Episode 195 – Is BGP actually insecure?

Josh and Kurt talk about the uproar around Cloudflare’s “Is BGP safe yet” site. It’s always interesting watching how much people will push back on new things, even if the new things is probably a step in the right direction. The clever thing Cloudflare is doing in this instance is they are making the BGP problem somethingContinue reading “Episode 195 – Is BGP actually insecure?”

Episode 194 – Working from home security: resistance is futile

Josh and Kurt talk about the new normal that’s working away from an office. It’s not exactly working from home as there are some unforeseen challenges that we just took for granted in the past. There are a lot of new and strange security problems we have to adapt to, everyone is doing amazing work with veryContinue reading “Episode 194 – Working from home security: resistance is futile”

Episode 193 – Security lessons from space: Apollo 13 edition

Josh and Kurt talk about space. We intended to focus on Apollo 13 but as usual we have no ability to stay on topic. There is a lot of fun space discussions in this one though. Do you think you can hack Voyager 1? Only if you have a big enough satellite dish. Show Notes Eavesdropping onContinue reading “Episode 193 – Security lessons from space: Apollo 13 edition”

Episode 192 – Work without progress – what Infosec can learn from treadmills

Josh and Kurt talk about Kurt’s recent treadmill purchase and the lessons we can lean in security from the consumer market. The consumer market has learned a lot about how to interact with their customers in the last few decades, the security industry is certainly behind in this space today. Once again we display our ability toContinue reading “Episode 192 – Work without progress – what Infosec can learn from treadmills”

Episode 191 – Security scanners are all terrible

Josh and Kurt talk about security scanners. They’re all pretty bad today, but there are some things we can do to make them better. Step one is to understand the problem. Do you know why you’re running the scanner and what the reports mean? Show Notes Edmonton freeze thaw cycles Josh’s security scanner blog series Comment onContinue reading “Episode 191 – Security scanners are all terrible”

Episode 190 – Building a talent "ecosystem"

Josh and Kurt talk about building a talent ecosystem. What starts out as an attempt by Kurt to talk about Canada evolves into a discussion about how talent can evolve, or be purposely grown. Canada’s entertainment industry and Unit 8200 are good examples of this. Show Notes SCTV Red Team Project Moon Shot book  AvE channel  TurningContinue reading “Episode 190 – Building a talent "ecosystem"”

Episode 189 – Video game hackers – speedrunning

Josh and Kurt talk about video games and hacking. Specifically how speed runners are really just video game hackers. Show Notes Developer speedrun commentary Super Mario World end credits glitch explained Mario 3 RCE Breath of the Wild speedrun Super Metroid reverse boss order TMR beats every NES game Comment on Twitter with the #osspodcast hashtag

Part 5: Which of these security problems do I need to care about?

If you just showed up here, go back and start at the intro post, you’ll want the missing context before reading this article. Or not, I mean, whatever. I’ve spent the last few posts going over the challenges of security scanners. I think the most important takeaway is we need to temper our expectations. EvenContinue reading “Part 5: Which of these security problems do I need to care about?”