Tales from the wrong end

Marcus Bointon (26.Jan.2018 at 17:10, 1 hr )
Talk at PHPBenelux Conference 2018 (English - US)

Rating: 4 of 5

I’m the maintainer of a very popular open-source PHP package – PHPMailer. In December 2016, two critical vulnerabilities were found in PHPMailer, affecting potentially millions of sites. I’d been involved in reporting minor security issues in the past, but nothing of this magnitude, and never at the receiving end. I found myself at the start of a steep learning curve and an emotional roller-coaster; a story of open source, CVEs, and people.

Who are you?

Claim talk

Talk claims have been moved to the new Joind.in site.

Please login to the new site to claim your talk

 
Comments closed.

Comments

Rating: 4 of 5

26.Jan.2018 at 18:44 by Jurgen Rutten (41 comments) via Web2 LIVE

Nice personal story, expected more opensource tales

Rating: 4 of 5

26.Jan.2018 at 21:20 by Gabriel Caruana (2 comments) via Web2 LIVE

Very interesting!

Rating: 4 of 5

27.Jan.2018 at 10:02 by Michiel Kodde (8 comments) via Web2 LIVE

Also liked the personal aspect of this presentation.

Rating: 4 of 5

27.Jan.2018 at 11:44 by Johan Vervloet (25 comments) via Web2 LIVE

Nice to hear a personal story about the impact of vulnerabilities on the life of an open source maintainer.

Rating: 4 of 5

27.Jan.2018 at 13:27 by Thomas Berends (5 comments) via Web2 LIVE

Nice personal story you need to hear once.

Rating: 5 of 5

27.Jan.2018 at 14:36 by David Buchmann (125 comments) via Web2 LIVE

Well presented and interesting story, and i liked the first-person perspective during the talk. Only complaint i have is that it felt a bit disconnected between the security breach topic and then the reflections on maintaining an OSS project. But both parts very really interesting.

Rating: 4 of 5

27.Jan.2018 at 15:09 by Toni Van de Voorde (32 comments) via Web2 LIVE

Interesting story and well given

Rating: 4 of 5

27.Jan.2018 at 15:55 by Michaël Arnauts (4 comments) via Web2 LIVE

Interesting talk.

Rating: 4 of 5

27.Jan.2018 at 20:59 by Jelle Smeets (9 comments) via Web2 LIVE

Very interesting talk from the perspective of opensource maintainers and what happens if a security vulnerability is found.

Rating: 4 of 5

28.Jan.2018 at 12:09 by Guy Steels (12 comments) via Web2 LIVE

Great talk. Nice to hear a story/an experience right down from the trenches.

Rating: 5 of 5

29.Jan.2018 at 11:52 by Leon Boot (12 comments) via Web2 LIVE

When this vulnerability appeared on our radar, it was All hands on deck for us. It was very interesting to hear about the whole process from your point of view. Thanks for sharing your story!

Rating: 4 of 5

30.Jan.2018 at 08:48 by Frits van Tiel (13 comments) via Web2 LIVE

Interesting talk

Rating: 4 of 5

30.Jan.2018 at 09:15 by scvandenbraak (10 comments) via Web2 LIVE

Good talk, interesting to see how this was from your perspective.

Rating: 4 of 5

30.Jan.2018 at 13:05 by Ruben Woudenberg (13 comments) via Web2 LIVE

An interesting story about the risks and rewards of maintaining open source software.

© Joind.in 2018