Open Source Security
Teknologia

Open Source Security

Open Source Security is a media project to help showcase and educate on open source security. Our goal is to give the community a platform educate both developers and users on how open source security works. There's a lot of good work happening that doesn't get attention because there's no marketing department behind it, they don't have a developer relations team posting on LinkedIn every two hours. Let's focus on those people and teams then learn what they do and how they do it. The goal is to hear from the people doing the work, they know what's up, they have a lot to teach us. We just have to listen.

Jaksot(527)

Episode 294 - Chris Wysopal on the state of security education

Episode 294 - Chris Wysopal on the state of security education

Josh and Kurt talk to Chris Wysopal, AKA Weld Pond, about security education. We talk about the current state of how we are learning about security as students and developers. What the best way to get...

25 Loka 202132min

Episode 293 - Scoring OpenSSF Security Scoring

Episode 293 - Scoring OpenSSF Security Scoring

Josh and Kurt talk about the release of OpenSSF Security Scorecards version 3. This is a great project that will probably make a huge difference. Most of the things the scorecards are measuring are no...

18 Loka 202134min

Episode 292 - Apache RCE and Twitch epic pwn

Episode 292 - Apache RCE and Twitch epic pwn

Josh and Kurt talk about the recent Twitch hack and how in the modern age leaking source code almost certainly doesn't matter. The leaked data however is a big deal. We also discuss a recent Apache ht...

11 Loka 202130min

Episode 291 - Everyone sucks at vulnerability disclosure

Episode 291 - Everyone sucks at vulnerability disclosure

Josh and Kurt talk about recent events around Apple and Microsoft disclosing security vulnerabilities. Microsoft usually does a good job, but Apple has a long history of not having a great bug bounty ...

4 Loka 202135min

Episode 290 - The security of the Matrix

Episode 290 - The security of the Matrix

Josh and Kurt talk about the security of the Matrix movie series. There was a new Matrix trailer that made us want to discuss some of the security themes. We talk about how the movie is very focused o...

27 Syys 202135min

Episode 289 - Who left this 0day on the floor?

Episode 289 - Who left this 0day on the floor?

Josh and Kurt talk about an unusual number of really bad security updates. We even recorded this before the Azure OMIGOD vulnerability was disclosed. It's certainly been a wild week with Apple and Chr...

20 Syys 202133min

Episode 288 - Linux Kernel compiler warnings considered dangerous

Episode 288 - Linux Kernel compiler warnings considered dangerous

Josh and Kurt talk about some happenings in the Linux Kernel. There are some new rules around how to submit patches that goes against how GitHub works. They're also turning all compiler warnings into ...

13 Syys 202136min

Episode 287 - Is GitHub's Copilot the new Clippy?

Episode 287 - Is GitHub's Copilot the new Clippy?

Josh and Kurt talk about GitHub Copilot. What can we learn from a report claiming 40% of code generated by Copilot has security vulnerabilities? Is this the future or just some sort of strange new thi...

6 Syys 202131min