Mikael Barbero

What’s a technology that you think is overhyped? I’m going to give a sideways answer to this, which is that the venture capital business model needs to be understood as requiring hype. You can go back to the Netscape IPO, and that was the proof point that made venture capital the financial lifeblood of the tech industry. Venture capital looks at valuations and growth, not necessarily at profit or revenue. So you don’t actually have to invest in technology that works, or that even makes a profit, you simply have to have a narrative that is compelling enough to float those valuations. So you see this repetitive and exhausting hype cycle as a feature in this industry. A couple of years ago, you would have been asking me about the metaverse, then last year, you would have asked me about Web3 and crypto, and for each of these inflection points there’s an Andreessen Horowitz manifesto. It’s not simply that one piece of technology is overhyped, it’s that hype is a necessary ingredient of the current business ecosystem of the tech industry. We should examine how often the financial incentive for hype is rewarded without any real social returns, without any meaningful progress in technology, without these tools and services and worlds ever actually manifesting. That’s key to understanding the growing chasm between the narrative of techno-optimists and the reality of our tech-encumbered world.

Stand by this: www.politico.com/newsletters/...

He has refused his Assent to Laws, the most wholesome and necessary for the public good. He has endeavoured to prevent the population of these States; for that purpose obstructing the Laws for Naturalization of Foreigners. He has obstructed the Administration of Justice, by refusing his Assent to Laws for establishing Judiciary powers. He has made Judges dependent on his Will alone. He has erected a multitude of New Offices, and sent hither swarms of Officers to harass our people, and eat out their substance. He has affected to render the Military independent of and superior to the Civil power. For cutting off our Trade with all parts of the world For depriving us in many cases, of the benefits of Trial by Jury In every stage of these Oppressions We have Petitioned for Redress in the most humble terms: Our repeated Petitions have been answered only by repeated injury. A Prince, whose character is thus marked by every act which may define a Tyrant, is unfit to be the ruler of a free people.

🇺🇸Happy Fourth of July🇺🇸 This year, I'm wearing my 𝐑𝐞𝐬𝐢𝐬𝐭 shirt to show my patriotism. I'm reading the declaration of independence as I always do on this occasion. Several of King George's offenses against the colonies resonate this year. Here they are, verbatim:

Iwata Satoru was an unconventional CEO. In all the best ways that could imply!

I used this procedure, and it works very well https://www.wikihow.com/Import-Twitter-to-Bluesky

I will be damned if I allow a bunch of Confederate-waving January 6th apologists give the American people a lecture on flag waving.

There is ZERO reason to enter an argument about patriotism with people who still worship traitors to America 150+ years later.

They. Are. Breaking. The. Law.

🗓 On 4 June, the ORC community was represented by some of its members in the CRA Expert Group meeting hosted by @ec.europa.eu

We’re grateful to @ec.europa.eu for facilitating this discussion and to everyone involved.

@j-rico.bsky.social @tobie.bsky.social @mikael.barbero.tech @apache.org

📢 Calling developers, users, and committers! The Eclipse Foundation Security team is offering a new security training focused on vulnerability management and related subjects.

Register for Day 2 (June 10 on 4PM CEST): eclipse.zoom.us/meeting/regi...

➡️ blogs.eclipse.org/post/marta-r...

Announcing Security Training on Vulnerability Management, SBOM and related subjects Do you want to know more about

On June 3rd and 10th with my colleagues from the Eclipse Foundation we will be running a free security training on vulnerability management and related subject.

More details and registration links on blogs.eclipse.org/post/marta-r...

🔒 Master vulnerability management! Our security training on 3 June and 10 June covers CVE reporting, embargoes, dependency evaluation, and SBOMs.

📅 Day 1: eclipse.zoom.us/meeting/regi...
📅 Day 2: eclipse.zoom.us/meeting/regi...

Rubio publicly criticizing an ally for cracking down on right-wing extremism. And Germany hitting back. We are in a new world

France and Germany unveil Docs, a homegrown alternative to Google Docs The Trump administration has set out to drastically reshape the relationship between the US and Europe. In response, Brussels is scrambling to adapt to this new reality,...

The days of Google Docs are ending; we enter the age of Docs, made by France's Interministerial Directorate for Digital Affairs and Germany's Center for Digital Sovereignty of Public Administration.

We need more governments to collaborate on public software projects to achieve digital sovereignty.

BREAKING.

From a reliable source. MITRE support for the CVE program is due to expire tomorrow. The attached letter was sent out to CVE Board Members.

move slowly and build things

Nailed it :D

VulnCon is a quite unique conference focus on software (and not only) vulnerability management. It is happening at the beginning of April and I will be speaking twice.

signal appstore icon: Signal - Private Messenger Today Update • Hidden “invite random journalist” button moved to avoid accidental taps Version 7.52 • 143.9 MB

dead

This is inaccurate. There is no known vulnerability with Signal's core tech. The memo was discussing phishing attempts, which Signal has worked to mitigate. And it was hastily reported.

It's important not to spread misinfo that can confuse people into moving away from meaningfully private comms.

Hidden threats lurk in commercial software: How to manage risk While open-source software risks are not going away, attack trends show third-party software presents the greatest risk to the enterprise.

👀 New report from RL: While #OSS risks are not going away, attack trends show third-party commercial software presents the greatest risk to the enterprise. Learn more: www.reversinglabs.com/blog/hidden-...

#SoftwareSupplyChainSecurity #AppSec #DevSecOps #Dev

its amazing how chatgpt knows everything about subjects I know nothing about, but is wrong like 40% of the time in things im an expert on. not going to think about this any further

Claude Malhuret, always up to the challenges!

🌍 The first CRA Expert Group meeting was held in Brussels in February with the goal of turning the CRA into action. This group will advise the Commission on issues such as the “implementation guidance” and advice for the implementation of the CRA.

Learn how to get involved: buff.ly/4kddwOh

Being able to drop a quarterly US GDP prediction by 5.1% from +2.3% to -2.8% in a single week is one of the most impressive economic developments in the history of the world.

masterclass in how to answer “yes” while saying “no”

Trudeau: "He talked about banking again today in a tweet, which doesn't make any sense because 16 banks are currently active in Canada holding about $113b worth of assets in this country... what he wants is to see a total collapse of the Canadian economy, because that'll make it easier to annex us."

created issues + pull-requests on GitHub per months since 2015, showing a growing trend

Ten years ago on this day we went full GitHub model in #curl: pull-request style development. We have since handled over 10.700 PRs in an increasing amount of activity.

https://daniel.haxx.se/blog/2015/03/03/curl-embracing-github-more/

if literally anyone involved stopped to think about this for more than two seconds, they might realize it’s based on the idea that all mistakes can be fixed. which is wrong.

which is why move fast and break things should never be used anywhere near a government, where mistakes kill people.

-= We hoped we never had to do this but here we are and we now have to do this. =-

American trans humans are under threat and like in 1930s Germany, they now have to GTFO of their home country.

We have decided we need to collect some information on the possible ways out.

So we made a wiki.

European standardisation organisations and ENISA join for the 9th #Cybersecurity Standardisation Conference on 20 March. Registration is first come, first served.

#ORCWG is speaking on the panel “Overarching cybersecurity by standards."

www.enisa.europa.eu/events/cyber...

#cybersecurity #CRA

Reports indicate that cybercriminals are exploiting the Windows DLL side-loading technique using the legitimate jarsigner.exe executable to propagate malware, found in Java distributions like #EclipseTemurin.

@mikael.barbero.tech addresses this in a new statement: blogs.eclipse.org/post/mika%C3...