Open Source Security

Josh and Kurt talk to Dan Lorenc from Google about supply chain security. What's currently going on in this space and what sort of new thing scan we look forward to? We discuss Google's open source us...

30 Aug 202137min

Josh and Kurt talk about open source bugs. What happens if a project decides to close most of their bugs? Nothing really. Bug trackers aren't a help desk. Show Notes Emacs closes 45% of bugs UVI Tesl...

23 Aug 202132min

Josh and Kurt talk about a Home Depot plan to put DRM on power tools. Anyone can add a computer to anything for a few dollars now. How secure is any of this. What does it mean when the things we buy s...

16 Aug 202135min

Josh and Kurt talk about a very difficult disclosure problem. What happens when you have to report a vulnerability to an ethically questionable company? It's less simple than it sounds, many of the ch...

9 Aug 202134min

Josh and Kurt talk about a story from Microsoft declaring Rust the future of safe programming, replacing C and C++. We discuss how tooling affects progress and why this isn't always obvious when you'r...

2 Aug 202130min

Josh and Kurt talk about the news that the NSO Group is widely distributing spyware onto a large number of devices. This news should be a wake up call for anyone creating devices and systems that coul...

26 Jul 202132min

Josh and Kurt talk about what happens when you lose access to your Single Sign On provider. These providers have become critical to many of us, if we lose access to our SSO account we will lose access...

19 Jul 202130min

Josh and Kurt talk about the events happening to the Audacity audio editor. What happens if a popular open source application is acquired by an unknown entity? Can this happen to other open source pro...

12 Jul 202131min