Adam Shostack :donor: :unverified: on Nostr: Now that github is mandating that I add 2FA to "secure the supply chain", is there a ...
Now that github is mandating that I add 2FA to "secure the supply chain", is there a standard way to say "I am not part of your supply chain"?
Seriously, the code I write is barely fit for purpose. I use github to make available things like Elevation of Privilege, have a place where the Four Question Framework for threat modeling can evolve in a constrained way, and to report bugs.
I've also posted some code that Claude wrote, with an explicit security warning.
(https://gist.github.com/adamshostack/ca17e69e3145f11d20c871a4a186be51)
No one should use any of that code.
Seriously, the code I write is barely fit for purpose. I use github to make available things like Elevation of Privilege, have a place where the Four Question Framework for threat modeling can evolve in a constrained way, and to report bugs.
I've also posted some code that Claude wrote, with an explicit security warning.
(https://gist.github.com/adamshostack/ca17e69e3145f11d20c871a4a186be51)
No one should use any of that code.