Everything you know about security is wrong, stop protecting your empire!

Last week I kept running into old school people trying to justify why something that made sense in the past still makes sense today. Usually I ignore these sort of statements, but I feel like I’m seeing them often enough it’s time to write something up. We’re in the middle of disruptive change. That meansContinue reading “Everything you know about security is wrong, stop protecting your empire!”

Episode 30 – I’m not an expert but I’ve been yelled at by experts

Josh and Kurt discuss security automation. Machine learning, AI, and a bunch of moral and philosophical boundaries that new future will bring. You’ve been warned. Show Notes XKCD Is It Worth the Time? Larry Wall Google Translate AI invents its own language to translate with Black Mirror Social Media Episode St. Louis Public Library Ransomware Join ourContinue reading “Episode 30 – I’m not an expert but I’ve been yelled at by experts”

Return on Risk Investment

I found myself in a discussion earlier this week that worked its way into return on investment topics. Of course nobody could really agree on what the return was which is sort of how these conversations often work out. It’s really hard to decide what the return on investment is for security features and products.Continue reading “Return on Risk Investment”

Episode 28 – RSA Conference 2017

Josh and Kurt discuss their involvement in the upcoming 2017 RSA conference: Open Source, CVEs, and Open Source CVE. Of course IoT and encryption manage to come up as topics. Show Notes Kurt’s talk – Saving CVE wtih open source Josh’s P2P session – Managing Your Open Source Join our Facebook Group Comment on Twitter with theContinue reading “Episode 28 – RSA Conference 2017”

What does security and USB-C have in common?

I’ve decided to create yet another security analogy! You can’t tell, but I’m very excited to do this. One of my long standing complaints about security is there are basically no good analogies that make sense. We always try to talk about auto safety, or food safety, or maybe building security, how about pollution. There’sContinue reading “What does security and USB-C have in common?”

Episode 27 – Prove to me you are human

Josh and Kurt discuss NTP, authentication issues, network security, airplane security, AI, and Minecraft. Show Notes NTP “Attack” U2F Tokens Paying ransoms with iTunes giftcards Cloudflare Porcupine Google Security Design Overview Drone collides with a plane Israeli Security Harvest.ai Minecraft Mod installer Skyblock Join our Facebook Group Comment on Twitter with the #osspodcast hashtag

Episode 26 – Tell your sister, Stallman was right

Josh and Kurt end up discussing video game speed running, which is really just hacking. We also end up discussing the pitfalls of the modern world where you don’t own your software or services. Stallman was right! Show Notes Games Done Quick Super Mario Brother Speedrun Super Mario Brother Minus World Explanation speedrun.com Legend of Zelda GhostContinue reading “Episode 26 – Tell your sister, Stallman was right”

Security Advice: Bad, Terrible, or Awful

As an industry, we suck at giving advice. I don’t mean this in some negative hateful way, it’s just the way it is. It’s human nature really. As a species most of us aren’t very good at giving or receiving advice. There’s always that vision of the wise old person dropping wisdom on the youthContinue reading “Security Advice: Bad, Terrible, or Awful”