A security podcast geared towards those looking to better understand security topics of the day. Hosted by Kurt Seifried and Josh Bressers covering a wide range of topics including IoT, application security, operational security, cloud, devops, and security news of the day. There is a special open source twist to the discussion often giving a unique perspective on any given topic.
Similar Podcasts
The Real Python Podcast
A weekly Python podcast hosted by Christopher Bailey with interviews, coding tips, and conversation with guests from the Python community.
The show covers a wide range of topics including Python programming best practices, career tips, and related software development topics.
Join us every Friday morning to hear what's new in the world of Python programming and become a more effective Pythonista.
Go Time: Golang, Software Engineering
Your source for diverse discussions from around the Go community. This show records LIVE every Tuesday at 3pm US Eastern. Join the Golang community and chat with us during the show in the #gotimefm channel of Gophers slack. Panelists include Mat Ryer, Jon Calhoun, Carmen Andoh, Johnny Boursiquot, Angelica Hill, Mark Bates, Kris Brandow, and Natalie Pistunovich. We discuss cloud infrastructure, distributed systems, microservices, Kubernetes, Docker… oh and also Go! Some people search for GoTime or GoTimeFM and can’t find the show, so now the strings GoTime and GoTimeFM are in our description too.
The FOSS Pod
From the creative geniuses behind Brad & Will Made a Tech Pod, The FOSS Pod is a show about the free and open source software that’s changing the world, and the developers who are making it happen.
Episode 165 - Grab Bag of Microsoft Security News
Josh and Kurt about a number of Microsoft security news items. They've changed how they are handling encrypted disks and are now forcing cloud logins on Windows users. Show Notes Microsoft KB 4516071 A Security Market for Lemons Kurt's file wiping advisory Lock Picking Lawyer vs Consumer Reports Sun Ray Linux Gamers: <0.1% of sales but >20% of auto reported crashes
Episode 164 - DNS over HTTPS: Probably not the end of the world
Josh and Kurt about DNS over HTTPS and how it may or may not destroy civilization. We also discuss the disruption of cloud in the context of security and touch on the news that GitHub is now a CVE CNA! Show Notes DNS over HTTPS California Privacy Law Defensive Security Podcast GitHub is a CNA
Episode 163 - Death to Python 2
Josh and Kurt about the upcoming Python 2 EOL. What does it mean, why does it matter, and what you can you do? Show Notes Python Clock Python's statement about sunsetting Python 2 wifi 6
Episode 162 - SBOM with Allan Friedman
Josh and Kurt speak with Allan Friedman of the US National Telecommunications and Information Administration about Software Bill of Materials. Where are we today, where are things going, and how you can help. Show Notes Allan Friedman NTIA NTIA Software Component Transparency
Episode 161 - Human nature and ad powered open source
Josh and Kurt start out discussing human nature and how it affects how we view security. A lot of things that look easy are actually really hard. We also talk about the npm library Standard showing command line ads. Are ads part of the future of open source? Show Notes thegrugq secure android DoD JEDI program Firefox privacy settings Standard ads Max Headroom
Episode 160 - Disclosing security issues is insanely complicated: Part 2
Josh and Kurt talk about disclosing security flaws in open source. This is part two of a discussion around how to disclose security issues. This episode focuses on some expectations and behaviors for open source projects as well as researchers trying to disclose a problem to a project. Show Notes webmin backdoor Github security advisories
Episode 159 - Disclosing security issues is insanely complicated: Part 1
Josh and Kurt talk about disclosing security flaws. It's a topic that's come up a few times in the last few weeks and it's more complicated than it's ever been. We certainly ask more questions than we answer in this episode, there will be a part 2 that focuses on open source disclosure. Show Notes Lock Picking Lawyer Tavis' Windows flaw
Episode 158 - The mess that we call credit agencies in the US
Josh and Kurt talk about the current state of credit security freezes in the US. We recount a thrilling tale of all the things Josh had to do to get new Internet service. It was all quite silly really. Show Notes Weak security freeze pins 'null' license plate
Episode 157 - Backdoors and snake oil in our cryptography
Josh and Kurt talk about snakeoil cryptography at Black Hat and the new backdoored cryptography fight. Both of these problems will be with us for a very long time. These are fights worth fighting because it's the right thing to do. Show Notes Time AI video Kurt's Tweet about technical explanations Josh's blog post about bug training Schneier on Barr's encryption discussion
Episode 156 - What if we MitM a whole country?
Josh and Kurt talk about Kazakhstan requiring citizens to place a government controlled root CA certificate on their computers. How does this work. What does it mean for the citizens of Kazakhstan, and why we all should be paying attention. Show Notes Kazakhstan MitM all TLS traffic Mozilla bug
Episode 155 - Stealing cars and ransomware
Josh and Kurt talk about a new way to steal cars because a service didn't do proper background checks. We also discuss how this relates to working with criminals, such as ransomware, and what it means for the future of the ransomware industry. Show Notes Car2go theft Alberta driver's license security Albertosaurus Las Vegas won't pay a ransom
Episode 154 - Chat with the authors of the book "The Fifth Domain"
Josh and Kurt talk to the authors of a new book The Fifth Domain. Dick Clarke and Rob Knake join us to discuss the book, cybersecurity, US policy, how we got where we are today and what the future holds for cybersecurity. Show Notes The Fifth Domain Dick Clarke Rob Knake Future State Podcast
Episode 153 - The unexpected security of AI, photographs, and VPN
Josh and Kurt talk about user expectations around Facebook's AI. Normal people are starting to see the capabilities and potential risk with all these services. We also cover the topic of China owning a number of VPN services.
Episode 152 - Tavis breaks the world ... again
Josh and Kurt talk about the disclosure of security vulnerabilities. It's still not a settled topic, we frame the conversation around a recent disclosure from Tavis Ormandy of Google Project Zero.
Episode 151 - The DARPA Cyber Grand Challenge with David Brumley
Josh and Kurt talk to David Brumley. The CEO of ForAllSecure and professor at CMU. We discuss when David's team won the Cyber Grand Challenge, what the future of automated security looks like, and what ForAllSecure is doing. It's a fascinating window into the future of the industry.