Developer Tech

XZ attack reveals unlearned open-source security lessons

The XZ attack is a backdoor that reminds us our biggest open-source security threats are from decades of unlearned lessons.
Interesting Engineering

Robots, spyware, and AI: What tech arsenal ICE has to freeze immigrants

ICE has invested millions in spyware, robots, and facial recognition, raising new concerns about ethical use and mass ...
Communications of the ACM

Fifty Years of Open Source Software Supply-Chain Security

An open source software supply-chain vulnerability is an exploitable weakness in trusted software caused by a third-party, ...