51 minutes | Dec 10, 2017

Episode 9: Typosquatting with Adam Baldwin

Wherein we discuss typosquatting and other security matters with Adam Baldwin, of Lift security and the Node Security Platform. We cover what kind of exploits people are trying, speculate about how blockchains may well be the answer, and unsuccessfully attempt to start a turf war between various package managers. Special Guest: Adam Baldwin.Links:^Lift Securitynpm registryTypo.js on GitHub52% of All JavaScript npm Packages Could Have Been Hacked via Weak CredentialsHave I been pwned?Protect your npm account with two-factor authenticationTyposquatting programming language package managersShellshockDependency CIThe Update Frameworkpackage.communitycrossenv malware on the npm registryNode Security PlatformYarnAdam Baldwin on TwitterAdam Baldwin on GitHub
Play
Like
Play Next
Mark
Played
Share