Josh and Kurt talk about a listener provided question. Could SELinux have stopped the SolarWinds attack? Given what we know, the answer is technically yes, but practically no. SELinux is awesome, but it’s very difficult to sandbox something like a build system. Show Notes Gone in 60 milliseconds
Category Archives: Security
Episode 277 – Privacy and activism with Chris Weiland
Josh and Kurt talk to Chris Weiland from Restore the Fourth Minnesota. Restore The Fourth Minnesota is nonprofit dedicated to restoring the Fourth Amendment to the U.S. Constitution and ending unconstitutional mass government surveillance. Chris drops a ton of knowledge about how to be an effective tech activist, what his group is doing, and mostContinue reading “Episode 277 – Privacy and activism with Chris Weiland”
Episode 276 – Security, behavior, and the environment
Josh and Kurt talk about how our environment affects our behavior, and in turn our level of security. We often ignore what’s happening around us when everything is related. Show Notes Judges more lenient after a break Dungeons and Data Poverty changes your DNA
Episode 275 – What in the @#$% is going on with ransomware?
Josh and Kurt talk about why it seems like the world of ransomware has gotten out of control in the last few weeks. Every day there’s some new and more bizarre ransomware story than we had yesterday. Show Notes Spurious Correlations Ransom recovered Adam Shostack Ransomware is not the problem Latvian Woman charged for writingContinue reading “Episode 275 – What in the @#$% is going on with ransomware?”
Episode 274 – Mr. Amazon’s Neighborhood
Josh and Kurt talk about Amazon sidewalk. There is a lot of attention, but how is this any different than the surveillance networks Apple and Google have built? Show Notes Amazon Sidewalk Ads and toothpaste Airtags and stalking
Episode 273 – Can we stop the coming artificial unintelligence deluge?
Josh and Kurt talk about AI driven comments. We live in a world of massive confusion and disruption where what is true and false, real and fake, are often widely debated. As AI grows and evolves what does it mean for this future? We don’t really have any answers, but we ask a lot ofContinue reading “Episode 273 – Can we stop the coming artificial unintelligence deluge?”
Episode 272 – The Biden Cybersecurity Executive Order
Josh and Kurt talk about the Biden Administration new cybersecurity executive order. There are some good ideas in there, but at the end of the day it’s an unfunded mandate. Unfunded mandates are difficult to implement. Show Notes Biden Executive Order Fact Sheet Obama’s cyber EO
Episode 271 – Pipeline security: There is no problem humans can’t make worse
Josh and Kurt talk about how people handle problems. We open with the story of the Colonial Pipeline hack, but then go into some of the ways people tend to make problems worse. Show Notes Male vs Female trees Pipeline hack XKCD Pipelines TSA Pipeline Security
Episode 270 – Hello dark patterns my old friend
Josh and Kurt talk about dark patterns. A dark pattern is when a service tries to confuse a user into doing something they don’t want to, like unknowingly purchasing a monthly subscription to something you don’t need or want. The US Federal Trade Commission is starting to discuss dark patterns in webs sites and apps.Continue reading “Episode 270 – Hello dark patterns my old friend”
Episode 269 – Do not experiment on the Linux Kernel
Josh and Kurt talk about the University of Minnesota experimenting on the Linux Kernel. There’s a lot to unpack in this one, but the TL;DR is you probably don’t want to experiment on the kernel. Show Notes Linux Bans University of Minnesota for Sending Buggy Patches in the Name of Research University of Minnesota securityContinue reading “Episode 269 – Do not experiment on the Linux Kernel”
Open Source Security 