Episode 286 - Open source supply chain with Google's Dan Lorenc
Open Source Security30 Aug 2021

Episode 286 - Open source supply chain with Google's Dan Lorenc

Josh and Kurt talk to Dan Lorenc from Google about supply chain security. What's currently going on in this space and what sort of new thing scan we look forward to? We discuss Google's open source use, Project Sigstore, the SLSA framework and more.

Show Notes

Det här avsnittet är hämtat från ett öppet RSS-flöde och publiceras inte av Podme. Det kan innehålla reklam.

Avsnitt(527)

Episode 342 - Programming languages are the new operating system

Episode 342 - Programming languages are the new operating system

Josh and Kurt talk about programming language ecosystems tracking and publishing security advisory details. We are at a point in the language ecosystems where they are giving us services that have his...

26 Sep 202229min

Episode 341 - Time till open source alternative

Episode 341 - Time till open source alternative

Josh and Kurt talk about the Time Till Open Source Alternative blog post. The numbers probably don't mean what we think they mean anymore. A lot of modern open source is really corporate controlled. J...

19 Sep 202235min

Episode 340 - Let's chat about Let's Encrypt with Josh Aas

Episode 340 - Let's chat about Let's Encrypt with Josh Aas

Josh and Kurt talk with Josh Aas from the Internet Security Research Group about Let's Encrypt, Prossimo, and Divvi Up. A lot has changed since the last time we spoke with Josh. Let's Encrypt won, and...

12 Sep 202233min

Episode 339 - Is a network problem a security vulnerability

Episode 339 - Is a network problem a security vulnerability

Josh and Kurt talk about really weird networking bugs. Josh tells a story about his home network problems that made no sense. There was also a qt5 bug that affected wireless networks that made virtual...

5 Sep 202238min

Episode 338 - The government didn't make vulnerabilities illegal. Yet.

Episode 338 - The government didn't make vulnerabilities illegal. Yet.

Josh and Kurt talk about the recent National Defense Authorization Act that requires security vulnerabilities to be fixed. What does this mean for us, is it as bad as some people are claiming it is? I...

29 Aug 202236min

Episode 337 - Security patches are getting worse - Dustin Childs from ZDI tells us why

Episode 337 - Security patches are getting worse - Dustin Childs from ZDI tells us why

Josh and Kurt talk to Dustin Childs about the recent ZDI Black Hat talk where they discovered the current trend of security patches not actually fixing the security problem. We talk about what this pr...

22 Aug 202231min

Episode 336 - We don't have data, we have security biases

Episode 336 - We don't have data, we have security biases

Josh and Kurt talk about our lack of security and some of the data bias problems that can emerge. A lot of what we think is security data is really just biased data. This is OK as long as we understan...

15 Aug 202233min

Episode 335 - Bull*&$% security ideas

Episode 335 - Bull*&$% security ideas

Josh and Kurt talk about a tweet from @kmcquade3 asking the question "What's a concept in security that is generally accepted as true but is actually bull%$#*?" How many of the replies make sense? Mos...

8 Aug 202238min

Populärt inom Teknik

uppgang-och-fall
elbilsveckan
bilar-med-sladd
market-makers
natets-morka-sida
rss-laddstationen-med-elbilen-i-sverige
bli-saker-podden
rss-elektrikerpodden
gubbar-som-tjotar-om-bilar
rss-technokratin
skogsforum-podcast
rss-uppgang-och-fall
developers-mer-an-bara-kod
rss-sakerhetspodcasten
rss-veckans-ai
rss-powerboat-sverige-podcast
rss-digitala-influencer-podden
rss-en-ai-till-kaffet
rss-upplyst-entreprenordirektor
rss-fabriken-2