Josh and Kurt talk to Michael Goetzman about Cyphercon Show Notes Cyphercon Cyphercon 2.0 Cyphercon 1.0 920 Sec Korgo Virus SafeHouse Spy Restaurant Discovery World Midwest Gaming Classic Summerfest: Cold War Battleground Nike Zeus Missile Poutine Ghost Fleet George Stroumboulopoulos Comment on Twitter
Category Archives: Security
Airports, Goats, Computers, and Users
Last week I had the joy traveling through airports right after the United States Thanksgiving holiday. Now I don’t know how many of you have ever tried to travel the week after Thanksgiving but it’s kind of crazy, there are a lot of people, way more than usual, and a significant number of them haveContinue reading “Airports, Goats, Computers, and Users”
Episode 16 – Cat and mouse
Josh and Kurt talk about cybercrime and regulation. Show Notes Avalanche Global Fraud Ring Spam King Rosendale Speed Trap Attacking Broadband Routers Spreadsheet of VPN providers DNSSEC Root Signing Ceremony Chicago Tylenol Murders Psychoactive Substances Act 2016 Computer Fraud and Abuse Act Calvinball CIH Virus Author Firefox 0day Comment on Twitter
Episode 15 – Cyber Black Monday
Josh and Kurt talk about Cyber Monday security tips. Show Notes Edmonton Bus Accidents BeyondCorp: A New Approach to Enterprise Security Black Hat Cell Towers Google ranks https results first Domain Tasting GnuCash Tesla Credentials Tavis Ormandy strcpy pwsafe Is mashing the keyboard cryptographically secure? Comment on Twitter
The Economics of stealing a Tesla with a phone
A few days ago there was a story about how to steal a Tesla by installing malware on the owner’s phone. If you look at the big picture view of this problem it’s not all that bad, but our security brains want to make a huge deal out of this. Now I’m not saying that Tesla shouldn’tContinue reading “The Economics of stealing a Tesla with a phone”
Episode 14 – David A Wheeler: CII Badges
Josh and Kurt have a guest! David A. Wheeler talks about open source security and the CII Badges project. Show Notes CII Badge Program Badges Project Database Badges GitHub Project Page Comment on Twitter
Fast security is the best security
DevOps security is a bit like developing without a safety net. This is meant to be a reference to a trapeze act at the circus for those of you who have never had the joy of witnessing the heart stopping excitement of the circus trapeze. The idea is that when you watch a trapeze actContinue reading “Fast security is the best security”
Episode 13 – CVE: The metric system of security
Josh and Kurt talk about CVE, DWF, and the future of flaw reporting. Show Notes CVE CVE Candidates (CAN) DWF NVD Open Source Security Mailing List Larry Cashdollar’s Defcon talk Metric Inch Comment on Twitter
Who cares if someone hacks my driveway camera?
I keep hearing something from people about IoT that reminds me of the old saying, if you’ve done nothing wrong, you have nothing to fear. This attitude is incredibly dangerous in the context of IoT devices (it’s dangerous in all circumstances honestly). The way I keep hearing this in the context of IoT is somethingContinue reading “Who cares if someone hacks my driveway camera?”
Episode 12 – Security Trebuchet
Josh and special guest host Dave Sirrine talk about feedback, OpenSSL, OAuth2, Let’s Encrypt, disclosure, and locks. Show Notes coh’s feedback OpenSSL security advisory Red Hat CLI security API Shovel Knight Pumpkin OAuth2 bug Let’s Encrypt Half of all Chrome connections use https Google’s Windows Bug RichSec (Richmond VA Information Security Users Group) RVASec (Yearly conference inContinue reading “Episode 12 – Security Trebuchet”