Explores using legal 'motion to dismiss' concepts to evaluate software vulnerability reports against a project's threat model.
Argues that effective security and sustainability require systemic changes, not user behavior modification, drawing parallels between tech and environmental efforts.
Discusses strategies for improving memory safety in C++ codebases as a practical alternative to full migration to memory-safe languages.
Satirical proposal to pay developers to delete npm modules, highlighting security risks of excessive dependencies in the Node ecosystem.
Debunks the myth that open source software is inherently insecure, comparing it to proprietary alternatives and explaining its security advantages.
A satirical look at Microsoft's early 2000s patch management, highlighting repetitive cycles of security patches fixing previous patches.
