Episode 156 – What if we MitM a whole country?

Josh and Kurt talk about Kazakhstan requiring citizens to place a government controlled root CA certificate on their computers. How does this work. What does it mean for the citizens of Kazakhstan, and why we all should be paying attention. Show Notes Kazakhstan MitM all TLS traffic Mozilla bug Comment on Twitter with the #osspodcast hashtag

Episode 155 – Stealing cars and ransomware

Josh and Kurt talk about a new way to steal cars because a service didn’t do proper background checks. We also discuss how this relates to working with criminals, such as ransomware, and what it means for the future of the ransomware industry. Show Notes Car2go theft Alberta driver’s license security Albertosaurus Las Vegas won’t payContinue reading “Episode 155 – Stealing cars and ransomware”

Episode 154 – Chat with the authors of the book "The Fifth Domain"

Josh and Kurt talk to the authors of a new book The Fifth Domain. Dick Clarke and Rob Knake join us to discuss the book, cybersecurity, US policy, how we got where we are today and what the future holds for cybersecurity. Show Notes The Fifth Domain Dick Clarke Rob Knake Future State Podcast Comment onContinue reading “Episode 154 – Chat with the authors of the book "The Fifth Domain"”

Episode 153 – The unexpected security of AI, photographs, and VPN

Josh and Kurt talk about user expectations around Facebook’s AI. Normal people are starting to see the capabilities and potential risk with all these services. We also cover the topic of China owning a number of VPN services. Show Notes Facebook’s AI descriptions China owns a lot of VPNs  VPN comparison Comment on Twitter with theContinue reading “Episode 153 – The unexpected security of AI, photographs, and VPN”

Episode 152 – Tavis breaks the world … again

Josh and Kurt talk about the disclosure of security vulnerabilities. It’s still not a settled topic, we frame the conversation around a recent disclosure from Tavis Ormandy of Google Project Zero. Show Notes Tavis Tavis ruins everything cDc book France Bans Judge Analytics Elastic Source Code Comment on Twitter with the #osspodcast hashtag