Facebook

Josh and Kurt talk about a new Google proposal that would add DRM for the web. All the ad driven companies seem to be acting very strangely, there’s probably a reason for this. The way ads used to pay for content is changing, but a lot of these giant companies don’t know how to adapt. It’s going to be very interesting times in the near future. https://traffic.libsyn.com/opensourcesecuritypodcast/Episode_386_We_are_watching_web_2_0_burn.mp3 Show Notes Web Environment Integrity Hacker News Thread Island Browser hunter2

Josh and Kurt talk about leap seconds. Every time there’s a leap second, things break. Facebook wants to get rid of them because they break computers, but Google found a clever way to keep leap seconds without breaking anything. Corner cases are hard, security is often just one huge corner case. There are lessons we can learn here. https://traffic.libsyn.com/opensourcesecuritypodcast/Episode_334_Leap_seconds_break_everything.mp3 Show Notes How and why the leap second affected Cloudflare DNS Facebook wants to get rid of leap seconds Leap Smear Falsehoods programmers believe about time

Josh and Kurt talk about some recent security actions Apple has taken. Not all are good, but in general Apple is doing things to benefit their customers (their customers are not advertisers). We also discuss some of the challenges when your customers are advertisers. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_204_What_Would_Apple_Do.mp3 Show Notes Apple one year certificates Apple declines to implement 16 new APIs Apple is tracking unsigned executables