Episode 286 - Open source supply chain with Google's Dan Lorenc
Open Source Security30 Elo 2021

Episode 286 - Open source supply chain with Google's Dan Lorenc

Josh and Kurt talk to Dan Lorenc from Google about supply chain security. What's currently going on in this space and what sort of new thing scan we look forward to? We discuss Google's open source use, Project Sigstore, the SLSA framework and more.

Show Notes

Tämä jakso on lisätty Podme-palveluun avoimen RSS-syötteen kautta eikä se ole Podmen omaa tuotantoa. Siksi jakso saattaa sisältää mainontaa.

Jaksot(528)

Episode 135 - Passwords, AI, and cloud strategy

Episode 135 - Passwords, AI, and cloud strategy

Josh and Kurt talk about change your password day (what a terrible day). Google's password checkup (not a terrible idea), an AI finding new spice flavors we expect will one day take over the world, an...

25 Helmi 201930min

Episode 134 - What's up with the container runc security flaw?

Episode 134 - What's up with the container runc security flaw?

Josh and Kurt talk about the new runc container security flaw. How does the flaw work, what can you do about it, what should you do about it, and what the future of container security may look like.

18 Helmi 201928min

Episode 133 - Smart locks and the government hacking devices

Episode 133 - Smart locks and the government hacking devices

Josh and Kurt talk about the fiasco hacks4pancakes described on Twitter and what the future of smart locks will look like. We then discuss what it means if the Japanese government starts hacking consu...

11 Helmi 201931min

Episode 132 - Bird Scooter: 0, Cory Doctorow: 1

Episode 132 - Bird Scooter: 0, Cory Doctorow: 1

Josh and Kurt talk about the Bird Scooter vs Corey Doctorow incident. We then get into some of the social norms around new technology and what lessons the security industry can take from something new...

4 Helmi 201930min

Episode 131 - Windows micropatches, Google's privacy fine, and Mastercard fixes trial abuse

Episode 131 - Windows micropatches, Google's privacy fine, and Mastercard fixes trial abuse

Josh and Kurt talk about non-Microsoft Windows micropatches. The days of pretending closed source matters are long gone. Google gets hit with a privacy fine, that probably won't matter. And Mastercard...

28 Tammi 201933min

Episode 130 - Chat with Snyk co-founder Danny Grander

Episode 130 - Chat with Snyk co-founder Danny Grander

Josh and Kurt talk to Danny Grander one of the co-founders of Snyk about Zip Slip, what it is, how to fix it, and how they disclosed everything. We also touch on plenty of other open source security t...

21 Tammi 201934min

Episode 129 - The EU bug bounty program

Episode 129 - The EU bug bounty program

Josh and Kurt talk about the EU bug bounty program. There have been a fair number of people complaining it's solving the wrong problem, but it's the only way the EU has to spend money on open source t...

14 Tammi 201933min

Episode 128 - Australia's encryption backdoor bill

Episode 128 - Australia's encryption backdoor bill

Josh and Kurt talk about Australia's recently passed encryption bill. What is the law that was passed, what does it mean, and what are the possible outcomes? The show notes contain a flow chart of pos...

7 Tammi 201932min