Skyfall ScotlandJosh and Kurt talk about Skyfall, fake reports, risk, logging, and how a civilized society functions. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_79_-_skyfall_please_dont_yell_fire.mp3 Show Notes Skyfall attack (via archive.org) httpoxy Tide pod challenge Fabuloso Broken Window Parable 15 year old head of CIA Cloudflare core dumps Join our Facebook Group Comment on Twitter with the #osspodcast hashtag

Josh and Kurt talk about the accidental missile warning in Hawaii. We also discuss general preparedness and risk. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_78_-_Risk_lessons_from_Hawaii.mp3 Show Notes Hawaii missile incident XKCD Join our Facebook Group Comment on Twitter with the #osspodcast hashtag

Josh and Kurt talk about the recent npm happenings. What it means for the supply chain, and we end with some thoughts on how maybe none of this matters. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_77_-_npm_and_the_supply_chain.mp3 Show Notes npm and kik Harvesting credit card numbers story Tidelift TN3270 Join our Facebook Group Comment on Twitter with the #osspodcast hashtag

Josh and Kurt talk about the aftermath of Meltdown. The details of the flaw are probably less interesting than what happens now. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_76_-_Meltdown_aftermath.mp3 Show Notes AMD certificate flaw Dumping the PS4 kernel in 6 days Raspberry Pi not vulnerable to Meltdown CERT says get a new CPU Windows A/V registry key Join our Facebook Group Comment on Twitter with the #osspodcast hashtag

Earlier today I ran across this post on Reddit Security but not Privacy (Am I doing this right?) The poster basically said “I care about security but not privacy”. It got me thinking about security and privacy. There’s not really a difference between the two. They are two faces of the same coin but why isn’t always obvious in today’s information universe. If a site like Facebook or Google knows everything about you it doesn’t mean you don’t care about privacy, it means you’re putting your trust in those sites. The same sort of trust that makes passwords private. ...

Josh and Kurt talk about the Security Planner website. It’s pretty good all things considered. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_76_-_Meltdown_aftermath.mp3 Show Notes Security Planner https://twofactorauth.org/ Minecraft streamer house fire Tor livestream Join our Facebook Group Comment on Twitter with the #osspodcast hashtag

Josh and Kurt talk about facial recognition, physical security, banking, and Amazon Alexa. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_74_-_Facial_recognition_and_physical_security.mp3 Show Notes Facial recognition Anti shark mask law Nevada driver’s license Windows 1.0 to Windows 10 upgrade Join our Facebook Group Comment on Twitter with the #osspodcast hashtag

Josh and Kurt talk about basic security metrics and security from Santa. Is Santa GDPR compliant? https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_73_-_Security_from_Santa.mp3 Show Notes Schneier airplane access point Security of Santa Santa Claus Bank Robbers Streaming PPV Santa distributing marijuana Santa KFC robbery Stolen Baby Jesus Gävle goat Holiday float driver Crimes Santa commits Join our Facebook Group Comment on Twitter with the #osspodcast hashtag

Josh and Kurt talk about Bitcoin, blockchain, and other cryptocurrencies. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_72_-_Bitcoin_its_over_9000.mp3 Show Notes Car power outlet Over 9000 Bitcoin power use Bitcoin transaction chart Bitcoin mining fire Bitcoin is 15 times more expensive to keep secure ICO takes $347K and leaves Bre-X Join our Facebook Group Comment on Twitter with the #osspodcast hashtag

Josh and Kurt talk about GitHub’s security scanner and Linus’ security email. We clarify the esoteric difference between security bugs and non security bugs. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_71_-_GitHubs_security_scanner.mp3 Show Notes GitHub’s security scanner Linus’ security email Join our Facebook Group Comment on Twitter with the #osspodcast hashtag