134: Inside the Security Working Group

We get a glimpse into the EEF's Security Working Group with Bram Verburg. We learn about existing resources available to the community and we get hints of work underway for the future. Bram shares some cool security tips and insights as well!

Show Notes online - http://podcast.thinkingelixir.com/134

Elixir Community News

• http://example.com/ – Example website
• https://github.com/phoenixframework/phoenix/blob/master/CHANGELOG.md – New release candidate for Phoenix! 1.7.0-rc.1
• https://github.com/phoenixframework/phoenix_live_view/blob/master/CHANGELOG.md – New minor Phoenix LiveView releases
• https://twitter.com/whatyouhide/status/1610675036108771328 – Andrea Leopardi published his second video where he works through the ProtoHackers.com challenges using Elixir
• https://github.com/sorentwo/oban/pull/819 – Oban now supports SQLite3
• https://github.com/JohnnyCurran/TimeTravel – Time Travel with LiveView events
• https://www.chriis.dev/opinion/setting-up-a-google-chrome-shortcut-to-elixir-documentation-in-30-seconds – Chris Gregori shared a post about setting up a Google Chrome shortcut to Elixir documentation
• https://twitter.com/benvp_/status/1610884773387321345 – Tip for saving hex docs offline locally
• https://twitter.com/theerlef/status/1611076916957843456 – erlef/setup-beam v1.15.1 has been released
• https://github.com/erlef/setup-beam/releases/tag/v1.15.1
• https://github.com/elixir-nx/ex_faiss – Sean Morriarity released a new library in the Nx family called ex_faiss
• https://dockyard.com/blog/2023/01/04/search-and-clustering-with-exfaiss – Blog post to accompany ex_faiss
• https://github.com/lexmag – Core team Aleksei
• https://github.com/am-kantox – Finitomata Aleksei
• https://twitter.com/yburyug/status/1611125098286813184 – Fun Phoenix success story

Do you have some Elixir news to share? Tell us at @ThinkingElixir or email at [email protected]

Discussion Resources

• https://erlef.github.io/security-wg/
• https://erlef.org/wg/security
• https://github.com/erlef/security-wg
• https://erlef.github.io/security-wg/secure_coding_and_deployment_hardening/
• https://podcast.thinkingelixir.com/64 – OTP Certificate Woes with Bram Verburg
• https://erlef.github.io/security-wg/secure_coding_and_deployment_hardening/releases – Section on releases and Erlang's ability to conditionally include the compiler
• https://bluecode.com/en/
• https://www.linkedin.com/in/FrancescoCesarini
• https://podcast.thinkingelixir.com/122 – Interview with Holden Oullette about Elixir Secure Coding Training for teams
• https://en.wikipedia.org/wiki/Whac-A-Mole
• https://podcast.thinkingelixir.com/131 – Interview with Michael Lubas about securing Elixir and Phoenix applications
• https://erlef.github.io/security-wg/secure_coding_and_deployment_hardening/crash_dumps
• https://github.com/voltone/x509/
• https://github.com/beam-telemetry/telemetry
• https://www.lua.org/start.html
• https://www.cisa.gov/uscert/bsi/articles/knowledge/sdlc-process/secure-software-development-life-cycle-processes – Secure Software Development Lifecycle
• https://github.com/nccgroup/sobelow
• https://github.com/rrrene/credo
• https://en.wikipedia.org/wiki/Data-flow_analysis
• https://erlef.org/
• https://members.erlef.org/join-us

Guest Information

• https://twitter.com/voltonez – on Twitter
• https://fosstodon.org/@voltone – on Fediverse
• https://github.com/voltone – on Github
• https://blog.voltone.net/ – Blog

Find us online

• Message the show - @ThinkingElixir
• Message the show on Fediverse - @[email protected]
• Email the show - [email protected]
• Mark Ericksen - @brainlid
• Mark Ericksen on Fediverse - @[email protected]
• David Bernheisel - @bernheisel
• David Bernheisel on Fediverse - @[email protected]
• Cade Ward - @cadebward
• Cade Ward on Fediverse - @[email protected]

Sponsored By:

• Fly.io: Fly.io is a great place to deploy your next Phoenix application! Check them out!