Xkcd

Josh and Kurt talk about how people handle problems. We open with the story of the Colonial Pipeline hack, but then go into some of the ways people tend to make problems worse. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_271_Pipeline_security_There_is_no_problem_humans_cant_make_worse.mp3 Show Notes Male vs Female trees Pipeline hack XKCD Pipelines TSA Pipeline Security

Josh and Kurt talk about attacking open source. How serious is the threat of developers being targeted or a git repo being watched for secret security fixes? The reality of it all is there are many layers in a security journey, the most important things you can do are also the least exciting. https://traffic.libsyn.com/secure/opensourcesecuritypodcast/Episode_215_Real_security_is_boring.mp3 Show Notes Targeting developers XKCD Infrastructure comic Hiding security flaws in git Mossad vs Not-Mossad (PDF warning)