Josh and Kurt talk about email security and the perils of trying to run your own mail infrastructure. We then get into discussing the value and danger of trying to run your own infrastructure, email, blogs, or most anything. There’s a lot to juggle about all this these days, it’s complicated. Show Notes
Tag Archives: cybersecurity
Episode 349 – The cyber is coming from inside the house – the UK is scanning itself
Josh and Kurt talk about the UK plan to scan their country’s IP space. The purpose and outcome of this isn’t completely clear at this point, but we are hopeful the data can be used as a positive force. We are only going to see more programs like this as all the governments are toldContinue reading “Episode 349 – The cyber is coming from inside the house – the UK is scanning itself”
Episode 338 – The government didn’t make vulnerabilities illegal. Yet.
Josh and Kurt talk about the recent National Defense Authorization Act that requires security vulnerabilities to be fixed. What does this mean for us, is it as bad as some people are claiming it is? It’s actually not a huge deal, for most of us it’s really just time to deal with product security. ShowContinue reading “Episode 338 – The government didn’t make vulnerabilities illegal. Yet.”
Episode 336 – We don’t have data, we have security biases
Josh and Kurt talk about our lack of security and some of the data bias problems that can emerge. A lot of what we think is security data is really just biased data. This is OK as long as we understand the data is broken and know this is the first step in a longerContinue reading “Episode 336 – We don’t have data, we have security biases”
Episode 335 – Bull*&$% security ideas
Josh and Kurt talk about a tweet from @kmcquade3 asking the question “What’s a concept in security that is generally accepted as true but is actually bull%$#*?” How many of the replies make sense? Most of them do. We go over some of the best replies as fast as we can. Show Notes The tweetContinue reading “Episode 335 – Bull*&$% security ideas”
Episode 331 – GPG, but nothing makes sense
Josh and Kurt talk about their very silly GPG key management from the past. This is sadly a very true story that details how both Kurt and Josh protected their GPG keys. Josh’s setup is like something out of a very bad spy novel. It was very over the top for a key that reallyContinue reading “Episode 331 – GPG, but nothing makes sense”
Episode 328 – The Security of Jobs or Job Security
Josh and Kurt talk about the security of employees leaving jobs. Be it a voluntary departure or in the context of the current layoffs we see, what are the security implications of having to remove access for one or more people departing their job? Show Notes Tesla Layoffs Coinbase layoffs
Episode 327 – The security of alert fatigue
Josh and Kurt talk about a funny GitHub reply that notified 400,000 people. It’s fun to laugh at this, but it’s an easy open to discussing alert fatigue and why it’s important to be very mindful of our communications. Show Notes GitHub 400K notifications Hacker News thread Reddit user TV Bluetooth
Episode 326 – Big fat containers
Josh and Kurt talk about containers. There are a lot of opinions around what type of containers is best. Back when it all started there were only huge distro sized containers. Now we have a world with many different container types and sizes. Is one better? Show Notes Programming in the Apocalypse Bob Diachenko Paranoids Podcast
Episode 322 – Adam Shostack on the security of Star Wars
Josh and Kurt talk to Adam Shostack about his new book “Threats: What Every Engineer Should Learn From Star Wars”. We discuss some of the lessons and threats in the Star Wars universe, it’s an old code I hear. We also discuss if Star Wars is a better than Star Trek for teaching security (it probably is). It’sContinue reading “Episode 322 – Adam Shostack on the security of Star Wars”
Open Source Security 