Cheuk Ting Ho | Building the Open-source Community

Trojan Source - Can we trust open-source anymore?

23 Jul 2022

Recently, a paper is published to demonstrate how a visibly valid contribution can contain malicious code by exporting the Unicode control characters. Some of these attacks has been tested on Python and it works. Shall the Python and open-source communities be concerned?

See more of my talks on YouTube.

Share this video

https://cheuk.dev/videos/ouxxwypbxw4/

About Cheuk Ting Ho

After having a career as a Data Scientist and Developer Advocate, Cheuk dedicated her work to the open-source community and working as a community manager at OpenSSF. She has co-founded Humble Data, a beginner Python workshop that has been happening around the world. She has served the EuroPython Society board for two years and is now a fellow and director of the Python Software Foundation.

Trojan Source - Can we trust open-source anymore?

Share this video

Related

Will PyScript replace Django? - What PyScript is and is not

PyData Bristol Meetup

PyBerlin 36 - 🍁🍁 Special autumn event. Day 1 🍁🍁