Whole-known-network
<p><span class="h-card" translate="no"><a href="https://mastodon.social/@mcc" class="u-url mention">@<span>mcc</span></a></span> by the way, the part about "minerals in the supply chain" isn't something I came up with as a hyperbole, it's essentially a direct quote from someone advocating the use of this kind of tool: <a href="https://mastodon.social/@dymaxion@infosec.exchange/112200742276136278" target="_blank" rel="nofollow noopener noreferrer" translate="no"><span class="invisible">https://</span><span class="ellipsis">mastodon.social/@dymaxion@info</span><span class="invisible">sec.exchange/112200742276136278</span></a></p>
<p><span class="h-card" translate="no"><a href="https://digipres.club/@dsalo" class="u-url mention">@<span>dsalo</span></a></span> It's not hard. And there are YouTube videos to help. Never too late! (Pro tip: the double-l is pronounced more like a tl. The rest is pretty much what you'd expect.)</p>
<p><span class="h-card" translate="no"><a href="https://chaos.social/@gsuberland" class="u-url mention">@<span>gsuberland</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.social/@mcc" class="u-url mention">@<span>mcc</span></a></span> yes.</p>
<p><span class="h-card" translate="no"><a href="https://mastodon.social/@whitequark" class="u-url mention">@<span>whitequark</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.social/@mcc" class="u-url mention">@<span>mcc</span></a></span> they can theoretically be useful for security researchers looking to identify the blast radius on a library bug, too.</p><p>but I say "theoretically" because in my experience SBOMs are rarely accurate enough unless they're automated as part of a CI pipeline AND manually gap-analysed with reasonable frequency to catch overlooked dependencies, which literally nobody does because it's utterly tedious and not really beneficial in the general day-to-day case.</p>
<p>There must be triathletes wondering, "Who called it the Seine and not Eau de Toilette?"</p>
<p><span class="h-card" translate="no"><a href="https://mastodon.social/@mcc" class="u-url mention">@<span>mcc</span></a></span> the concept behind "SBOM"s is that you as a maintainer of some open source software is a part of the "software supply chain" in the same way that coltan is a part of the "electronics supply chain"; they make you more palatable to corporations so that you can be shoved into their processes more easily, whether you like it or not</p>
<p><span class="h-card" translate="no"><a href="https://social.treehouse.systems/@rcombs" class="u-url mention">@<span>rcombs</span></a></span> i see your point but i also meant, like, a girl</p>
@rin@post.ebin.club I love IRL puzzles.
<p>🌟 Exciting News! 🌟</p><p>OzHack now has stock of Cynthion by Great Scott Gadgets – an all-in-one tool for building, testing, monitoring, and experimenting with USB devices!</p><p>Cynthion stands out with its unique FPGA-based architecture, allowing its digital hardware to be fully customised to suit any application. </p><p>Whether you need a no-compromise High-Speed USB protocol analyser, a USB-hacking multi-tool, or a USB development platform, Cynthion has got you covered.</p><p><a href="https://ozhack.com/products/cynthion" target="_blank" rel="nofollow noopener noreferrer" translate="no"><span class="invisible">https://</span><span class="">ozhack.com/products/cynthion</span><span class="invisible"></span></a></p><p><a href="https://infosec.exchange/tags/OzHack" class="mention hashtag" rel="tag">#<span>OzHack</span></a> <a href="https://infosec.exchange/tags/GetYourHackOn" class="mention hashtag" rel="tag">#<span>GetYourHackOn</span></a> <a href="https://infosec.exchange/tags/Cynthion" class="mention hashtag" rel="tag">#<span>Cynthion</span></a> <a href="https://infosec.exchange/tags/GreatScottGadgets" class="mention hashtag" rel="tag">#<span>GreatScottGadgets</span></a> <a href="https://infosec.exchange/tags/USB" class="mention hashtag" rel="tag">#<span>USB</span></a> <a href="https://infosec.exchange/tags/ProtocolAnalyzer" class="mention hashtag" rel="tag">#<span>ProtocolAnalyzer</span></a> <a href="https://infosec.exchange/tags/USBHacking" class="mention hashtag" rel="tag">#<span>USBHacking</span></a></p>
