{"id":25486,"date":"2024-09-25T08:43:18","date_gmt":"2024-09-25T06:43:18","guid":{"rendered":"https:\/\/daniel.haxx.se\/blog\/?p=25486"},"modified":"2024-09-30T17:16:08","modified_gmt":"2024-09-30T15:16:08","slug":"talk-keeping-the-world-from-burning","status":"publish","type":"post","link":"https:\/\/daniel.haxx.se\/blog\/2024\/09\/25\/talk-keeping-the-world-from-burning\/","title":{"rendered":"Talk: Keeping the world from Burning"},"content":{"rendered":"\n<p>On Monday this week, I did a talk at the <a href=\"https:\/\/nsss.se\/\">Nordic Software Security Summit conference<\/a> in Stockholm Sweden. I titled it CVEMITRECVSSNVDCNAOSS WTF with the subtitle &#8220;Keeping the world from Burning&#8221;.<\/p>\n\n\n\n<p>The talk was well received and I think it added something to the conversation. Almost every other talk during the rest of the conference that I saw referred back to it.<\/p>\n\n\n\n<p>Since the talk was not recorded (no talks were at this event), I intend to do the presentation again &#8211; from home. This time live-streamed and recorded.<\/p>\n\n\n\n<p>This happens on:<\/p>\n\n\n\n<p class=\"has-text-align-center\"><strong>Monday September 30, 2024<br>14:00 UTC (16:00 CEST)<\/strong><\/p>\n\n\n\n<p>The stream happens on Twitch where I as always am <a href=\"https:\/\/www.twitch.tv\/curlhacker\">curlhacker<\/a>. Join the chatroom, ask questions, have a good time. There will of course be room for a Q&amp;A.<\/p>\n\n\n\n<p>No registration. No fee. Just show up.<\/p>\n\n\n\n<p>At the conference, I did the presentation in under thirty minutes. This version might go on a few more minutes.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Abstract<\/h2>\n\n\n\n<p>The abstract I  provided for this talk to the conference says:<\/p>\n\n\n\n<p><em>Bogus CVEs, know-better organizations, conflicting databases, AI hallucinations, inflated severity scoring, security scanners, Jia Tan. As the lead developer in the curl project, Daniel describes some of the challenges involved and what you need to do to stay on top of security when working in a high profile Open Source project running in some twenty billion instances. The talk will be involving many examples from real life.<\/em><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Differences<\/h2>\n\n\n\n<p>Since this is a second run of a talk I already did and I have no script, it will <strong>not<\/strong> be identical. I will also try to polish some minor details that I felt could need some brush-ups.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Recording<\/h2>\n\n\n\n<figure class=\"wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\n<iframe loading=\"lazy\" title=\"CVEMITRECVSSNVDCNAOSS WTF with Daniel Stenberg\" width=\"474\" height=\"267\" src=\"https:\/\/www.youtube.com\/embed\/Uol_0kd6saA?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen><\/iframe>\n<\/div><\/figure>\n","protected":false},"excerpt":{"rendered":"<p>On Monday this week, I did a talk at the Nordic Software Security Summit conference in Stockholm Sweden. I titled it CVEMITRECVSSNVDCNAOSS WTF with the subtitle &#8220;Keeping the world from Burning&#8221;. The talk was well received and I think it added something to the conversation. Almost every other talk during the rest of the conference &hellip; <a href=\"https:\/\/daniel.haxx.se\/blog\/2024\/09\/25\/talk-keeping-the-world-from-burning\/\" class=\"more-link\">Continue reading <span class=\"screen-reader-text\">Talk: Keeping the world from Burning<\/span> <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":5,"featured_media":25514,"comment_status":"open","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7,133],"tags":[33,518,428,231],"class_list":["post-25486","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-curl","category-security","tag-curl-and-libcurl","tag-cve","tag-security","tag-talk"],"_links":{"self":[{"href":"https:\/\/daniel.haxx.se\/blog\/wp-json\/wp\/v2\/posts\/25486","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/daniel.haxx.se\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/daniel.haxx.se\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/daniel.haxx.se\/blog\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/daniel.haxx.se\/blog\/wp-json\/wp\/v2\/comments?post=25486"}],"version-history":[{"count":9,"href":"https:\/\/daniel.haxx.se\/blog\/wp-json\/wp\/v2\/posts\/25486\/revisions"}],"predecessor-version":[{"id":25517,"href":"https:\/\/daniel.haxx.se\/blog\/wp-json\/wp\/v2\/posts\/25486\/revisions\/25517"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/daniel.haxx.se\/blog\/wp-json\/wp\/v2\/media\/25514"}],"wp:attachment":[{"href":"https:\/\/daniel.haxx.se\/blog\/wp-json\/wp\/v2\/media?parent=25486"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/daniel.haxx.se\/blog\/wp-json\/wp\/v2\/categories?post=25486"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/daniel.haxx.se\/blog\/wp-json\/wp\/v2\/tags?post=25486"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}