Listen to a podcast, please open Podcast Republic app. Available on Google Play Store and Apple App Store.
Dec 13, 2018
A fairly decent dive into security related topics. The discussions are often lively and the topics relevant.
Episode | Date |
---|---|
Open Source Malware with Brian Fox
|
Mar 10, 2025 |
Open Source Foundations with Kelley Misata of Suricata
|
Mar 03, 2025 |
Forking Open Source Projects with Sheogorath
|
Feb 24, 2025 |
Patching EOL Open Source with Aaron Frost
|
Feb 17, 2025 |
Why do we keep ignoring CI security with François Proulx
|
Feb 10, 2025 |
Modern day authentication with Marc Boorshtein
|
Feb 03, 2025 |
Government Security Requirements with Dick Brooks
|
Jan 27, 2025 |
Open Source Maintenance with Gary Kramlich
|
Jan 20, 2025 |
Safety vs Security with Thomas Depierre
|
Jan 13, 2025 |
The Future of Open Source Security
|
Jan 01, 2025 |
Episode 461 - The new NIST password guidance
|
Dec 30, 2024 |
Episode 460 - Santa's Supply Chain Security
|
Dec 23, 2024 |
Episode 459 - CWE Top 25 List
|
Dec 16, 2024 |
Episode 458 - FBI endorses E2E encryption
|
Dec 09, 2024 |
Episode 457 - The D-Link D-bacle
|
Dec 02, 2024 |
Episode 456 - What if XZ happened to a company? The openness of open source
|
Nov 25, 2024 |
Episode 455 - Wordpress plugin security
|
Nov 18, 2024 |
Episode 454 - The state of open source with Brian Fox from Sonatype and Donald Fischer from Tidelift
|
Nov 11, 2024 |
Episode 453 - Software Liability
|
Nov 04, 2024 |
Episode 452 - All about Meshtastic
|
Oct 28, 2024 |
Episode 451 - Python security with Seth Larson
|
Oct 21, 2024 |
Episode 450 - What's Wrong With WordPress
|
Oct 14, 2024 |
Episode 449 - The CUPSpocalypse
|
Oct 07, 2024 |
Episode 448 - What's wrong with CISA?
|
Sep 30, 2024 |
Episode 447 - The Tidelift 2024 open source maintainer report
|
Sep 23, 2024 |
Episode 446 - Researchers took over .MOBI TLD
|
Sep 16, 2024 |
Episode 445 - EPSS with Jay Jacobs
|
Sep 09, 2024 |
Episode 444 - Open Source and End of Life
|
Sep 02, 2024 |
Episode 443 - The Supply Chain Security Crisis
|
Aug 26, 2024 |
Episode 442 - The foundation of society, TLS certificates are a mess
|
Aug 19, 2024 |
Episode 441 - Is CWE useful?
|
Aug 12, 2024 |
Episode 440 - "What is open source" talk Josh gave
|
Aug 05, 2024 |
Episode 439 - Where are all the youth in open source?
|
Jul 29, 2024 |
Episode 438 - CISA's bad OSS advice vs the Whitehouse good advice
|
Jul 22, 2024 |
Episode 437 - CocoPods and proper funding for open source
|
Jul 15, 2024 |
Episode 436 - OpenSSH and node-ip - it's all exponential growth
|
Jul 08, 2024 |
Episode 435 - polyfill.io - open source is too big to fix
|
Jul 01, 2024 |
Episode 434 - Unreported vulnerabilities and everyone is getting hacked
|
Jun 24, 2024 |
Episode 433 - Should OpenSSH block misbehaving clients?
|
Jun 17, 2024 |
Episode 432 - Flipper Zero with Alex Kulagin
|
Jun 10, 2024 |
Episode 431 - Redirecting HTTP to HTTPS
|
Jun 03, 2024 |
Episode 430 - Frozen kernel security
|
May 27, 2024 |
Episode 429 - The autonomy of open source developers
|
May 20, 2024 |
Episode 428 - GitHub artifact attestation
|
May 13, 2024 |
Episode 427 - Will run0 replace sudo?
|
May 06, 2024 |
Episode 426 - Automatically exploiting CVEs with AI
|
Apr 29, 2024 |
Episode 425 - Video game cheaters, also pretendo
|
Apr 22, 2024 |
Episode 424 - The Notepad++ Parasite Website
|
Apr 15, 2024 |
Episode 423 - FCC cybersecurity label for consumer devices
|
Apr 08, 2024 |
XZ Bonus Spectacular Episode
|
Apr 01, 2024 |
Episode 422 - Do you have a security.txt file?
|
Apr 01, 2024 |
Episode 421 - CISA's new SSDF attestation form
|
Mar 25, 2024 |
Episode 420 - What's going on at NVD
|
Mar 18, 2024 |
Episode 419 - Malicious GitHub repositories
|
Mar 11, 2024 |
Episode 418 - Being right all the time is hard
|
Mar 04, 2024 |
Episode 417 - Linux Kernel security with Greg K-H
|
Feb 26, 2024 |
Episode 416 - Thomas Depierre on open source in Europe
|
Feb 19, 2024 |
Episode 415 - Reducing attack surface for less security
|
Feb 12, 2024 |
Episode 414 - The exploited ecosystem of open source
|
Feb 05, 2024 |
Episode 413 - PyTorch and NPM get attacked, but it's OK
|
Jan 29, 2024 |
Episode 412 - Blame the users for bad passwords!
|
Jan 22, 2024 |
Episode 411 - The security tools that started it all
|
Jan 15, 2024 |
Episode 410 - Package identifiers are really hard
|
Jan 08, 2024 |
Episode 409 - You wouldn't hack a train?
|
Jan 01, 2024 |
Episode 408 - Does Kubernetes need long term support?
|
Dec 25, 2023 |
Episode 407 - Should Santa use AI?
|
Dec 18, 2023 |
Episode 406 - The security of radio
|
Dec 11, 2023 |
Episode 405 - Modding games isn't cheating and security isn't fair
|
Dec 04, 2023 |
Episode 403 - Does the government banning apps work?
|
Nov 27, 2023 |
Episode 402 - The EU's eIDAS regulation is a terrible idea
|
Nov 20, 2023 |
Episode 401 - Security skills shortage - We've tried nothing and the same thing keeps happening
|
Nov 13, 2023 |
Episode 400 - When can the government hack a victim?
|
Nov 06, 2023 |
Episode 399 - Curl, Security, and Daniel Stenberg
|
Oct 30, 2023 |
Episode 398 - Is only 11% of open source maintained?
|
Oct 23, 2023 |
Episode 397 - The curl and glibc vulnerabilities
|
Oct 16, 2023 |
Episode 396 - CLAs are bad, Mkay?
|
Oct 09, 2023 |
Episode 395 - Uncertainty, trust, and security
|
Oct 02, 2023 |
Episode 394 - The lie anyone can contribute to open source
|
Sep 25, 2023 |
Episode 393 - Can you secure something you don't own?
|
Sep 18, 2023 |
Episode 392 - Curl and the calamity of CVE
|
Sep 11, 2023 |
Episode 391 - The Wordpress 100 year disaster recovery problem
|
Sep 04, 2023 |
Episode 390 - Rust shipping binaries doesn't matter
|
Aug 28, 2023 |
Episode 389 - What would HashiCorp do?
|
Aug 21, 2023 |
Episode 388 - Video game vulnerabilities
|
Aug 14, 2023 |
Episode 387 - Enterprise open source is different
|
Aug 07, 2023 |
Episode 386 - We are watching web 2.0 burn
|
Jul 31, 2023 |
Episode 385 - Is open source an insider threat?
|
Jul 24, 2023 |
Episode 384 - What's next for open source?
|
Jul 17, 2023 |
Episode 383 - Is open source dying?
|
Jul 10, 2023 |
Episode 382 - Red Hat, you were the chosen one!
|
Jul 03, 2023 |
Episode 381 - WTF Reddit, APIs and risk
|
Jun 26, 2023 |
Episode 380 - A new Sovereign Tech Fund program and the BBC on destroying hard drives
|
Jun 19, 2023 |
Episode 379 - Will open source save the world, again?
|
Jun 12, 2023 |
Episode 378 - Naming things is harder than security
|
Jun 05, 2023 |
Episode 377 - The world is changing too fast for humans to understand
|
May 29, 2023 |
Episode 376 - Open Source Summit, who built your open source, and AI
|
May 22, 2023 |
Episode 375 - The market forces of left-pad, Episode 77 remaster part 2
|
May 15, 2023 |
Episode 374 - The event we called left-pad, Episode 77 remaster part 1
|
May 08, 2023 |
Episode 373 – HHGG security, Episode 42 remaster part 2
|
May 01, 2023 |
Episode 372 - HHGG security, Episode 42 remaster part 1
|
Apr 24, 2023 |
Episode 371 - pip install is the tool we deserve but not the tool we need
|
Apr 17, 2023 |
Episode 370 - Open Source is bigger than you can imagine
|
Apr 10, 2023 |
Episode 369 - OpenAI broke ChatGPT then tried to blame open source
|
Apr 03, 2023 |
Episode 368 - The Sovereign Tech Fund with Fiona Krakenbürger
|
Mar 27, 2023 |
Episode 367 - Open source will never be the same
|
Mar 20, 2023 |
Episode 366 - Software liability is coming
|
Mar 13, 2023 |
Episode 365 - "I am not your supplier" with Thomas Depierre
|
Mar 06, 2023 |
Episode 364 - Using SBOMs is hard
|
Feb 27, 2023 |
Episode 363 - Joylynn Kirui from Microsoft on DevSecOps
|
Feb 20, 2023 |
Episode 362 - A lesson in Rust from Carol Nichols
|
Feb 13, 2023 |
Episode 361 - GitHub got pwnt, but it wasn't very exciting
|
Feb 06, 2023 |
Episode 360 - Memory safety and the NSA
|
Jan 30, 2023 |
Episode 359 - The NOTAM outage and other legacy technology
|
Jan 23, 2023 |
Episode 358 - Furby vs Alexa
|
Jan 16, 2023 |
Episode 357 - Is open source being overexploited?
|
Jan 09, 2023 |
Episode 356 - LastPass ducked up, now what?
|
Jan 02, 2023 |
Episode 355 - Security Boxing Day
|
Dec 26, 2022 |
Episode 354 - Jerry Bell tells us why Mastodon is awesome and MFA is hard
|
Dec 19, 2022 |
Episode 353 - Jill Moné-Corallo on GitHub's bug bounty program
|
Dec 12, 2022 |
Episode 352 - Stylometry removes anonymity
|
Dec 05, 2022 |
Episode 351 - Is security or usability a law of the universe?
|
Nov 28, 2022 |
Episode 350 - Spam, Email, Content Moderation, and Infrastructure Oh My
|
Nov 21, 2022 |
Episode 349 - The cyber is coming from inside the house - the UK is scanning itself
|
Nov 14, 2022 |
Episode 348 - OpenSSL is the new lead paint
|
Nov 07, 2022 |
Episode 347 - Airtags in luggage and weasel security - two peas in a suitcase
|
Oct 31, 2022 |
Episode 346 - Security and working from home have terrible things in common
|
Oct 24, 2022 |
Episode 345 - Cheap hacking devices turn security upside down
|
Oct 17, 2022 |
Episode 344 - Python tarfile - 2022 is nothing like 2007
|
Oct 10, 2022 |
Episode 343 - Stop trying to fix the open source software supply chain
|
Oct 03, 2022 |
Episode 342 - Programming languages are the new operating system
|
Sep 26, 2022 |
Episode 341 - Time till open source alternative
|
Sep 19, 2022 |
Episode 340 - Let's chat about Let's Encrypt with Josh Aas
|
Sep 12, 2022 |
Episode 339 - Is a network problem a security vulnerability
|
Sep 05, 2022 |
Episode 338 - The government didn't make vulnerabilities illegal. Yet.
|
Aug 29, 2022 |
Episode 337 - Security patches are getting worse - Dustin Childs from ZDI tells us why
|
Aug 22, 2022 |
Episode 336 - We don't have data, we have security biases
|
Aug 15, 2022 |
Episode 335 - Bull*&$% security ideas
|
Aug 08, 2022 |
Episode 334 - Leap seconds break everything
|
Aug 01, 2022 |
Episode 333 - Open Source is unfair
|
Jul 25, 2022 |
Episode 332 - PyPI: 2FA or not 2FA, that is the question
|
Jul 18, 2022 |
Episode 331 - GPG, but nothing makes sense
|
Jul 11, 2022 |
Episode 330 - The sliding scale of risk: seeing the forest for the trees
|
Jul 04, 2022 |
Episode 329 - Signing (What is it good for)
|
Jun 27, 2022 |
Episode 328 - The Security of Jobs or Job Security
|
Jun 20, 2022 |
Episode 327 - The security of alert fatigue
|
Jun 13, 2022 |
Episode 326 - Big fat containers
|
Jun 06, 2022 |
Episode 325 - Is one open source maintainer enough?
|
May 30, 2022 |
Episode 324 - WTF is up with WFH
|
May 23, 2022 |
Episode 323 - The fake 7-Zip vulnerability and SBOM
|
May 16, 2022 |
Episode 322 - Adam Shostack on the security of Star Wars
|
May 09, 2022 |
Episode 321 - Relativistic Security: Project Zero on 0day
|
May 02, 2022 |
Episode 320 - Security Twitter is not the real world
|
Apr 25, 2022 |
Episode 319 - Patch Tuesday with a capital T
|
Apr 18, 2022 |
Episode 318 - Social engineering and why zlib got a 2018 CVE ID
|
Apr 11, 2022 |
Episode 317 - The lack of compromise in security
|
Apr 04, 2022 |
Episode 316 - You have to use open source
|
Mar 28, 2022 |
Episode 315 - Who even makes all these terrible decisions?
|
Mar 21, 2022 |
Episode 314 - The Linux Dirty Pipe vulnerability
|
Mar 14, 2022 |
Episode 313 - Insecurity at scale
|
Mar 07, 2022 |
Episode 312 - The Legend of the SBOM
|
Feb 28, 2022 |
Episode 311 - Did you scan the QR code?
|
Feb 21, 2022 |
Episode 310 - Hayley Tsukayama from the EFF talks about privacy
|
Feb 14, 2022 |
Episode 309 - The bright future of open source security
|
Feb 07, 2022 |
Episode 308 - Welcome to the jungle - How to talk about open source security
|
Jan 31, 2022 |
Episode 307 - Got vulnerabilities? Introducing GSD
|
Jan 24, 2022 |
Episode 306 - Open source isn't broken, it's an experience
|
Jan 17, 2022 |
Episode 305 - Norton, Ethereum, NFT, and Apes
|
Jan 10, 2022 |
Episode 304 - Will we ever fix all the vulnerabilities?
|
Jan 03, 2022 |
Episode 303 - Log4j Christmas Spectacular!
|
Dec 27, 2021 |
Episode 302 - Log4j is a mess
|
Dec 20, 2021 |
Episode 301 - You're holding it wrong: the importance of unlearning
|
Dec 13, 2021 |
Episode 300 - Apple vs NSO: What can copyright do for you?
|
Dec 06, 2021 |
Episode 299 - Experts From A World That No Longer Exists
|
Nov 29, 2021 |
Episode 298 - David A Wheeler discusses the OpenSSF
|
Nov 22, 2021 |
Episode 297 - 25 years of smashing stacks, fun, and profit
|
Nov 15, 2021 |
Episode 296 - Is Trojan Source a vulnerability?
|
Nov 08, 2021 |
Episode 295 - Open source security isn't free
|
Nov 01, 2021 |
Episode 294 - Chris Wysopal on the state of security education
|
Oct 25, 2021 |
Episode 293 - Scoring OpenSSF Security Scoring
|
Oct 18, 2021 |
Episode 292 - Apache RCE and Twitch epic pwn
|
Oct 11, 2021 |
Episode 291 - Everyone sucks at vulnerability disclosure
|
Oct 04, 2021 |
Episode 290 - The security of the Matrix
|
Sep 27, 2021 |
Episode 289 - Who left this 0day on the floor?
|
Sep 20, 2021 |
Episode 288 - Linux Kernel compiler warnings considered dangerous
|
Sep 13, 2021 |
Episode 287 - Is GitHub's Copilot the new Clippy?
|
Sep 06, 2021 |
Episode 286 - Open source supply chain with Google's Dan Lorenc
|
Aug 30, 2021 |
Episode 285 - Open source owes you nothing!
|
Aug 23, 2021 |
Episode 284 - What happens when we DRM power tools?
|
Aug 16, 2021 |
Episode 283 - When vulnerability disclosure becomes dangerous
|
Aug 09, 2021 |
Episode 282 - The security of Rust: who left all this awesome in here?
|
Aug 02, 2021 |
Episode 281 - If you spy on journalists, you're the bad guys
|
Jul 26, 2021 |
Episode 280 - The perils of Single Sign On
|
Jul 19, 2021 |
Episode 279 - The audacity of Audacity: When open source goes rogue
|
Jul 12, 2021 |
Episode 278 - Could SELinux have stopped SolarWinds?
|
Jul 05, 2021 |
Episode 277 - Privacy and activism with Chris Weiland
|
Jun 28, 2021 |
Episode 276 - Security, behavior, and the environment
|
Jun 21, 2021 |
Episode 275 - What in the @#$% is going on with ransomware?
|
Jun 14, 2021 |
Episode 274 - Mr. Amazon's Neighborhood
|
Jun 07, 2021 |
Episode 273 - Can we stop the coming artificial unintelligence deluge?
|
May 31, 2021 |
Episode 272 - The Biden Cybersecurity Executive Order
|
May 24, 2021 |
Episode 271 - Pipeline security: There is no problem humans can't make worse
|
May 17, 2021 |
Episode 270 - Hello dark patterns my old friend
|
May 10, 2021 |
Episode 269 - Do not experiment on the Linux Kernel
|
May 03, 2021 |
Episode 268 - Can we trust any 3rd parties?
|
Apr 26, 2021 |
Episode 267 - Does 0day still mean 0day?
|
Apr 19, 2021 |
Episode 266 - The future of security scanning with Debricked
|
Apr 12, 2021 |
Episode 265 - The lies closed source can tell, open source can't
|
Apr 05, 2021 |
Episode 264 - DevSecOps with GitLab's Mark Loveless
|
Mar 29, 2021 |
Episode 263 - GitHub pulls exploits, LinuxFoundation sign all the things
|
Mar 22, 2021 |
Episode 262 - A discussion with Loris and Pop from Sysdig
|
Mar 15, 2021 |
Episode 261 - DWF is back! Welcome to community powered CVE
|
Mar 08, 2021 |
Episode 260 - Dave Jevans tells us what CipherTrace is up to
|
Mar 01, 2021 |
Episode 259 - What even is open source anymore?
|
Feb 22, 2021 |
Episode 258 - Stop using C
|
Feb 15, 2021 |
Episode 257 - The sudo and libgcrypt vulnerabilities
|
Feb 08, 2021 |
Episode 256 - 9 bits of podcast, 8 bits of computing
|
Feb 01, 2021 |
Episode 255 - What if security wasn't joyless?
|
Jan 25, 2021 |
Episode 254 - Right to Repair Security
|
Jan 18, 2021 |
Episode 253 - Defenders only need to be right once
|
Jan 11, 2021 |
Episode 252 - Is open source dangerous? Open source won, who cares, shut up!
|
Jan 04, 2021 |
Episode 251 - Communication is hard, security communication is more hard
|
Dec 28, 2020 |
Episode 250 - Door 25: Why do we do the things we do? Question everything
|
Dec 25, 2020 |
Episode 249 - Door 24: Information wants to be free
|
Dec 24, 2020 |
Episode 248 - Door 23: How to report 1000 security flaws
|
Dec 23, 2020 |
Episode 247 - Door 22: How to report one security flaw
|
Dec 22, 2020 |
Episode 246 - Door 21: Bug bounties
|
Dec 21, 2020 |
Episode 245 - Door 20: Is SMS 2FA better than no 2FA?
|
Dec 20, 2020 |
Episode 244 - Door 19: TLS certificate trust
|
Dec 19, 2020 |
Episode 243 - Door 18: Don't roll your own crypto or auth
|
Dec 18, 2020 |
Episode 242 - Door 17: Vulnerability response
|
Dec 17, 2020 |
Episode 241 - Door 16: 16 bits of change
|
Dec 16, 2020 |
Episode 240 - Door 15: Supplier compliance
|
Dec 15, 2020 |
Episode 239 - Door 14: Backdoors
|
Dec 14, 2020 |
Episode 238 - Door 13: Unlucky or survivor bias?
|
Dec 13, 2020 |
Episode 237 - Door 12: Video game hacking
|
Dec 12, 2020 |
Episode 236 - Door 11: Should you get on a 737?
|
Dec 11, 2020 |
Episode 235 - Door 10: Deciding what information matters
|
Dec 10, 2020 |
Episode 234 - Door 09: public key cryptography
|
Dec 09, 2020 |
Episode 233 - Door 08: man 8 security
|
Dec 08, 2020 |
Episode 232 - Door 07: 7 is the best prime, 2 is the dumbest
|
Dec 07, 2020 |
Episode 231 - Door 06: 6 wifi risks ... that don't actually matter
|
Dec 06, 2020 |
Episode 230 - Door 05: 5 reasons you need 24/7 robot monitoring
|
Dec 05, 2020 |
Episode 229 - Door 04: EFF's Cover Your Tracks
|
Dec 04, 2020 |
Episode 228 - Door 03: Do all vulnerabilities matter equally?
|
Dec 03, 2020 |
Episode 227 - Door 02: Marketing department or selection bias?
|
Dec 02, 2020 |
Episode 226 - Door 01: Advent calendars
|
Dec 01, 2020 |
Episode 225 - Who is responsible if IoT burns down your house?
|
Nov 23, 2020 |
Episode 224 - Are old Android devices dangerous?
|
Nov 16, 2020 |
Episode 223 - Full disclosure won, deal with it
|
Nov 09, 2020 |
Episode 222 - HashiCorp Boundary with Jeff Mitchell
|
Nov 02, 2020 |
Episode 221 - Security, magic, and FaceID
|
Oct 26, 2020 |
Episode 220 - Securing network time and IoT
|
Oct 19, 2020 |
Episode 219 - Chat with Larry Cashdollar
|
Oct 12, 2020 |
Episode 218 - The past was a terrible place
|
Oct 05, 2020 |
Episode 217 - How to tell your story with Travis Murdock
|
Sep 28, 2020 |
Episode 216 - Security didn't find life on Venus
|
Sep 21, 2020 |
Episode 215 - Real security is boring
|
Sep 14, 2020 |
Episode 213 - Security Signals: What are you telling the world
|
Sep 07, 2020 |
Episode 212 - Grab Bag: The Security We Deserve Edition
|
Aug 31, 2020 |
Episode 211 - The only thing harder than signing files is managing users
|
Aug 24, 2020 |
Episode 210 - Cult of Information Security
|
Aug 17, 2020 |
Episode 209 - Secure Boot isn't Secure
|
Aug 10, 2020 |
Episode 208 - Passwords are pollution
|
Aug 03, 2020 |
Episode 207 - Weaponized attention
|
Jul 27, 2020 |
Episode 206 - Confidential Virtual Machines; The future of cloud computing
|
Jul 20, 2020 |
Episode 205 - The State of Open Source Security with Alyssa Miller from Snyk
|
Jul 13, 2020 |
Episode 204 - What Would Apple Do?
|
Jul 06, 2020 |
Episode 203 - Humans, conferences, and security: let me think and get back to you in a bit
|
Jun 29, 2020 |
Episode 202 - The convergence of application security
|
Jun 22, 2020 |
Episode 201 - We broke CVSSv3, now how do we fix it?
|
Jun 15, 2020 |
Episode 200 - Talking Container Security with Liz Rice
|
Jun 08, 2020 |
Episode 199 - Special cases are special: DNS, Websockets, and CSV
|
Jun 01, 2020 |
Episode 198 - Good advice or bad advice? Hang up, look up, and call back
|
May 25, 2020 |
Episode 197 - Beer, security, and consistency; the newer, better, triad
|
May 17, 2020 |
Episode 196 - Pounding square solutions into round holes: forced updates from Ubuntu
|
May 11, 2020 |
Episode 195 - Is BGP actually insecure?
|
May 04, 2020 |
Episode 194 - Working from home security: resistance is futile
|
Apr 27, 2020 |
Episode 193 - Security lessons from space: Apollo 13 edition
|
Apr 20, 2020 |
Episode 192 - Work without progress - what Infosec can learn from treadmills
|
Apr 13, 2020 |
Episode 191 - Security scanners are all terrible
|
Apr 06, 2020 |
Episode 190 - Building a talent "ecosystem"
|
Apr 05, 2020 |
Episode 189 - Video game hackers - speedrunning
|
Mar 30, 2020 |
Episode 188 - Depressing news sucks, we're talking about cheating in video games
|
Mar 23, 2020 |
Episode 187 - Wireguard vs IPsec: the OK Boomer of security
|
Mar 15, 2020 |
Episode 186 - Endpoint security with Tony Meehan
|
Mar 08, 2020 |
Episode 185 - Is it even possible to fix open source security?
|
Mar 02, 2020 |
Episode 184 - It’s DNS. It's always DNS
|
Feb 24, 2020 |
Episode 183 - The great working from home experiment
|
Feb 17, 2020 |
Episode 182 - Does open source owe us anything?
|
Feb 10, 2020 |
Episode 181 - The security of SIM swapping
|
Feb 03, 2020 |
Episode 180 - A Tale of Two Vulnerabilities
|
Jan 27, 2020 |
Episode 179 - Google Project Zero and the 90 day clock
|
Jan 20, 2020 |
Episode 178 - Are CVEs important and will ransomware put you out of business?
|
Jan 13, 2020 |
Episode 177 - Fake or real? The security of counterfeit goods
|
Jan 06, 2020 |
Episode 176 - The 'predictions are stupid' prediction episode
|
Dec 30, 2019 |
Episode 175 - Defenders will always be one step behind
|
Dec 23, 2019 |
Episode 174 - GitHub turns security up to 11; A discussion with Rob Schultheis
|
Dec 16, 2019 |
Episode 173 - Ho Ho Homeland Security
|
Dec 09, 2019 |
Episode 172 - The security of planned obsolescence
|
Dec 02, 2019 |
Episode 171 - Measuring cybersecurity with Kathryn Waldron
|
Nov 25, 2019 |
Episode 170 - Until that quantum computer is cracking RSA keys, go sit back down!
|
Nov 17, 2019 |
Episode 169 - What happens when leadership doesn't care about security?
|
Nov 11, 2019 |
Episode 168 - The draconian draconians of DRM
|
Nov 03, 2019 |
Episode 167 - Security is terrible because digital literacy is terrible
|
Oct 28, 2019 |
Episode 166 - Every day should be cybersecurity awareness month!
|
Oct 21, 2019 |
Episode 165 - Grab Bag of Microsoft Security News
|
Oct 13, 2019 |
Episode 164 - DNS over HTTPS: Probably not the end of the world
|
Oct 07, 2019 |
Episode 163 - Death to Python 2
|
Sep 30, 2019 |
Episode 162 - SBOM with Allan Friedman
|
Sep 23, 2019 |
Episode 161 - Human nature and ad powered open source
|
Sep 16, 2019 |
Episode 160 - Disclosing security issues is insanely complicated: Part 2
|
Sep 09, 2019 |
Episode 159 - Disclosing security issues is insanely complicated: Part 1
|
Sep 02, 2019 |
Episode 158 - The mess that we call credit agencies in the US
|
Aug 26, 2019 |
Episode 157 - Backdoors and snake oil in our cryptography
|
Aug 19, 2019 |
Episode 156 - What if we MitM a whole country?
|
Jul 29, 2019 |
Episode 155 - Stealing cars and ransomware
|
Jul 22, 2019 |
Episode 154 - Chat with the authors of the book "The Fifth Domain"
|
Jul 16, 2019 |
Episode 153 - The unexpected security of AI, photographs, and VPN
|
Jul 08, 2019 |
Episode 152 - Tavis breaks the world ... again
|
Jul 01, 2019 |
Episode 151 - The DARPA Cyber Grand Challenge with David Brumley
|
Jun 24, 2019 |
Episode 150 - Our ad funded dystopian present
|
Jun 17, 2019 |
Episode 149 - Chat with Michael Coates about data security
|
Jun 10, 2019 |
Episode 148 - You just got pwnt, what now?
|
Jun 03, 2019 |
Episode 147 - Scams and operations as part of the supply chain
|
May 27, 2019 |
Episode 146 - What the @#$% happened to Microsoft?
|
May 20, 2019 |
Episode 145 - What do security and fire have in common?
|
May 13, 2019 |
Episode 144 - The security of money, which one is best?
|
May 06, 2019 |
Episode 143 - Security lessons from the phone book
|
Apr 29, 2019 |
Episode 142 - Hypothetical security: what if you find a USB flash drive?
|
Apr 21, 2019 |
Episode 141 - Timezones are hard, security is harder
|
Apr 15, 2019 |
Episode 140 - Good enough security is a pretty high bar
|
Apr 08, 2019 |
Episode 139 - Secure voting, firefox send, and toxic comments on the internet
|
Apr 01, 2019 |
Episode 138 - Information wants to be free
|
Mar 25, 2019 |
Episode 137.5 - Holy cow Beto was in the cDc, this is awesome!
|
Mar 18, 2019 |
Episode 137 - When the IoT attacks!
|
Mar 11, 2019 |
Episode 136 - How people feel is more important than being right
|
Mar 04, 2019 |
Episode 135 - Passwords, AI, and cloud strategy
|
Feb 25, 2019 |
Episode 134 - What's up with the container runc security flaw?
|
Feb 18, 2019 |
Episode 133 - Smart locks and the government hacking devices
|
Feb 11, 2019 |
Episode 132 - Bird Scooter: 0, Cory Doctorow: 1
|
Feb 04, 2019 |
Episode 131 - Windows micropatches, Google's privacy fine, and Mastercard fixes trial abuse
|
Jan 28, 2019 |
Episode 130 - Chat with Snyk co-founder Danny Grander
|
Jan 21, 2019 |
Episode 129 - The EU bug bounty program
|
Jan 14, 2019 |
Episode 128 - Australia's encryption backdoor bill
|
Jan 07, 2019 |
2018 Christmas Special - Is Santa GDPR compliant?
|
Dec 24, 2018 |
Episode 127 - Walled gardens, appstores, and more
|
Dec 17, 2018 |
Episode 126 - The not so dire future of supply chain security
|
Dec 10, 2018 |
Episode 125 - Open Source, supply chains, npm, and you
|
Dec 03, 2018 |
Episode 124 - Cloudflare's service workers and the economics of security
|
Nov 26, 2018 |
Episode 123 - Talking about Kubernetes and container security with Liz Rice
|
Nov 19, 2018 |
Episode 122 - What will Apple's T2 chip mean for the rest of us?
|
Nov 12, 2018 |
Episode 121 - All about the security of voting
|
Nov 05, 2018 |
Episode 120 - Bloomberg and hardware backdoors - it's already happening
|
Oct 29, 2018 |
Episode 119 - The Google+ and Facebook incidents, it's not your data anymore
|
Oct 22, 2018 |
Episode 118 - Cloudflare's IPFS and onion service
|
Oct 15, 2018 |
Episode 117 - Will security follow Linus' lead on being nice?
|
Oct 08, 2018 |
Episode 116 - The future of the CISO with Michael Piacente
|
Oct 01, 2018 |
Episode 115 - Discussion with Brian Hajost from SteelCloud
|
Sep 24, 2018 |
Episode 114 - Review of "Click Here to Kill Everybody"
|
Sep 17, 2018 |
Episode 113 - Actual real security advice
|
Sep 10, 2018 |
Episode 112 - Google's Titan Key and the latest Struts issue
|
Sep 03, 2018 |
Episode 111 - The TLS 1.3 and DNS episode
|
Aug 27, 2018 |
Episode 110 - Review of Black Hat, Defcon, and the effect of security policies
|
Aug 19, 2018 |
Episode 109 - OSCon and actionable advice
|
Aug 13, 2018 |
Episode 108 - Bluetooth, phishing, airgaps, and eating soup off the floor
|
Aug 06, 2018 |
Episode 107 - The year of the Linux Desktop and other hardware stories
|
Jul 30, 2018 |
Episode 106 - Data isn't oil, it's nuclear waste
|
Jul 23, 2018 |
Episode 105 - More backdoors in open source
|
Jul 16, 2018 |
Episode 104 - The Gentoo security incident
|
Jul 09, 2018 |
Episode 103 - The Seven Properties of Highly Secure Devices
|
Jul 02, 2018 |
Episode 102 - Michael Feiertag from tCell
|
Jun 25, 2018 |
Episode 101 - Our unregulated future is here to stay
|
Jun 17, 2018 |
Episode 100 - You're bad at buying security, we can help!
|
Jun 11, 2018 |
Episode 99 - Consumer security is too broken to fix, and it doesn't matter
|
Jun 04, 2018 |
Episode 98 - When IT decisions kill people
|
May 28, 2018 |
Episode 97 - Automation: Humans are slow and dumb
|
May 20, 2018 |
Episode 96 - Are legal backdoors a good idea?
|
May 11, 2018 |
Episode 95 - Twitter passwords and npm backdoors
|
May 07, 2018 |
Episode 94 - DNSSEC, BGP, and reality
|
Apr 30, 2018 |
Episode 93 - Security flaws in beep and patch, how did we get here?
|
Apr 15, 2018 |
Episode 92 - Chat with Rami Saas the CEO of WhiteSource
|
Apr 15, 2018 |
Episode 91 - Security lessons from a 7 year old
|
Apr 08, 2018 |
Episode 90 - Humans and misinformation
|
Apr 02, 2018 |
Episode 89 - Short selling AMD security flaws
|
Mar 25, 2018 |
Episode 88 - Chat with Chris Rosen from IBM about Container Security
|
Mar 18, 2018 |
Episode 87 - Chat with Let's Encrypt co-founder Josh Aas
|
Mar 11, 2018 |
Episode 86 - What happens when 23 thousand certificates leak?
|
Mar 03, 2018 |
Episode 85 - NPM ate my files
|
Feb 23, 2018 |
Episode 84 - Have I been pwned?
|
Feb 23, 2018 |
Episode 83 - XKCD + CVE = XKCVE
|
Feb 21, 2018 |
Episode 82 - RSA, TLS, Chrome HTTP, and PCI
|
Feb 13, 2018 |
Episode 81 - Autosploit, bug bounties, and the future of security
|
Feb 07, 2018 |
Episode 80 - GPS tracking and jamming
|
Jan 31, 2018 |
Episode 79 - Skyfall: please don't yell 'fire'
|
Jan 24, 2018 |
Episode 78 - Risk lessons from Hawaii
|
Jan 16, 2018 |
Episode 77 - npm and the supply chain
|
Jan 10, 2018 |
Episode 76 - Meltdown aftermath
|
Jan 07, 2018 |
Episode 75 - Security Planner review
|
Dec 19, 2017 |
Episode 74 - Facial recognition and physical security
|
Dec 13, 2017 |
Episode 73 - Security from Santa
|
Dec 06, 2017 |
Episode 72 - Bitcoin: It's over 9000
|
Nov 28, 2017 |
Episode 71 - GitHub's Security Scanner
|
Nov 21, 2017 |
Episode 70 - The security of Intel ME
|
Nov 14, 2017 |
Episode 69 - Actionable security advice
|
Nov 07, 2017 |
Episode 68 - Ruining the Internet
|
Nov 01, 2017 |
Episode 67 - Cyber won
|
Oct 24, 2017 |
Episode 66 - Objects in mirror are less terrible than they appear
|
Oct 15, 2017 |
Episode 65 - Will aliens overthrow us before AI?
|
Oct 09, 2017 |
Episode 64 - Networks and Dnsmasq and IoT oh my
|
Oct 03, 2017 |
Episode 63 - Shoot, Shovel, and Bury
|
Sep 26, 2017 |
Episode 62 - All about the Equifax hack
|
Sep 11, 2017 |
Episode 61 - Market driven security
|
Sep 05, 2017 |
Episode 60 - The official blockchain episode
|
Aug 30, 2017 |
Episode 59 - The VPN Episode
|
Aug 15, 2017 |
Episode 58 - Backwards compatibility to the point of insanity
|
Aug 09, 2017 |
Episode 57 - We may never see amazing security research ever again
|
Aug 01, 2017 |
Episode 56 - Devil's Advocate and other fuzzy topics
|
Jul 18, 2017 |
Episode 55 - Good Docs Ruin My Story
|
Jul 12, 2017 |
Episode 54 - Turning Into An Old Person
|
Jul 04, 2017 |
Episode 53 - A Plane Isn't Like A Car
|
Jun 28, 2017 |
Episode 52 - You Could Have Done It Right, But You Didn't
|
Jun 20, 2017 |
Episode 51 - All About CVE
|
Jun 12, 2017 |
Episode 50 - This Is A Security Podcast After All
|
Jun 06, 2017 |
Episode 49 - Testing Software Is Impossible
|
May 30, 2017 |
Episode 48 - Machine Learning: Not Actually Magic
|
May 21, 2017 |
Episode 47 - WannaCry: Everything Is Basically Broken
|
May 14, 2017 |
Episode 46 - Turns Out I'm Not A Bad Guy
|
May 04, 2017 |
Episode 45 - Trust Is More Important Now Than The Truth
|
May 02, 2017 |
Episode 44 - Bug Bounties Vs Pen Testing
|
Apr 25, 2017 |
Episode 43 - We Are Totally Immature
|
Apr 19, 2017 |
Episode 42 - Hitchhiker's Guide To Security
|
Apr 13, 2017 |
Episode 41 - All Your Money Are Belong To Us
|
Apr 10, 2017 |
Episode 40 - Let's Fork Bitcoin, Again
|
Apr 02, 2017 |
Episode 39 - Flash On Your Dishwasher
|
Mar 28, 2017 |
Episode 38 - We Ruin Everything
|
Mar 22, 2017 |
Episode 37 - Your Bathtub Is More Dangerous Than A Shark
|
Mar 09, 2017 |
Episode 36 - A Good Enough Podcast
|
Mar 05, 2017 |
Episode 35 - Crazy Cosmic Accident
|
Feb 28, 2017 |
Episode 34 - Bathing In Ebola Virus
|
Feb 22, 2017 |
Episode 33 - Everybody Who Went To The Circus Is In The Circus (RSA 2017)
|
Feb 15, 2017 |
Episode 32 - Gambling As A Service
|
Feb 08, 2017 |
Episode 31 - XML Is Never The Solution
|
Feb 01, 2017 |
Episode 30 - I'm Not An Expert But I've Been Yelled At By Experts
|
Jan 25, 2017 |
Episode 29 - The Security Of Rogue One
|
Jan 22, 2017 |
Episode 28 - RSA Conference 2017
|
Jan 19, 2017 |
Episode 27 - Prove To Me You Are Human
|
Jan 16, 2017 |
Episode 26 - Tell Your Sister, Stallman Was Right
|
Jan 12, 2017 |
Episode 25 - The Future Is Now
|
Jan 09, 2017 |
Episode 24 - The 2016 Prediction Edition
|
Jan 03, 2017 |
Episode 23 - We Can't Patch People
|
Dec 28, 2016 |
Episode 22 - IoT Wild West
|
Dec 24, 2016 |
Episode 21 - CVE 10K Extravaganza
|
Dec 21, 2016 |
Episode 20 - The Death Of PGP
|
Dec 19, 2016 |
Episode 19 - A Field Full Of Razor Blades And Monsters
|
Dec 13, 2016 |
Episode 18 - The Security Of Santa
|
Dec 09, 2016 |
Episode 17 - Cyphercon Interview With Korgo
|
Dec 06, 2016 |
Episode 16 - Cat And Mouse
|
Dec 02, 2016 |
Episode 15 - Cyber Black Monday
|
Nov 29, 2016 |
Episode 14 - David A Wheeler: CII Badges
|
Nov 22, 2016 |
Episode 13 - CVE: The Metric System Of Security
|
Nov 18, 2016 |
Episode 12 - Security Trebuchet
|
Nov 10, 2016 |
Episode 11 - The Poison Candy Episode
|
Oct 31, 2016 |
Episode 10 - The Super Botnet That Nobody Can Stop
|
Oct 24, 2016 |
Episode 9 - Are Bug Bounties Measuring The Wrong Things
|
Oct 18, 2016 |
Episode 8 - The Primality Of Prime Numbers
|
Oct 11, 2016 |
Episode 7 - More Powerful Than Root
|
Oct 03, 2016 |
Episode 6 - Foundational Knowledge Of Security
|
Sep 29, 2016 |
Episode 5 - OpenSSL: The Library We Deserve
|
Sep 29, 2016 |
Episode 4 - Dead Squirrel In A Box
|
Sep 21, 2016 |
Episode - 3 The Lockpicking Sewing Circle
|
Sep 13, 2016 |
Episode 2 - Instills The Proper Amount Of Fear
|
Sep 07, 2016 |
Episode 1 - Rich History Of Security Flaws
|
Sep 06, 2016 |