134: Inside the Security Working Group

We get a glimpse into the EEF's Security Working Group with Bram Verburg. We learn about existing resources available to the community and we get hints of work underway for the future. Bram shares some cool security tips and insights as well!
Show Notes online - http://podcast.thinkingelixir.com/134 (http://podcast.thinkingelixir.com/134)
Elixir Community News
- http://example.com/ (http://example.com/) – Example website
- https://github.com/phoenixframework/phoenix/blob/master/CHANGELOG.md (https://github.com/phoenixframework/phoenix/blob/master/CHANGELOG.md) – New release candidate for Phoenix! 1.7.0-rc.1
- https://github.com/phoenixframework/phoenixliveview/blob/master/CHANGELOG.md (https://github.com/phoenixframework/phoenix_live_view/blob/master/CHANGELOG.md) – New minor Phoenix LiveView releases
- https://twitter.com/whatyouhide/status/1610675036108771328 (https://twitter.com/whatyouhide/status/1610675036108771328) – Andrea Leopardi published his second video where he works through the ProtoHackers.com challenges using Elixir
- https://github.com/sorentwo/oban/pull/819 (https://github.com/sorentwo/oban/pull/819) – Oban now supports SQLite3
- https://github.com/JohnnyCurran/TimeTravel (https://github.com/JohnnyCurran/TimeTravel) – Time Travel with LiveView events
- https://www.chriis.dev/opinion/setting-up-a-google-chrome-shortcut-to-elixir-documentation-in-30-seconds (https://www.chriis.dev/opinion/setting-up-a-google-chrome-shortcut-to-elixir-documentation-in-30-seconds) – Chris Gregori shared a post about setting up a Google Chrome shortcut to Elixir documentation
- https://twitter.com/benvp_/status/1610884773387321345 (https://twitter.com/benvp_/status/1610884773387321345) – Tip for saving hex docs offline locally
- https://twitter.com/theerlef/status/1611076916957843456 (https://twitter.com/theerlef/status/1611076916957843456) – erlef/setup-beam v1.15.1 has been released
- https://github.com/erlef/setup-beam/releases/tag/v1.15.1 (https://github.com/erlef/setup-beam/releases/tag/v1.15.1)
- https://github.com/elixir-nx/ex_faiss (https://github.com/elixir-nx/ex_faiss) – Sean Morriarity released a new library in the Nx family called exfaiss
- https://dockyard.com/blog/2023/01/04/search-and-clustering-with-exfaiss (https://dockyard.com/blog/2023/01/04/search-and-clustering-with-exfaiss) – Blog post to accompany exfaiss
- https://github.com/lexmag (https://github.com/lexmag) – Core team Aleksei
- https://github.com/am-kantox (https://github.com/am-kantox) – Finitomata Aleksei
- https://twitter.com/yburyug/status/1611125098286813184 (https://twitter.com/yburyug/status/1611125098286813184) – Fun Phoenix success story
Do you have some Elixir news to share? Tell us at @ThinkingElixir (https://twitter.com/ThinkingElixir) or email at show@thinkingelixir.com (mailto:show@thinkingelixir.com)
Discussion Resources
- https://erlef.github.io/security-wg/ (https://erlef.github.io/security-wg/)
- https://erlef.org/wg/security (https://erlef.org/wg/security)
- https://github.com/erlef/security-wg (https://github.com/erlef/security-wg)
- https://erlef.github.io/security-wg/securecodinganddeploymenthardening/ (https://erlef.github.io/security-wg/secure_coding_and_deployment_hardening/)
- https://podcast.thinkingelixir.com/64 (https://podcast.thinkingelixir.com/64) – OTP Certificate Woes with Bram Verburg
- https://erlef.github.io/security-wg/securecodinganddeploymenthardening/releases (https://erlef.github.io/security-wg/secure_coding_and_deployment_hardening/releases) – Section on releases and Erlang's ability to conditionally include the compiler
- https://bluecode.com/en/ (https://bluecode.com/en/)
- https://www.linkedin.com/in/FrancescoCesarini (https://www.linkedin.com/in/FrancescoCesarini)
- https://podcast.thinkingelixir.com/122 (https://podcast.thinkingelixir.com/122) – Interview with Holden Oullette about Elixir Secure Coding Training for teams
- https://en.wikipedia.org/wiki/Whac-A-Mole (https://en.wikipedia.org/wiki/Whac-A-Mole)
- https://podcast.thinkingelixir.com/131 (https://podcast.thinkingelixir.com/131) – Interview with Michael Lubas about securing Elixir and Phoenix applications
- https://erlef.github.io/security-wg/securecodinganddeploymenthardening/crash_dumps (https://erlef.github.io/security-wg/secure_coding_and_deployment_hardening/crash_dumps)
- https://github.com/voltone/x509/ (https://github.com/voltone/x509/)
- https://github.com/beam-telemetry/telemetry (https://github.com/beam-telemetry/telemetry)
- https://www.lua.org/start.html (https://www.lua.org/start.html)
- https://www.cisa.gov/uscert/bsi/articles/knowledge/sdlc-process/secure-software-development-life-cycle-processes (https://www.cisa.gov/uscert/bsi/articles/knowledge/sdlc-process/secure-software-development-life-cycle-processes) – Secure Software Development Lifecycle
- https://github.com/nccgroup/sobelow (https://github.com/nccgroup/sobelow)
- https://github.com/rrrene/credo (https://github.com/rrrene/credo)
- https://en.wikipedia.org/wiki/Data-flow_analysis (https://en.wikipedia.org/wiki/Data-flow_analysis)
- https://erlef.org/ (https://erlef.org/)
- https://members.erlef.org/join-us (https://members.erlef.org/join-us)
Guest Information
- https://twitter.com/voltonez (https://twitter.com/voltonez) – on Twitter
- https://fosstodon.org/@voltone (https://fosstodon.org/@voltone) – on Fediverse
- https://github.com/voltone (https://github.com/voltone) – on Github
- https://blog.voltone.net/ (https://blog.voltone.net/) – Blog
Find us online
- Message the show - @ThinkingElixir (https://twitter.com/ThinkingElixir)
- Message the show on Fediverse - @ThinkingElixir@genserver.social (https://genserver.social/ThinkingElixir)
- Email the show - show@thinkingelixir.com (mailto:show@thinkingelixir.com)
- Mark Ericksen - @brainlid (https://twitter.com/brainlid)
- Mark Ericksen on Fediverse - @brainlid@genserver.social (https://genserver.social/brainlid)
- David Bernheisel - @bernheisel (https://twitter.com/bernheisel)
- David Bernheisel on Fediverse - @dbern@genserver.social (https://genserver.social/dbern)
- Cade Ward - @cadebward (https://twitter.com/cadebward)
- Cade Ward on Fediverse - @cadebward@genserver.social (https://genserver.social/cadebward)