Open Source Security Podcast-logo

Open Source Security Podcast

Technology Podcasts >

A security podcast geared towards those looking to better understand security topics of the day. Hosted by Kurt Seifried and Josh Bressers covering a wide range of topics including IoT, application security, operational security, cloud, devops, and security news of the day. There is a special open source twist to the discussion often giving a unique perspective on any given topic.

A security podcast geared towards those looking to better understand security topics of the day. Hosted by Kurt Seifried and Josh Bressers covering a wide range of topics including IoT, application security, operational security, cloud, devops, and security news of the day. There is a special open source twist to the discussion often giving a unique perspective on any given topic.
More Information

Location:

United States

Description:

A security podcast geared towards those looking to better understand security topics of the day. Hosted by Kurt Seifried and Josh Bressers covering a wide range of topics including IoT, application security, operational security, cloud, devops, and security news of the day. There is a special open source twist to the discussion often giving a unique perspective on any given topic.

Language:

English

Contact:

3174323178


Episodes

Episode 146 - What the @#$% happened to Microsoft?

5/19/2019
More
Josh and Kurt talk about Microsoft. They're probably not the bad guys anymore, which is pretty wild. They're adding a Linux kernel to Window. Can we declare open source the unquestionable winner now?

Duration:00:45:34

Episode 145 - What do security and fire have in common?

5/12/2019
More
Josh and Kurt talk about fire. We discuss the history of fire prevention and how it mirrors many of things we see in security. There are lessons there for us, we just hope it doesn't take 2000 years like it did for proper fire prevention to catch on.

Duration:00:49:18

Episode 144 - The security of money, which one is best?

5/5/2019
More
Josh and Kurt talk about the security of money. Not how to keep it secure, but the security issues around using cash, credit, and bitcoin. We also talk about Banksy's clever method for proving something is original.

Duration:00:39:27

Episode 143 - Security lessons from the phone book

4/28/2019
More
Josh and Kurt talk about the phone book (yeah, the big paper book people used to use). Kurt got one in the mail. While it's certainly a relic from another time, there were security tips in it among other wild things.

Duration:00:48:50

Episode 142 - Hypothetical security: what if you find a USB flash drive?

4/21/2019
More
Josh and Kurt talk about what one could do if you find a USB drive. The context is based on the story where the Secret Service was rumored to have plugged a malicious USB drive into a computer. The purpose of discussion is to explore how to handle a situation like this in the real world. We end the episode with a fantastic comparison of swim safety and security.

Duration:00:41:47

Episode 141 - Timezones are hard, security is harder

4/14/2019
More
Josh and Kurt talk about the difficulty of security. We look at the difficulty of the EU not observing daylight savings time, which is probably magnitudes easier than getting security right. We also hit on a discussion on Reddit about U2F that shows the difficulty. Security today is too hard, even for the experts.

Duration:00:49:35

Episode 140 - Good enough security is a pretty high bar

4/7/2019
More
Josh and Kurt talk about identity. It's a nice example we can generally understand in the context of how much security is enough security? When we deal with identity the idea of good enough is often acceptable for the vast majority of uses. Perfect identity tracking isn't really a thing nor is it practical.

Duration:00:46:43

Episode 139 - Secure voting, firefox send, and toxic comments on the internet

3/31/2019
More
Josh and Kurt talk about Brexit, voting, Firefox send, and toxic comments. Is there anything we can do to slow the current trend of conversation on the Internet always seeming to spiral out of control? The answer is maybe with a lot of asterisks.

Duration:00:42:07

Episode 138 - Information wants to be free

3/24/2019
More
Josh and Kurt talk about a prank gone wrong, the reality of when your data ends up public. Once it's public you can't ever put it back. We also discuss Notepad++ no longer signing releases and what signing releases means for the world in general.

Duration:00:44:26

Episode 137.5 - Holy cow Beto was in the cDc, this is awesome!

3/17/2019
More
Josh and Kurt talk about Beto being in the Cult of the Dead Cow (cDc). This is a pretty big deal in a very good way. We hit on some history, why it's a great thing, what we can probably expect from opponents. There's even some advice at the end how we can all help. We need more politicians with backgrounds like this.

Duration:00:34:12

Episode 137 - When the IoT attacks!

3/10/2019
More
Josh and Kurt talk about when devices attack! It's not quite that exciting, but there have been a slew of news about physical devices causing problems for humans. We end on the note that we're getting closer to a point when lawyers and regulators will start to pay attention. We're not there yet, so we still have a horrible insecure future on the horizon.

Duration:00:41:01

Episode 136 - How people feel is more important than being right

3/3/2019
More
Josh and Kurt talk about github blocking the Deepfakes repository. There's a far bigger discussion about how people feel, and sometimes security fails to understand that making people feel happy or safer is more important than being right.

Duration:00:43:12

Episode 135 - Passwords, AI, and cloud strategy

2/24/2019
More
Josh and Kurt talk about change your password day (what a terrible day). Google's password checkup (not a terrible idea), an AI finding new spice flavors we expect will one day take over the world, and we finish up on a new DoD cloud strategy. Also Josh burnt his finger, but is going to be OK.

Duration:00:42:00

Episode 134 - What's up with the container runc security flaw?

2/17/2019
More
Josh and Kurt talk about the new runc container security flaw. How does the flaw work, what can you do about it, what should you do about it, and what the future of container security may look like.

Duration:00:39:49

Episode 133 - Smart locks and the government hacking devices

2/10/2019
More
Josh and Kurt talk about the fiasco hacks4pancakes described on Twitter and what the future of smart locks will look like. We then discuss what it means if the Japanese government starts hacking consumer IoT gear, is it ethical? Will it make anything better?

Duration:00:42:50

Episode 132 - Bird Scooter: 0, Cory Doctorow: 1

2/3/2019
More
Josh and Kurt talk about the Bird Scooter vs Corey Doctorow incident. We then get into some of the social norms around new technology and what lessons the security industry can take from something new like shared scooters.

Duration:00:41:24

Episode 131 - Windows micropatches, Google's privacy fine, and Mastercard fixes trial abuse

1/27/2019
More
Josh and Kurt talk about non-Microsoft Windows micropatches. The days of pretending closed source matters are long gone. Google gets hit with a privacy fine, that probably won't matter. And Mastercard makes it easier for consumers to not accidentally sign up for services they don't want.

Duration:00:45:47

Episode 130 - Chat with Snyk co-founder Danny Grander

1/20/2019
More
Josh and Kurt talk to Danny Grander one of the co-founders of Snyk about Zip Slip, what it is, how to fix it, and how they disclosed everything. We also touch on plenty of other open source security topics as Danny is involved in many aspects of open source security.

Duration:00:46:33

Episode 129 - The EU bug bounty program

1/13/2019
More
Josh and Kurt talk about the EU bug bounty program. There have been a fair number of people complaining it's solving the wrong problem, but it's the only way the EU has to spend money on open source today. If that doesn't change this program will fail.

Duration:00:47:14

Episode 128 - Australia's encryption backdoor bill

1/6/2019
More
Josh and Kurt talk about Australia's recently passed encryption bill. What is the law that was passed, what does it mean, and what are the possible outcomes? The show notes contain a flow chart of possible outcomes.

Duration:00:44:26