Josh and Kurt discuss how the Vault 7 leaks shows we live in the Neuromancer world, and this is likely the new normal. Show Notes Hacker News Writeup about Vault 7 SATAN RTL-SDR White House Reconstruction Baseband Hacking CGA Graphics Chromium Security Brag Sheet French Zoo Poacher Join our Facebook Group Comment on Twitter with the #osspodcastContinue reading “Episode 37 – Your bathtub is more dangerous than a shark”
Category Archives: Security
Episode 36 – A Good Enough Podcast
Josh and Kurt discuss an IoT bear, Alexa and Siri, Google’s E2Email and S/MIME. Show Notes IoT Bear Alexa murder evidence Google E2Email Google S/MIME Join our Facebook Group Comment on Twitter with the #osspodcast hashtag
What the Oscars can teach us about security
If you watched the 89th Academy Awards you saw a pretty big mistake at the end of the show, the short story is Warren Beatty was handed the wrong envelope, he opened it, looked at it, then gave it to Faye Dunaway to read, which she did. The wrong people came on stage and startedContinue reading “What the Oscars can teach us about security”
Episode 35 – Crazy Cosmic Accident
Josh and Kurt discuss SHA-1 and cloudbleed. Bug bounties come up, we compare security to the Higgs boson, and IPv6 comes up at the end. Show Notes SHA-1 attack Google Security Blog about SHA-1 Zcash hash algorithm analysis Webkit SVN Collision Google bug about cloudbleed Cloudflare Blog Known cloudbleed sites SHA-1 CVE-2005-4900 Whitewood Entropy Join our FacebookContinue reading “Episode 35 – Crazy Cosmic Accident”
SHA-1 is dead, long live SHA-1!
Unless you’ve been living under a rock, you heard that some researchers managed to create a SHA-1 collision. The short story as to why this matters is the whole purpose of a hashing algorithm is to make it impossible to generate collisions on purpose. Unfortunately though impossible things are usually also impossible so in realityContinue reading “SHA-1 is dead, long live SHA-1!”
Episode 34 – Bathing in Ebola Virus
Josh and Kurt discuss RSA, the cryptographer’s panel and of course, AI. Show Notes FTP Firewall Problem RSA Cryptographer’s Panel ‘Overcome’ encryption Casino bombing Bill C-23 Security and AI DARPA AI challenge Amazon sells eggs Ford sleepy drivers Judge Caprio Logojoy Join our Facebook Group Comment on Twitter with the #osspodcast hashtag
Episode 33 – Everybody who went to the circus is in the circus (RSA 2017)
Josh and Kurt are at the same place at the same time! We discuss our RSA sessions and how things went. Talk of CVE IDs, open source libraries, WordPress, and early morning sessions. Show Notes Bradley Kuh Typosquatting package managers (mirror) zlib embedded library problem WordPress CVE ID Josh’s 7am BoF session Bruce Schneier RSA talk JoinContinue reading “Episode 33 – Everybody who went to the circus is in the circus (RSA 2017)”
Reality Based Security
If I demand you jump off the roof and fly, and you say no, can I call you a defeatist? What would you think? To a reasonable person it would be insane to associate this attitude with being a defeatist. There are certain expectations that fall within the confines of reality. Expecting things to happenContinue reading “Reality Based Security”
Episode 32 – Gambling as a Service
Josh and Kurt discuss random numbers, a lot. Also slot machines, gambling, and dice. Show Notes Dilbert Random Numbers Slot Machine Cheats dieharder Cracking the Scratch Lottery Intel Atom 2000 Lavarand diceomatic Google security neuroscience Militant moderates Show tags: #random #prng Join our Facebook Group Comment on Twitter with the #osspodcast hashtag
Episode 31 – XML is never the solution
Josh and Kurt discuss door locks, Ikea, chair testing sounds, electrical safety, autonomous cars, and XML vs JSON. Show Notes Mersenne Prime Door Lock Ransomware Ikea Chair Testing Machine Costume Safety Tesseract Roost WiFi battery Join our Facebook Group Comment on Twitter with the #osspodcast hashtag
Open Source Security 