Episode 27 – Prove to me you are human

Josh and Kurt discuss NTP, authentication issues, network security, airplane security, AI, and Minecraft. Show Notes NTP “Attack” U2F Tokens Paying ransoms with iTunes giftcards Cloudflare Porcupine Google Security Design Overview Drone collides with a plane Israeli Security Harvest.ai Minecraft Mod installer Skyblock Join our Facebook Group Comment on Twitter with the #osspodcast hashtag

Episode 26 – Tell your sister, Stallman was right

Josh and Kurt end up discussing video game speed running, which is really just hacking. We also end up discussing the pitfalls of the modern world where you don’t own your software or services. Stallman was right! Show Notes Games Done Quick Super Mario Brother Speedrun Super Mario Brother Minus World Explanation speedrun.com Legend of Zelda GhostContinue reading “Episode 26 – Tell your sister, Stallman was right”

Security Advice: Bad, Terrible, or Awful

As an industry, we suck at giving advice. I don’t mean this in some negative hateful way, it’s just the way it is. It’s human nature really. As a species most of us aren’t very good at giving or receiving advice. There’s always that vision of the wise old person dropping wisdom on the youthContinue reading “Security Advice: Bad, Terrible, or Awful”

Looks like you have a bad case of embedded libraries

A long time ago pretty much every application and library carried around its own copy of zlib. zlib is a library that does really fast and really good compression and decompression. If you’re storing data or transmitting data, it’s very likely this library is in use. It’s easy to use and is public domain. It’sContinue reading “Looks like you have a bad case of embedded libraries”

Episode 24 – The 2016 prediction edition! (yeah, that’s right, 2016)

Josh and Kurt discuss 2016 predictions in 2017, what they got right, what they got wrong, and a bunch of other random things. Show Notes CSO Online – Top 15 security predictions for 2016 Gartner 2016 predictions Trend Micro 2016 predictions Dark Reading 2016 predictions Comment on Twitter with the #osspodcast hashtag

Episode 23 – We can’t patch people

Josh and Kurt talk about scareware, malware, and how hard this stuff is to stop, and how the answer isn’t fixing people. Show Notes Bitsquatting Typosquatting L.A. Phishing Uber Email IDS Infomercial subreddit (Where did the soda go?) Super Mario Run Malware Booba Methbot Sumitomo copper affair Comment on Twitter with the #osspodcast hashtag

The art of cutting edge, Doom 2 vs the modern Security Industry

During the holiday, I started playing Doom 2. I bet I’ve not touched this game in more than ten years. I can’t even remember the last time I played it. My home directory was full of garbage and it was time to clean it up when I came across doom2.wad. I’ve been carrying this fileContinue reading “The art of cutting edge, Doom 2 vs the modern Security Industry”

Episode 22 – IoT Wild West

Josh and Kurt talk about planned obsolescence and IoT devices. Should manufacturers brick devices? We also have a crazy discussion about the ethics of hacking back. Show Notes First Uses of Coffee Did coffee cause the enlightenment? Nest bricks Revolv devices Phoebus Cartel Verizon will brick the Note 7 Trolley Problem Toaster toasts the weather 80% ofContinue reading “Episode 22 – IoT Wild West”