/2018/08/verizon-throttled-fire-departments-unlimited-data-during-calif-wildfire

Use Debian? Want Intel's latest CPU patch? Small print sparks big problem
https://www.theregister.co.uk/2018/08/21/intel_cpu_patch_licence/

Redis: This is not the license change you are looking for
https://blog.tidelift.com/redis-this-is-not-the-license-change-you-are-looking-for-

Software Freedom Ensures the True Software Commons
https://sfconservancy.org/blog/2018/aug/22/commons-clause/

Redis licensing
https://redislabs.com/community/licenses/

Skills for our software future / Audrey Eschright
http://lifeofaudrey.com/2018/09/06/3rd-wave.html

Oregon DEQ map
https://oraqi.deq.state.or.us/home/map

HRRR-Smoke Model Fields - Experimental
https://rapidrefresh.noaa.gov/hrrr/HRRRsmoke/

This week Audrey and I chat about about Las Vegas Hotel security issues during DefCon, Foreshadow speculative execution vulnerability, and issues with the music industry business model and copyright.

Complete show notes:
https://recompilermag.com/2018/09/25/episode-71-that-sounds-both-interesting-and-ridiculous

[01:06] Devopsdays Portland - SEPTEMBER 11-13, 2018 - RECOMPILERFRIENDS 20% discount[01:54] Community Event Planning pre-order[02:34] Survey for event organizers[03:15] Call for Contributors, Issue 12 Machines and Things[04:09] In post-massacre Vegas, security policies clash with privacy values - The Parallax[07:48] Open letter to the Hacker Community. | Marc's Security Ramblings[22:15] Chris Dagdigian on Twitter: "this happened to me as well at a Marriott owned hotel property..."[23:33] Foreshadow: Breaking the Virtual Memory Abstraction with Transient Out-of-Order Execution[31:07] Artists Made Only 12% of Music Industry Revenue in 2017, Citigroup Report Finds | Pitchfork[40:01] Recording Industry Hypocrisy On Full Display In Continuing To Push The CLASSICS Act That Expands Copyright | Techdirt[50:17] USB Dongle Authentication[51:36] Two Factor Auth List[54:09] Thru-hiking the US/Mexico border[56:04] Natives Outdoors[32:45] PUTTING THE BAND BACK TOGETHER: Remastering the World of Music (pdf)

This week Audrey and I chat about a security incident with Homebrew (the macOS package manager), Twitter’s refusal to moderate hate speech, and Firefox’s upcoming support of DNS over HTTP.

Complete show notes:
https://recompilermag.com/2018/08/14/episode-70-i-see-a-bear

[03:42] Devopsdays Portland - SEPTEMBER 11-13, 2018 - RECOMPILERFRIENDS 20% discount[04:06] Recompiler DevOpsDays ticket giveaway, deadline August 20[04:25] Community Event Planning pre-order[04:54] Survey for event organizers[06:08] Call for Contributors, Issue 12 Machines and Things[07:08] Security Incident Disclosure — Homebrew[08:16] How I gained commit access to Homebrew in 30 minutes[11:39] How I gained commit access to all Jenkins projects in 30 minutes…and how security warnings to the[16:19] jack on Twitter: "We didn’t suspend Alex Jones or Infowars yesterday..."[19:49] Jay Rosen on Twitter: "It's been called the b******t asymmetry:..."[22:16] Political Strategy and Buzzfeed’s analysis of "the Twitter problem"[33:02] I’m done with Twitter[35:10] Episode 57: Do we have to do more Facebook? – The Recompiler[36:22] Improving DNS Privacy in Firefox – Firefox Nightly News[37:54] ungleich Blog - Mozilla's new DNS resolution is dangerous[45:45] BearCam[47:51] Books by Gerald M. Weinberg