Security

Josh and Kurt talk about the opportunistic nature of crime. Defenders have to defend, which means the adversaries are by definition always a step ahead. We use the context of automobile crimes to frame the discussion. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_175_Defenders_will_always_be_one_step_behind.mp3 Show Notes Stealing cars with radio relays RTL Software Defined Radio Canada most stolen car Comment on Twitter with the #osspodcast hashtag

Josh and Kurt talk to Rob Schultheis from GitHub about some of the amazing projects GitHub is working on. We discuss GitHub security advisories, getting a CVE from GitHub, and what the new GitHub Security Lab is doing. It’s a great conversation about how GitHub is working to make security better for all of us. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_174_GitHub_turns_security_up_to_11_A_discussion_with_Rob_Schultheis.mp3 Show Notes GitHub Security Advisories GitHub CVE requests GitHub Security Lab GitHub Security Lab Slack GitHub Security Lab Twitter Show Tags #CodeQL #GitHub Comment on Twitter with the #osspodcast hashtag ...

Josh Santa and Kurt talk the border nightmare Santa Clause has to deal with as he traverses the globe. Questions we explore include: Are the reindeer farm animals? Is the North Pole a farm? Is Santa an intellectual property thief? Does Krampus eat politicians? Does Santa have a passport? Does Santa have an emergency radio? https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_173_Ho_Ho_Homeland_Security.mp3 Show Notes Pirate Joes Comment on Twitter with the #osspodcast hashtag

Josh and Kurt talk about the security implications of planned obsolescence. We use Intel’s recent decision to remove old drivers from their website as the start of the conversation. By the end we realize this is more of a decision society needs to understand and make more than anything. Is constantly throwing out technology OK? https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_172_The_security_of_planned_obsolescence.mp3 Show Notes Intel removes old drivers Upgrading all versions of Windows Sniffing your Smart TV Comment on Twitter with the #osspodcast hashtag ...

Josh and Kurt talk to Kathryn Waldron of the R Street Institute about a paper she recently published that collects a number of cybersecurity measuring devices in one place. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_171_Measuring_cybersecurity_with_Kathryn_Waldron.mp3 Show Notes Kathryn Waldron Kathryn’s Twitter account Resources for Measuring Cybersecurity There are 14 standards Show Tags #Regulation Comment on Twitter with the #osspodcast hashtag

Josh and Kurt talk about banking and privacy. It’s very likely nothing will get better anytime soon, humans will continue to be terrible at understanding certain risks. We also discuss what quantum supremacy means (or doesn’t mean) for security. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_170_Until_that_quantum_computer_is_cracking_RSA_keys_go_sit_back_down.mp3 Show Notes National Bank Privacy Issues Quantum Supremecy Claims Hype Cycle Scottish person talking to Siri SMBC Quantum Comic Comment on Twitter with the #osspodcast hashtag

Josh and Kurt talk about government security incidents. The security concerns at the government level often have real life and death consequences. What happens when the leadership knowingly disregards security policy? https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_169_What_happens_when_leadership_doesnt_care_about_security.mp3 Show Notes Breaking into a SCIF Whitehouse cybersecurity team Bugged typewriter Comment on Twitter with the #osspodcast hashtag

Josh and Kurt talk about the social norms of security. We also discuss security coprocessors and the reasons behind adding them to hardware. Is DRM a draconian security measure or do we need it to secure the future? We also touch on the story of NordVPN getting hacked. The real story isn’t they got hacked, the story is they responded like clowns. The actual problem was one of leadership, there are certain leadership skills you can’t be taught, you can only learn. ...

Josh and Kurt talk about the horrid state of digital literacy in the US. We start out talking about broken Phillips Hue light bulbs, then discuss research from Pew on the digital literacy of Americans. We may have accidentally discovered a use for all the cookie warnings every web site has. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_167_Security_is_terrible_because_digital_literacy_is_terrible.mp3 Show Notes Pew Research on American’s Digitcal Literacy Comment on Twitter with the #osspodcast hashtag

Josh and Kurt about cybersecurity awareness month. What’s our actionable advice we can give out? There isn’t much which is a fundamental part of the problem. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_166_Every_day_should_be_cybersecurity_awareness_month.mp3 Show Notes Cybersecurity awareness month Polar bear sized pigs Comment on Twitter with the #osspodcast hashtag