Episode 102 – Michael Feiertag from tCell

Josh and Kurt talk to Michael Feiertag, the CEO of tCell. We talk about what a Web Application Firewall is, what it does and doesn’t do, and what the future of this technology looks like. We touch on how this affects a DevOps environment. Security has to fit into the existing model, not try to change it.Continue reading “Episode 102 – Michael Feiertag from tCell”

Episode 101 – Our unregulated future is here to stay

Josh and Kurt talk about Bird scooters. The implications of the scooters on the city, segways, bicycles. The topic of how these vehicles interact with pedestrians on the road and trails. It’s an example of humans not wanting to follow the rules and generally making the situation annoying for everyone. It’s the old security story of newContinue reading “Episode 101 – Our unregulated future is here to stay”

Episode 100 – You’re bad at buying security, we can help!

Josh and Kurt talk about how to be a smart security buyer. We have guest Steve Mayzak walk us through how a the buying process works as well as giving out a ton of great advice. Even if you’re experienced with how to buy security technology you should give this a listen. Show Notes Buyer training Join our FacebookContinue reading “Episode 100 – You’re bad at buying security, we can help!”

Episode 99 – Consumer security is too broken to fix, and it doesn’t matter

Josh and Kurt talk about a number of consumer security issues. The FBI told everyone to reboot their routers which they won’t do. The .app top level domain is a cesspool of malware. Everyone has a cell phone and won’t update them properly. None of this probably matters though. Unless there are real measurable tragedies caused byContinue reading “Episode 99 – Consumer security is too broken to fix, and it doesn’t matter”

Episode 98 – When IT decisions kill people

Josh and Kurt talk about the NTSB report from the fatal Uber crash and what happened with Amazon’s Alexa recording then emailing a private conversation. IT decisions now have real world consequences like never before. Show Notes Uber NTSB report Powerpoint and the space shuttle Alexa secret recording Siri unlocks the door 911 operator hangs up JoinContinue reading “Episode 98 – When IT decisions kill people”

Episode 97 – Automation: Humans are slow and dumb

Josh and Kurt talk about the security of automation as well as automating security. The only way automation will really work long term is full automation. Humans can’t be trusted enough to rely on them to do things right. Show Notes Tesla hits a firetruck British Tesla passenger Join our Facebook Group Comment on Twitter with theContinue reading “Episode 97 – Automation: Humans are slow and dumb”

Episode 96 – Are legal backdoors a good idea?

Josh and Kurt talk about backdoors in code and products that have been put there on purpose. We talk about unlocking phones. Encryption backdoors with a focus on why they won’t work. Show Notes CALEA Cellebrite unlocking phones Schneier on Ray Ozzie’s proposal UK RIP act Join our Facebook Group Comment on Twitter with the #osspodcast hashtag

Episode 95 – Twitter passwords and npm backdoors

Josh and Kurt talk about Twitter doing the right thing when they logged a lot of passwords, the npm malicious getcookies package, and how backdoors work in code. Show Notes Twitter password logging npm getcookies xkcd gluing things together Join our Facebook Group Comment on Twitter with the #osspodcast hashtag

Episode 94 – DNSSEC, BGP, and reality

Josh and Kurt talk about the Amazon Route 53 incident and what it really means for the modern infrastructure. Complaining nobody is using DNSSEC or securing BGP aren’t the right conversations to be having. Reality must be considered in any honest conversation about these topics. Show Notes Route 53 attack Cloudflare’s Join our Facebook Group CommentContinue reading “Episode 94 – DNSSEC, BGP, and reality”