Episode 225 – Who is responsible if IoT burns down your house?

Josh and Kurt talk about the safety and liability of new devices. What happens when your doorbell can burn down your house? What if it’s your fault the doorbell burned down your house? There isn’t really any prior art for where our devices are taking us, who knows what the future will look like. ShowContinue reading “Episode 225 – Who is responsible if IoT burns down your house?”

We can’t move forward by looking back

For the last few weeks Kurt and I have been having a lively conversation about security ratings scales. Is CVSS good enough? What about the Microsoft scale? Are there other scales we should be looking at? What’s good, what’s missing, what should we be talking about. There’s been a lot of back and forth andContinue reading “We can’t move forward by looking back”

Episode 224 – Are old Android devices dangerous?

Josh and Kurt talk about what happens when important root certificates expire on old Android devices? Who should be responsible? How can we fix this? Is this even something we can or should fix? How devices should age is a really hard problem that needs a lot of discussion. Show Notes Unboxing coins Old AndroidContinue reading “Episode 224 – Are old Android devices dangerous?”

Episode 223 – Full disclosure won, deal with it

Josh and Kurt talk about the idea behind the full disclosure of security vulnerability details. There have been discussions about this topic for decades with many people on all sides of the issue. The reality is however, if you look at the current state of things, this discussion is settled, full disclosure won. Show NotesContinue reading “Episode 223 – Full disclosure won, deal with it”

Episode 221 – Security, magic, and FaceID

Josh and Kurt talk about how to get started in security. It’s like the hero’s journey, but with security instead of magic. We then talk about what Webkit bringing Face ID and Touch ID to the browsers will mean. Show Notes Hero’s Journey Mudge’s Tweet L0pht at Congress Bob Ross Webkit Face ID and TouchContinue reading “Episode 221 – Security, magic, and FaceID”

Episode 220 – Securing network time and IoT

Josh and Kurt talk about Network Time Security (NTS) how it works and what it means for the world (probably not very much). We also talk about Singapore’s Cybersecurity Labelling Scheme (CLS). It probably won’t do a lot in the short term, but we hope it’s a beacon of hope for the future. Show NotesContinue reading “Episode 220 – Securing network time and IoT”

Episode 218 – The past was a terrible place

Josh and Kurt talk about change. Specifically we discuss how the past was a terrible place. Never believe anyone who tells you it was better. Part of a career now is learning how to learn. The things you learn today won’t be useful skills in a few years. The future is is always better thanContinue reading “Episode 218 – The past was a terrible place”