Last month I was in Denver for Red Hat Summit 2024. The keynotes are available on YouTube. This was perhaps the most energetic Summit that I’ve been to, even pre-COVID. There was a lot of activity and, of course, the primary topic was AI. We unveiled InstructLab and our work there, the InstructLab demo/contribution area was hopping and well over half of all Summit attendees took the opportunity to check it out and contribute some skills and knowledge.
While security wasn’t the topic that everyone was talking about, a few of us were (are you surprised?). I had a number of customer conversations and hallway discussions with associates and customers alike on my favourite topics. I did a talk on the evolution of risk management in software, which is what my five part blog series was based on. Updated, of course, to reference the xz-utils backdoor which is something a lot of people wanted to discuss. Unfortunately, that doesn’t seem to be public. But you can read the blog series to get an idea of what the content was!
I also spent some time on theCube talking about security and AI. Love being on theCube and really appreciate being invited back. They’re great folks to converse with!
Also, and the reason why this blog post is so late post-Summit, I was on the Ask Noah podcast for the first time. We talked about security, AI and open source maintainers and it was a blast. Thoroughly enjoyed the conversation and hopefully there are some ideas for folks to think about. We did talk about the xz-utils backdoor, how open source is demonstrably safer than proprietary software, and some of the concerns I have with all the burden being placed on open source maintainers. Worth checking out.
And next week I’ll be speaking at the Uplift virtual conference hosted by Tidelift. I’m very excited about this because I am a huge fan of Tidelift and all that they do for open source maintainers. If you’ve never heard about them before, I encourage you to check them out!