Hacker-News

Josh and Kurt talk about a blog post titled “Your API Shouldn’t Redirect HTTP to HTTPS”. It’s an interesting idea, and probably a good one. There is however a lot of baggage in this space as you’ll hear in the discussion. There’s no a simple solution, but this is certainly something to discuss. https://traffic.libsyn.com/opensourcesecuritypodcast/Episode_431_Redirecting_HTTP_to_HTTPS.mp3 Show Notes Your API Shouldn’t Redirect HTTP to HTTPS Hacker News discussion HSTS Section 5.1

Josh and Kurt talk about a new tool that can do Stylometry analysis of Hacker News authors. The availability of such tools makes anonymity much harder on the Internet, but it’s also not unexpected. The amount of power and tooling available now is incredible. We also discuss some of the future challenges we will see from all this technology. https://traffic.libsyn.com/opensourcesecuritypodcast/Episode_352_Stylometry_removes_anonymity.mp3 Show Notes Hacker News Stylometry Analyzer FBI Profiler on the Unabomber Impersonate Eli Lilly for $8 Shakespeare Stylometry