Post · Gnar 🔥 social

Ahead of tomorrow's release of four new #curl CVEs I want you to know: we do our very best to secure curl every step of the way. Security is hard.

Code style
Banned functions
Complexity checks
Human reviews
Review bots
No binary blobs
No confusables
Document everything
Many tests
Cl like crazy
All the picky compiler options and -Werror
Valgrind and sanitizers
Static code analyzers
Fuzzing (in Cl and non-stop)
Cl jobs never “write back"
Reproducible releases
Signed releases, commits, tags
code audits
2fa for all committers — Code style Banned functions Complexity checks Human reviews Review bots No binary blobs No confusables Document everything Many tests Cl like crazy All the picky compiler options and -Werror Valgrind and sanitizers Static code analyzers Fuzzing (in Cl and non-stop) Cl jobs never “write back" Reproducible releases Signed releases, commits, tags code audits 2fa for all committers

Pianosaurus 🕴

@pianosaurus@c.im replied · 4 days ago

@bagder Ken Thompson would have pointed out "No binary blobs except the compiler; you may be compromised."

daniel:// stenberg://

@bagder@mastodon.social replied · 4 days ago

@pianosaurus also one of the critical lessons from the xz attack!

Graham Sutherland / Polynomial

@gsuberland@chaos.social replied · 4 days ago

@bagder red green colour blindness test [HARD MODE]

advokatt

@km@mastodon.babb.no replied · 4 days ago

@bagder i feel something is missing there

daniel:// stenberg://

@bagder@mastodon.social replied · 4 days ago

@km I should probably distribute them a little different unless I can think of more boxes to mention...

advokatt

@km@mastodon.babb.no replied · 4 days ago

@bagder slop protection? i mean, you have it!

Gnar 🔥 social

This is a Bonfire Federated social instance for those that enjoy gnarly adventures. Whether it's shredding mountains or slaying guitars, from action sports to art.

Gnar 🔥 social: About · Code of conduct · Privacy · Users · Instances

Gnar;🔥 social · 1.0.0-rc.3.6 no JS en

Automatic federation enabled