Josh and Kurt talk about Apple’s new T2 security chip. It’s not open source but we expect it to change the security landscape in the coming years. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_122_What_will_Apples_T2_chip_mean_for_the_rest_of_us.mp3 Show Notes T2 Overview Evil maid poker attack Comment on Twitter with the #osspodcast hashtag
Josh and Kurt talk about voting security. What does it mean, how does it work. What works, what doesn’t work, and most importantly why we may not see secure electronic voting anytime soon. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_121_All_about_the_security_of_voting.mp3 Show Notes Canadian electoral system Oregon mail voting Commonwealth of Nations Voter fraud in the US Comment on Twitter with the #osspodcast hashtag
Josh and Kurt talk about Bloomberg’s story about backdoors and motherboards. The story is probably false, but this is almost certainly happening already with hardware. What does it mean if your hardware is already backdoored by one or more countries? https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_120_Bloomberg_and_hardware_backdoors_its_already_happening.mp3 Show Notes Bloomberg Story Jordan Robertson Michael Riley PCB Factory Hard Disk Firmware Hacking Farmers hacking their tractors Comment on Twitter with the #osspodcast hashtag
Josh and Kurt talk about the Google+ and Facebook data incidents. We don’t have any control over this data anymore. The incidents didn’t really affect the users because we have no idea who has access to it. We also touch on GDPR and what it could mean in this context. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_119_the_google_and_facebook_incidents_its_not_your_data_anymore.mp3 Show Notes Facebook hack Google+ hack Comment on Twitter with the #osspodcast hashtag
Josh and Kurt talk about Cloudflare’s new IPFS and Onion services. One brings distributed blockchain files to the masses, the other lets you host your site on tor easily. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_118_cloudflares_ipfs_and_onion_service.mp3 Show Notes IPFS Onion service Comment on Twitter with the #osspodcast hashtag
Josh and Kurt talk about Linus’ effort to work on his attitude. What will this mean for security and IT in general? https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_117_Will_security_follow_Linus_lead_on_being_nice.mp3 Show Notes Linus steps aside Contributor Covenant Comment on Twitter with the #osspodcast hashtag
Josh and Kurt talk to Michael Piacente from Hitch Partners about the past, present, and future role of the CISO in the industry. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_116_The_future_of_the_CISO_with_Michael_Piacente.mp3 Show Notes Hitch Partners Michael Piacente Comment on Twitter with the #osspodcast hashtag
Josh and Kurt talk to Brian Hajost from SteelCloud about public sector compliance. The world of public sector compliance can be confusing and strange, but it’s not that bad when it’s explained by someone with experience. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_115_Discussion_with_Brian_Hajost_from_SteelCloud.mp3 Show Notes SteelCloud DISA STIG Comment on Twitter with the #osspodcast hashtag
Josh and Kurt review Bruce Schneier’s new book Click Here to Kill Everybody. It’s a book everyone could benefit from reading. It does a nice job explaining many existing security problems in a simple manner. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_114_review_of_click_here_to_kill_everybody.mp3 Show Notes Click Here to Kill Everybody There Will Be Cyberwar Reddit OSHA Comment on Twitter with the #osspodcast hashtag
Josh and Kurt talk about actual real world advice. Based on a story about trying to secure political campaigns, if we had to give some security help what should it look like, who should we give it to? https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_113_actual_real_security_advice.mp3 Show Notes Security advice to Democrats Our actual advice Don’t run your own services Email - Google or Microsoft Don’t’ use GPG Use a trusted device Use a password manager on a secure device Use 2FA Backups Comment on Twitter with the #osspodcast hashtag ...