Josh and Kurt discuss the security of the movie Rogue One! Spoiler: Security in the Star Wars universe is worse than security in our universe. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/303899056-opensourcesecuritypodcast-episode-29-the-security-of-rogue-one.mp3 Show Notes CinemaSins Soviet Tupolev Tu-4 Mechanical Computer Join our Facebook Group Comment on Twitter with the #osspodcast hashtag
Josh and Kurt discuss their involvement in the upcoming 2017 RSA conference: Open Source, CVEs, and Open Source CVE. Of course IoT and encryption manage to come up as topics. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/303432626-opensourcesecuritypodcast-episode-28-rsa-conference-2017.mp3 Show Notes Kurt’s talk - Saving CVE wtih open source Josh’s P2P session - Managing Your Open Source Join our Facebook Group Comment on Twitter with the #osspodcast hashtag
Josh and Kurt discuss NTP, authentication issues, network security, airplane security, AI, and Minecraft. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/302981179-opensourcesecuritypodcast-episode-27-prove-to-me-you-are-human.mp3 Show Notes NTP “Attack” U2F Tokens Paying ransoms with iTunes giftcards Cloudflare Porcupine Google Security Design Overview Drone collides with a plane Israeli Security Harvest.ai Minecraft Mod installer Skyblock Join our Facebook Group Comment on Twitter with the #osspodcast hashtag
Josh and Kurt end up discussing video game speed running, which is really just hacking. We also end up discussing the pitfalls of the modern world where you don’t own your software or services. Stallman was right! https://traffic.libsyn.com/secure/opensourcesecuritypodcast/302260581-opensourcesecuritypodcast-episode-26-tell-your-sister-stallman-was-right.mp3 Show Notes Games Done Quick Super Mario Brother Speedrun Super Mario Brother Minus World Explanation speedrun.com Legend of Zelda Ghost Buffer Overflow Double Free Chris Evans NES audio exploit pwsafe Bad Ham Review Richard Stallman ...
Josh and Kurt end up discussing CES, IoT, WiFi everywhere, and the future. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/301707567-opensourcesecuritypodcast-episode-25-the-future-is-now.mp3 Show Notes CES WiFi Everywhere WiFi Hairbrush Ketchup QR Code Expired Domain Shodan uses NTP to gain IPv6 addresses FTC prize for securing IoT Antivirus MITM problems Rootshell Consumer Reports MacBook Pro Comment on Twitter with the #osspodcast hashtag
Josh and Kurt discuss 2016 predictions in 2017, what they got right, what they got wrong, and a bunch of other random things. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/300679437-opensourcesecuritypodcast-episode-24-the-2016-prediction-edition.mp3 Show Notes CSO Online - Top 15 security predictions for 2016 Gartner 2016 predictions Trend Micro 2016 predictions Dark Reading 2016 predictions Comment on Twitter with the #osspodcast hashtag
Josh and Kurt talk about scareware, malware, and how hard this stuff is to stop, and how the answer isn’t fixing people. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/299913768-opensourcesecuritypodcast-episode-23-we-cant-patch-people.mp3 Show Notes Bitsquatting Typosquatting L.A. Phishing Uber Email IDS Infomercial subreddit (Where did the soda go?) Super Mario Run Malware Booba Methbot Sumitomo copper affair Comment on Twitter with the #osspodcast hashtag
Josh and Kurt talk about planned obsolescence and IoT devices. Should manufacturers brick devices? We also have a crazy discussion about the ethics of hacking back. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/299448186-opensourcesecuritypodcast-episode-22-iot-wild-west.mp3 Show Notes First Uses of Coffee Did coffee cause the enlightenment? Nest bricks Revolv devices Phoebus Cartel Verizon will brick the Note 7 Trolley Problem Toaster toasts the weather 80% of medical device companies have less than 50 employees Passive wifi chips Crystal radio Great Seal Bug Moscow Embassy Comment on Twitter with the #osspodcast hashtag ...
Josh and Kurt talk about CVE 10K. CVE IDs have finally crossed the line, we need 5 digits to display them. This has never happened before now. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/298898472-opensourcesecuritypodcast-episode-21-cve-10k-extravaganza.mp3 Show Notes OpenSSH CVE10K assignments CVE-2016-10005 CVE syntax change CVE Numbering Authorities OpenSSH Security Advisory C to HDL Reboot Boeing Dreamliner One person writes most Linux video camera drivers Donald Becker China Airlines Flight 120 Comment on Twitter with the #osspodcast hashtag
Josh and Kurt talk about the death of PGP, and how it’s not actually dead at all. It’s still really hard to use though. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/298557680-opensourcesecuritypodcast-episode-20-the-death-of-pgp.mp3 Show Notes I’m giving up on PGP Yubikey 4 Josh’s PGP setup blog post Kurt’s key with multiple signatures PGP short ID collisons Let’s Encrypt ICQ website from the late 90’s Signal Secure Messaging $2 million fraud at NorQuest College Scammers pose as company exec EV certificate requirements Comment on Twitter with the #osspodcast hashtag ...