I have seen the future, and it is bug bounties

Every now and then I see something on a blog or Twitter about how you can’t replace a pen test with a bug bounty. For a long time I agreed with this, but I’ve recently changed my mind. I know this isn’t a super popular opinion (yet), and I don’t think either side of thisContinue reading “I have seen the future, and it is bug bounties”

Episode 43 – We are totally immature

Josh and Kurt discuss Shadow Brokers, pronouncing GIF, Atlanta’s road problems, browser phishing, warning sirens, IoT, and fake Magic the Gathering cards. Show Notes Shadow Brokers How to pronounce GIF Atlanta gas leak breaks road New browser location phishing attack Hacked warning sirens IoT bricking malware Fake MTG cards Join our Facebook Group Comment on Twitter withContinue reading “Episode 43 – We are totally immature”

The obvious answer is never the secure answer

One of the few themes that comes up time and time again when we talk about security is how bad people tend to be at understanding what’s actually going on. This isn’t really anyone’s fault, we’re expecting people to go against what is essentially millions of years of evolution that created our behaviors. Most securityContinue reading “The obvious answer is never the secure answer”

Episode 40 – Let’s fork bitcoin, again

Josh and Kurt discuss Verizon spyware, FCC privacy, Smart TVs, Tor’s rewrite, Google’s new operating system, bitcoin, and NanoCore. Show Notes Verizon Spyware Story FCC Broadband Privacy Inserting tracking headers Smart TVs run Flash Tor rewrite in safer language Fuchsia Bitcoin fork NanoCore Join our Facebook Group Comment on Twitter with the #osspodcast hashtag

Remember kids, if you’re going to disclose, disclose responsibly!

If you pay any attention to the security universe, you’re aware that Tavis Ormandy is basically on fire right now with his security research. He found the Cloudflare data leak issue a few weeks back, and is currently going to town on LastPass. The LastPass crew seems to be dealing with this pretty well, I’m not seeingContinue reading “Remember kids, if you’re going to disclose, disclose responsibly!”