#319: Typosquatting and Supply Chains Vulnerabilities
#319: Typosquatting and Supply Chains Vulnerabilities

#319: Typosquatting and Supply Chains Vulnerabilities

Julien Dimitri Rigon

59 min
Success & Inspiration
Play

Description

One of the true superpowers of Python is the libraries over at the Python Package Index. They are all just a "pip install" away. Yet, like all code that you run on your system, it is done with some degree of trust. How do we know that all of those useful packages are trustworthy? That's the topic of this episode. Bentz Tozer and John Speed Meyers are here to share their research into typosquatting on PyPI and other sneaky deeds. But we also discuss some potential solutions and fixes. Check it out at https://talkpython.fm/319

Uploader

tina_rose

tina_rose

#319: Typosquatting and Supply Chains Vulnerabilities - Listen Free | WowFM