A security podcast geared towards those looking to better understand security topics of the day. Hosted by Kurt Seifried and Josh Bressers covering a wide range of topics including IoT, application security, operational security, cloud, devops, and security news of the day. There is a special open source twist to the discussion often giving a unique perspective on any given topic.
Similar Podcasts
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
The FOSS Pod
From the creative geniuses behind Brad & Will Made a Tech Pod, The FOSS Pod is a show about the free and open source software that’s changing the world, and the developers who are making it happen.
ThunderCast
An inside look at the making of Mozilla Thunderbird, and community-driven conversations with our friends in the open-source software space.
Episode 260 - Dave Jevans tells us what CipherTrace is up to
Josh and Kurt talk with Dave Jevans CEO of CipherTrace and chairman of the anti-phishing working group about the challenges of keeping track of cryptocurrency in the modern age. Show Notes Dave's Twitter CipherTrace Anti Phishing Working Group
Episode 259 - What even is open source anymore?
Josh and Kurt talk about the question "what is open source?" Why do we think it's broken today, and what sort of ideas about what should come next. Show Notes OSI Bruce Perens Post Open Source Josh's community blog post Corey Doctorow Uber Twitter thread
Episode 258 - Stop using C
Josh and Kurt talk about the Google Project Zero report titled "A Year in Review of 0-days Exploited In-The-Wild in 2020". It's a cool report but we don't agree on the conclusion. The answer isn't to security harder, it's to stop using C. Show Notes Google Project Zero Year of 0-days Kurt's CUPS tweet
Episode 257 - The sudo and libgcrypt vulnerabilities
Josh and Kurt talk about the recent sudo and libgcrypt security vulnerabilities. What's the deal with these buffer overflows and TOCTU bugs? Show Notes Sudo buffer overflow Sudo SELinux bug libgcrypt buffer overflow
Episode 256 - 9 bits of podcast, 8 bits of computing
Josh and Kurt talk about 8 bit computing. What sort of security lessons can we learn from the 8 bit world? More than you think. Show Notes Legend of Zelda Random Number Generation Green rocket flame SR71 leaked fuel How do Namibian Himbas see colour? Suptuple meter music
Episode 255 - What if security wasn't joyless?
Josh and Kurt talk about what we can stop doing. We take a position of asking "does it spark joy" for tools and infrastructure. Everyone is doing something they should stop. Show Notes Does it spark joy?
Episode 254 - Right to Repair Security
Josh and Kurt talk about the new right to repair rules in the EU. There's a strange line between loving the idea of right to repair, but also being horrified as security people at the idea of a device being on the Internet for 30 years. Show Notes EU right to repair repair.eu
Episode 253 - Defenders only need to be right once
Josh and Kurt talk about this idea that seems to exist in security of "attackers only need to be right once" which is silly. The reality is attackers have to get everything right, defenders really only need to get it right once. But "defenders only need to be right once" isn't going to sell any products. Show Notes Richard Feynman and manhole covers Richard Feynman on Why He Can't Tell You How Magnets Work Israeli airport security FAA stolen sweater XKCD Is it worth the time CGP Grey The trouble with transporters
Episode 252 - Is open source dangerous? Open source won, who cares, shut up!
Josh and Kurt talk about a report on open source security from the Canadian Centre for Cyber Security. The title pretty much sums it up. Show Notes Security Considerations for Open Source Build an 8 bit computer from scratch
Episode 251 - Communication is hard, security communication is more hard
Josh and Kurt talk about communication. It's really hard to talk about a lot of what we do. How do we know if a device is secure? How do we know our knowledge is correct? Show Notes 90 percent of U.S. bills carry traces of cocaine Is the moon a star or planet? A mole of moles New homeowner 'freaked out' when stranger took control of her security system Coffee maker ransomware NIST Phish Scale The metric system Operation Paperclip
Episode 250 - Door 25: Why do we do the things we do? Question everything
Josh and Kurt talk about why we do the things we do. Sometimes we have to question everything. Links SLAM missile
Episode 249 - Door 24: Information wants to be free
Josh and Kurt talk about the idea of information wanting to be free. It's Christmas, we should give it what it wants! Links Hacker Manifesto
Episode 248 - Door 23: How to report 1000 security flaws
Josh and Kurt talk about how to file 1000 security flaws. One is easy, scale is hard.
Episode 247 - Door 22: How to report one security flaw
Josh and Kurt talk about how to report one security flaw
Episode 246 - Door 21: Bug bounties
Josh and Kurt talk about bug bounties