Podcast

Josh and Kurt talk about Mozilla pulling a paywall bypassing extension. We then turn our attention to talking about walled gardens. Are they good, are they bad? Something in the middle? There is a lot of prior art to draw on here, everything from Windows, Android, iOS, even Linux distributions. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_127_Walled_gardens_appstores_and_more.mp3 Show Notes Mozilla blocks a paywall bypass extension Turning a root ball Comment on Twitter with the #osspodcast hashtag ...

Josh and Kurt continue the discussion from episode 125. We look at the possible future of software supply chains. It’s far less dire than previously expected. It’s likely there will be some change in the near future. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_126_The_not_so_dire_future_of_supply_chain_security.mp3 Show Notes Episode 125 Comment on Twitter with the #osspodcast hashtag

Josh and Kurt talk about how open source deals with malicious events. It’s probably impossible to stop these from happening, but the open source universe deals with it in its own unique way. We start to discuss what you can do, since everyone is using open source everywhere now. There will be a second part to this episode where we discuss what the future holds for these sort of problems. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_125_Open_Source_supply_chains_npm_and_you.mp3 Show Notes NPM event-stream backdoor Josh’s blog post Comment on Twitter with the #osspodcast hashtag ...

Josh and Kurt talk about Cloudflare’s new Workers service. We spend a lot of time discussing how economics drives technology, not security. It’s quite likely this new service is less secure than existing alternatives, but it will be cheaper and faster which will matter more than security. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_124_Cloudflares_service_workers_and_the_economics_of_security.mp3 Show Notes Cloudflare Workers AV vs Whitelisting tweets Comment on Twitter with the #osspodcast hashtag

Josh and Kurt talk to Liz Rice about Kubernetes and container security. How did we get where we are today, what’s new and exciting today, and where do we think things are going. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_123_Talking_about_Kubernetes_and_container_security_with_Liz_Rice.mp3 Show Notes Liz Rice Operating Kubernetes Clusters and Applications Safely book Aqua Security Clair container scanner Comment on Twitter with the #osspodcast hashtag

Josh and Kurt talk about Apple’s new T2 security chip. It’s not open source but we expect it to change the security landscape in the coming years. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_122_What_will_Apples_T2_chip_mean_for_the_rest_of_us.mp3 Show Notes T2 Overview Evil maid poker attack Comment on Twitter with the #osspodcast hashtag

Josh and Kurt talk about voting security. What does it mean, how does it work. What works, what doesn’t work, and most importantly why we may not see secure electronic voting anytime soon. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_121_All_about_the_security_of_voting.mp3 Show Notes Canadian electoral system Oregon mail voting Commonwealth of Nations Voter fraud in the US Comment on Twitter with the #osspodcast hashtag

Josh and Kurt talk about Bloomberg’s story about backdoors and motherboards. The story is probably false, but this is almost certainly happening already with hardware. What does it mean if your hardware is already backdoored by one or more countries? https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_120_Bloomberg_and_hardware_backdoors_its_already_happening.mp3 Show Notes Bloomberg Story Jordan Robertson Michael Riley PCB Factory Hard Disk Firmware Hacking Farmers hacking their tractors Comment on Twitter with the #osspodcast hashtag

Josh and Kurt talk about the Google+ and Facebook data incidents. We don’t have any control over this data anymore. The incidents didn’t really affect the users because we have no idea who has access to it. We also touch on GDPR and what it could mean in this context. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_119_the_google_and_facebook_incidents_its_not_your_data_anymore.mp3 Show Notes Facebook hack Google+ hack Comment on Twitter with the #osspodcast hashtag

Josh and Kurt talk about Cloudflare’s new IPFS and Onion services. One brings distributed blockchain files to the masses, the other lets you host your site on tor easily. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_118_cloudflares_ipfs_and_onion_service.mp3 Show Notes IPFS Onion service Comment on Twitter with the #osspodcast hashtag