Podcast

Episode 152 - Tavis breaks the world ... again

Josh and Kurt talk about the disclosure of security vulnerabilities. It’s still not a settled topic, we frame the conversation around a recent disclosure from Tavis Ormandy of Google Project Zero. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_152_Tavis_breaks_the_world_again.mp3 Show Notes Tavis Tavis ruins everything cDc book France Bans Judge Analytics Elastic Source Code Comment on Twitter with the #osspodcast hashtag

Episode 151 - The DARPA Cyber Grand Challenge with David Brumley

Josh and Kurt talk to David Brumley. The CEO of ForAllSecure and professor at CMU. We discuss when David’s team won the Cyber Grand Challenge, what the future of automated security looks like, and what ForAllSecure is doing. It’s a fascinating window into the future of the industry. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_151_The_Darpa_Cyber_Grand_Challenge_with_David_Brumley.mp3 Show Notes David Brumley ForAllSecure Cyber Grand Challenge Comment on Twitter with the #osspodcast hashtag

Episode 150 - Our ad funded dystopian present

Josh and Kurt talk about the future Chrome and ad blockers. There is a lot of nuance to unpack around this one. There are two versions of the Internet today. One with an ad blocker and one without. The Internet without an ad blocker is a dystopian nightmare. The actionable advice at the end of this one is to use Firefox. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_150_Our_ad_funded_dystopian_present.mp3 Show Notes Chrome ad blocking Firefox Mozilla funding Donate to Firefox Comment on Twitter with the #osspodcast hashtag ...

Episode 149 - Chat with Michael Coates about data security

Josh and Kurt have a chat with Michael Coates from Altitude Networks. We cover what Altitude is up to as well as general trends we’re seeing around data security in the cloud. Michael lays out his vision for “data first security”. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_149_Chat_with_Michael_Coates_about_data_security.mp3 Show Notes Michael Coates Altitude Networks Michael’s Keynote Comment on Twitter with the #osspodcast hashtag

Episode 148 - You just got pwnt, what now?

Josh and Kurt talk about public disclosure of a security incident. We start out with a story about Canva, then discuss what do you do if you have a security incident? Who do you tell, what do you tell them. How do you tell your story? It’s a really hard problem even if it’s something you’ve done many times in the past. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_148_You_just_got_pwnt_what_now.mp3 Show Notes Dave Hall First Canva message Second Canva message Forklift safety Pixar Toy Story 2 Non financial database Eating Crow Comment on Twitter with the #osspodcast hashtag ...

Episode 147 - Scams and operations as part of the supply chain

Josh and Kurt talk about a new type of lockbox scams. We also discuss Slack being a target for nation state attacks. Do you consider your operations part of your supply chain?It’s totally part of your supply chain. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_147_Scams_and_operations_as_part_of_the_supply_chain.mp3 Show Notes Lock Box Scam Slack nation state hacker target Comment on Twitter with the #osspodcast hashtag

Episode 146 - What the @#$% happened to Microsoft?

Josh and Kurt talk about Microsoft. They’re probably not the bad guys anymore, which is pretty wild. They’re adding a Linux kernel to Window. Can we declare open source the unquestionable winner now? https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_146_What_the_happened_to_Microsoft.mp3 Show Notes Github contribution report Are we the baddies? Comment on Twitter with the #osspodcast hashtag

Episode 145 - What do security and fire have in common?

Josh and Kurt talk about fire. We discuss the history of fire prevention and how it mirrors many of things we see in security. There are lessons there for us, we just hope it doesn’t take 2000 years like it did for proper fire prevention to catch on. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_145_What_do_security_and_fire_have_in_common.mp3 Show Notes History of firefighting Comment on Twitter with the #osspodcast hashtag

Episode 144 - The security of money, which one is best?

Josh and Kurt talk about the security of money. Not how to keep it secure, but the security issues around using cash, credit, and bitcoin. We also talk about Banksy’s clever method for proving something is original. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_144_The_security_of_money_which_one_is_best.mp3 Show Notes Banksy ten pound note Ethereum bad wallets Comment on Twitter with the #osspodcast hashtag

Episode 143 - Security lessons from the phone book

Josh and Kurt talk about the phone book (yeah, the big paper book people used to use). Kurt got one in the mail. While it’s certainly a relic from another time, there were security tips in it among other wild things. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_143_Security_lessons_from_the_phone_book.mp3 Show Notes Chad Loder’s Twitter Comment on Twitter with the #osspodcast hashtag