Tuesday, December 11, 2018
Open Source Security Podcast

Episode 126 – The not so dire future of supply chain security

Josh and Kurt continue the discussion from episode 125. We look at the possible future of software supply chains. It's far less dire than previously expected. It's likely there will be some change in the
Open Source Security Podcast

Episode 125 – Open Source, supply chains, npm, and you

Josh and Kurt talk about how open source deals with malicious events. It's probably impossible to stop these from happening, but the open source universe deals with it in its own unique way. We start to discuss what you can do, since...
Open Source Security Podcast

Episode 124 – Cloudflare’s service workers and the economics of security

Josh and Kurt talk about Cloudflare's new Workers service. We spend a lot of time discussing how economics drives technology, not security. It's quite likely this new service is less secure than existing alternatives, but it will be cheaper and faster which...
Open Source Security Podcast

Episode 123 – Talking about Kubernetes and container security with Liz Rice

Josh and Kurt talk to Liz Rice about Kubernetes and container security. How did we get where we are today, what's new and exciting today, and where do we think things are going.
Open Source Security Podcast

Episode 122 – What will Apple’s T2 chip mean for the rest of us?

Josh and Kurt talk about Apple's new T2 security chip. It's not open source but we expect it to change the security landscape in the coming years.
Open Source Security Podcast

Episode 121 – All about the security of voting

Josh and Kurt talk about voting security. What does it mean, how does it work. What works, what doesn't work, and most importantly why we may not see secure electronic voting anytime soon.
Open Source Security Podcast

Episode 120 – Bloomberg and hardware backdoors – it’s already happening

Josh and Kurt talk about Bloomberg's story about backdoors and motherboards. The story is probably false, but this is almost certainly happening already with hardware. What does it mean if your hardware is already backdoored by one or more countries?
Open Source Security Podcast

Episode 119 – The Google+ and Facebook incidents, it’s not your data anymore

Josh and Kurt talk about the Google+ and Facebook data incidents. We don't have any control over this data anymore. The incidents didn't really affect the users because we have no idea who has access to it. We also touch on GDPR...
Open Source Security Podcast

Episode 118 – Cloudflare’s IPFS and onion service

Josh and Kurt talk about Cloudflare's new IPFS and Onion services. One brings distributed blockchain files to the masses, the other lets you host your site on tor easily.
Open Source Security Podcast

Episode 117 – Will security follow Linus’ lead on being nice?

Josh and Kurt talk about Linus' effort to work on his attitude. What will this mean for security and IT in general?
Open Source Security Podcast

Episode 116 – The future of the CISO with Michael Piacente

Josh and Kurt talk to Michael Piacente from Hitch Partners about the past, present, and future role of the CISO in the industry.
Open Source Security Podcast

Episode 115 – Discussion with Brian Hajost from SteelCloud

Josh and Kurt talk to Brian Hajost from SteelCloud about public sector compliance. The world of public sector compliance can be confusing and strange, but it's not that bad when it's explained by someone with experience.
Open Source Security Podcast

Episode 114 – Review of “Click Here to Kill Everybody”

Josh and Kurt review Bruce Schneier's new book Click Here to Kill Everybody. It's a book everyone could benefit from reading. It does a nice job explaining many existing security problems in a simple manner.
Open Source Security Podcast

Episode 113 – Actual real security advice

Josh and Kurt talk about actual real world advice. Based on a story about trying to secure political campaigns, if we had to give some security help what should it look like, who should we give it to?
Open Source Security Podcast

Episode 112 – Google’s Titan Key and the latest Struts issue

Josh and Kurt talk about the new Google Titan security key. There are some in the industry uneasy about the supply chain for the devices. We also discuss the latest Struts security issue. Struts is old and scary now, stop using it.

Quarter of NHS Trusts Have No Security Pros

Quarter of NHS Trusts Have No Security ProsNew research has revealed a dearth of qualified cybersecurity staff in the NHS and low levels of spending on in-house training for employees. RedScan received Freedom of Information (FOI) responses from 159 trusts...

What is a keylogger? How attackers can monitor everything you type

Keylogger definitionTo read this article in full, please click here(Insider Story)
Computerworld

And that was actually the CLEAN version!

It's more than a few years back, and this oilfield services company is implementing a new email filter, says a pilot fish working there."It was part of an email security product," fish says. "The filter could identify emails containing...

Review: How StackRox protects containers

With the rise of cloud computing and later DevOps, containerization has never been more popular. But cybersecurity has yet to fully catch up. Even security applications designed to work natively in the cloud have trouble protecting the most popular...

Dark web goldmine busted by Europol

What’s the safest way to buy counterfeit banknotes? Not on the dark web market, as 235 people have just discovered to their cost.