Josh and Kurt talk about Twitter doing the right thing when they logged a lot of passwords, the npm malicious getcookies package, and how backdoors work in code. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_95_twitter_passwords_and_npm_backdoors.mp3 Show Notes Twitter password logging npm getcookies xkcd gluing things together Join our Facebook Group Comment on Twitter with the #osspodcast hashtag
Josh and Kurt talk about the Amazon Route 53 incident and what it really means for the modern infrastructure. Complaining nobody is using DNSSEC or securing BGP aren’t the right conversations to be having. Reality must be considered in any honest conversation about these topics. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_94_dns_bgp_and_reality.mp3 Show Notes Route 53 attack Cloudflare’s 1.1.1.1 Join our Facebook Group Comment on Twitter with the #osspodcast hashtag
Josh and Kurt talk about security flaws in beep and patch. How on earth were there security flaws in beep and patch? https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_93-Security_flaws_in_beep_and_patch_how_did_we_get_here.mp3 Show Notes beep security flaw patch security flaw Join our Facebook Group Comment on Twitter with the #osspodcast hashtag
Josh and Kurt talk to Rami Saas, the CEO of WhiteSource about 3rd party open source security as well as open source licensing. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode-92_chat_with_rami_saas.mp3 Show Notes WhiteSource Rami Saas Open Source Licenses Mercedes C-Class 205 Open Source Licenses Join our Facebook Group Comment on Twitter with the #osspodcast hashtag
Josh and Kurt talk to a 7 year old about security. We cover Minecraft security, passwords, hacking, and many many other nuggets of wisdom. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode-91_security_lessons_from_a_7_year_old.mp3 Show Notes Minecraft John Doe Roblox Roblox Join our Facebook Group Comment on Twitter with the #osspodcast hashtag Keywords: passwords, minecraft
Josh and Kurt talk about all the current misinformation, how humans react to it, and what it means for security. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode-90_humans_and_misinformation.mp3 Show Notes Virus infections during lent Wikipedia circular reporting Guccifer Bad Twitter VPN advice Join our Facebook Group Comment on Twitter with the #osspodcast hashtag
Josh and Kurt talk about the recent AMD flaws and the events surrounding the disclosure. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode-89_short_selling_amd_security_flaws.mp3 Show Notes AMD flaws Activist investing Microsoft side channel bounty Join our Facebook Group Comment on Twitter with the #osspodcast hashtag
Josh and Kurt talk about container security with IBM’s Chris Rosen. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_88_chat_with_chris_rosen_from_ibm_about_container_security.mp3 Show Notes Chris Rosen Kubernetes Istio Grafeas Join our Facebook Group Comment on Twitter with the #osspodcast hashtag
Josh and Kurt talk about Let’s Encrypt with co-founder Josh Aas. We discuss the past, present, and future of the project. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_87_Chat_with_lets_encrypt_co-founder_josh_aas.mp3 Show Notes Let’s Encrypt Josh Aas Join our Facebook Group Comment on Twitter with the #osspodcast hashtag
Josh and Kurt talk about the Trustico certificate incident and Let’s Encrypt. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_86_What_happens_when_23_thousand_certificates_leak.mp3 Show Notes Certificate revocation Trustico website incident Let’s Encrypt ACME v2 XKCD PGP verification FreeIPA Join our Facebook Group Comment on Twitter with the #osspodcast hashtag