Posts

23

Episode 248 - Door 23: How to report 1000 security flaws

Josh and Kurt talk about how to file 1000 security flaws. One is easy, scale is hard. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_248_Door_23_How_to_report_1000_security_flaws.mp3

December 23, 2020
22

Episode 247 - Door 22: How to report one security flaw

Josh and Kurt talk about how to report one security flaw https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_247_Door_22_How_to_report_one_security_flaw.mp3

December 22, 2020
21

Episode 246 - Door 21: Bug bounties

Josh and Kurt talk about bug bounties https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_246_Door_21_Bug_bounties.mp3

December 21, 2020
20

Episode 245 - Door 20: Is SMS 2FA better than no 2FA?

Josh and Kurt talk about if SMS 2 factor auth is better than no 2FA https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_245_Door_20_Is_SMS_2FA_better_than_no_2FA.mp3 Links Cyber deepfaked their host

December 20, 2020
19

Episode 244 - Door 19: TLS certificate trust

Josh and Kurt talk about modern TLS certificate trust https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_244_Door_19_TLS_certificate_trust.mp3

December 19, 2020
18

Episode 243 - Door 18: Don't roll your own crypto or auth

Josh and Kurt talk about why it’s a horrible idea to roll your own crypto or auth https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_243_Door_18_Dont_roll_your_own_crypto_or_auth.mp3

December 18, 2020
17

Episode 242 - Door 17: Vulnerability response

Josh and Kurt talk about vulnerability response. What is it, what does it mean, how does it work https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_242_Door_17_Vulnerability_response.mp3

December 17, 2020
16

Episode 241 - Door 16: 16 bits of change

Josh and Kurt talk about the switch from 16 to 32 to 64 bit and even the changes from Intel to ARM https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_241_Door_16_16_bits_of_change.mp3

December 16, 2020
15

Episode 240 - Door 15: Supplier compliance

Josh and Kurt talk about supplier compliance https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_240_Door_15_Supplier_compliance.mp3 Links Annex A.15.1 of ISO 27001:2013 Episode 162 – SBOM with Allan Friedman

December 15, 2020
sloth-2759724_1920

Committee or Community: Slowing down the future

I wrote a blog post about looking back, and I have a bit of snark in there where I talk about slowing down the future. I wanted to explain this a bit more and give everyone some food for thought around how we used to do things and how we should do them moving forward. There are groups and people that exist to slow things down. Sometimes that’s on purpose for good reasons, sometimes it’s on purpose for bad reasons, sometimes it’s not on purpose at all. ...

December 14, 2020