Tuesday 18 April 2023

EU cyber laws ‘will’ make FOSS devs liable - ReversingLabs

The Python Software Foundation is very, very unhappy with the draft Cyber Resilience Act (CRA) and Product Liability Act (PLA).


European lawmakers want all software makers to be liable for security holes. Even non-profit or hobbyist developers could be sued for negligence.

The EU’s draft Cyber Resilience Act (CRA) and Product Liability Act (PLA) would “create a chilling effect” and do “irreparable harm,” according to the organization behind Python and PyPI. When replicated across other parts of the software supply chain ecosystem, we risk the whole house of cards crashing down — as devs race to limit their liability.

The goal might be laudable, but some aspects need a major rethink. In this week’s Secure Software Blogwatch, we fear unintended consequences.


Read more: EU cyber laws ‘will’ make FOSS devs liable

Monday 17 April 2023

Drop Everything: Update Chrome NOW — 0-Day Exploit in Wild - Security Boulevard

It’s Help|About time: