Episode 21 – CVE 10K Extravaganza

Josh and Kurt talk about CVE 10K. CVE IDs have finally crossed the line, we need 5 digits to display them. This has never happened before now. Show Notes OpenSSH CVE10K assignments CVE-2016-10005 CVE syntax change CVE Numbering Authorities OpenSSH Security Advisory C to HDL Reboot Boeing Dreamliner One person writes most Linux video camera drivers DonaldContinue reading “Episode 21 – CVE 10K Extravaganza”

Episode 20 – The Death of PGP

Josh and Kurt talk about the death of PGP, and how it’s not actually dead at all. It’s still really hard to use though. Show Notes I’m giving up on PGP Yubikey 4 Josh’s PGP setup blog post Kurt’s key with multiple signatures PGP short ID collisons Let’s Encrypt ICQ website from the late 90’s Signal SecureContinue reading “Episode 20 – The Death of PGP”

Episode 19 – A field full of razor blades and monsters

Josh and Kurt talk about the bricking devices (on purpose). Show Notes Samsung will brick the Note 7s Verizon won’t brick the phones Hoverboard imports banned Firestone tire recall Denmark Apple refurbished phone case Deprecating SHA1 South Korean Banking Encryption Canada’s Worst Driver Fitbit bought Pebble Comment on Twitter with the #osspodcast hashtag

Episode 18 – The Security of Santa

Josh and Kurt talk about the security concerns and logistics of Santa, elves, and the North Pole. Show Notes Elf on the Shelf Furby without fur Norad Tracks Santa Futurama Xmas St. Nicholas David Sedaris on Santa US Senate Candy Desk You need 76 days to read all privacy statements Mona Lisa Theft Super Guppy LSST DataContinue reading “Episode 18 – The Security of Santa”

Episode 16 – Cat and mouse

Josh and Kurt talk about cybercrime and regulation. Show Notes Avalanche Global Fraud Ring Spam King Rosendale Speed Trap Attacking Broadband Routers Spreadsheet of VPN providers DNSSEC Root Signing Ceremony Chicago Tylenol Murders Psychoactive Substances Act 2016 Computer Fraud and Abuse Act Calvinball CIH Virus Author Firefox 0day Comment on Twitter

Episode 12 – Security Trebuchet

Josh and special guest host Dave Sirrine talk about feedback, OpenSSL, OAuth2, Let’s Encrypt, disclosure, and locks. Show Notes coh’s feedback OpenSSL security advisory Red Hat CLI security API Shovel Knight Pumpkin OAuth2 bug Let’s Encrypt Half of all Chrome connections use https Google’s Windows Bug RichSec (Richmond VA Information Security Users Group) RVASec (Yearly conference inContinue reading “Episode 12 – Security Trebuchet”