Episode 203 - Humans, conferences, and security: let me think and get back to you in a bit

Josh and Kurt talk about wordpress selling web services with a 100 year lifespan. Will WordPress still be around in 100 years? What would 100 years of disaster recovery look like? Most of us will neve...

4 Sep 202339min

Josh and Kurt talk about a blog post that explains how C and C++ compilers prioritize performance over correctness. This is the class story of security vs usability. Security is never the primary goal...

28 Aug 202339min

Josh and Kurt talk about the HashiCorp license change and copyright problems in open source. This isn't the first and won't be the last time we see this, but it's very likely open source developers an...

21 Aug 202342min

Josh and Kurt ask the question what is a vulnerability, but in the framing of video games. Security loves to categorize all bugs as security vulnerabilities or not security vulnerabilities. But the re...

14 Aug 202332min

Josh and Kurt talk about the difference between what we think of as traditional open source, and enterprise software projects that have an open source license. They are both technically open source, b...

7 Aug 202334min

Josh and Kurt talk about a new Google proposal that would add DRM for the web. All the ad driven companies seem to be acting very strangely, there's probably a reason for this. The way ads used to pay...

31 Jul 202331min

Josh and Kurt talk about insider threats, but not quite in the way one would expect. The potential for insider threats is possibly higher than usual right now, but what about open source? Are open sou...

24 Jul 202333min

Josh and Kurt talk about some of the efforts to measure and understand open source. There are projects like the OpenSSF Scorecard. We want to measure open source for some idea of quality. Is AI genera...

17 Jul 202341min