Episode 286 - Open source supply chain with Google's Dan Lorenc
Open Source Security30 Aug 2021

Episode 286 - Open source supply chain with Google's Dan Lorenc

Josh and Kurt talk to Dan Lorenc from Google about supply chain security. What's currently going on in this space and what sort of new thing scan we look forward to? We discuss Google's open source use, Project Sigstore, the SLSA framework and more.

Show Notes

Det här avsnittet är hämtat från ett öppet RSS-flöde och publiceras inte av Podme. Det kan innehålla reklam.

Avsnitt(528)

Episode 112 - Google's Titan Key and the latest Struts issue

Episode 112 - Google's Titan Key and the latest Struts issue

Josh and Kurt talk about the new Google Titan security key. There are some in the industry uneasy about the supply chain for the devices. We also discuss the latest Struts security issue. Struts is ol...

3 Sep 201829min

Episode 111 - The TLS 1.3 and DNS episode

Episode 111 - The TLS 1.3 and DNS episode

Josh and Kurt talk about TLS 1.3 and DNS. What can we expect from the future for these, how are they related (or not related). We touch on DNSSEC and why it probably won't matter. DNS over TLS is look...

27 Aug 201832min

Episode 110 - Review of Black Hat, Defcon, and the effect of security policies

Episode 110 - Review of Black Hat, Defcon, and the effect of security policies

Josh and Kurt talk about Black Hat and Defcon and how unexciting they have become. What happened with hotels at Defcon, and more importantly how many security policies have 2nd and 3rd level effects w...

19 Aug 201834min

Episode 109 - OSCon and actionable advice

Episode 109 - OSCon and actionable advice

Josh and Kurt talk about phishing training and how it doesn't really matter. Josh spoke at OSCon and comes back with some fun observations and advice. People want practical actionable advice and we're...

13 Aug 201834min

Episode 108 - Bluetooth, phishing, airgaps, and eating soup off the floor

Episode 108 - Bluetooth, phishing, airgaps, and eating soup off the floor

Josh and Kurt talk about the latest attack on bluetooth and discuss phishing in the modern world. U2F is a great way to stop phishing, training is not. We also discuss airgaps in response to attacks o...

6 Aug 201830min

Episode 107 - The year of the Linux Desktop and other hardware stories

Episode 107 - The year of the Linux Desktop and other hardware stories

Josh and Kurt talk about modern hardware, how security relates to devices and actions. Everything from secure devices, to the cables we use, to thermal cameras and coat hangers. We end the conversatio...

30 Juli 201829min

Episode 106 - Data isn't oil, it's nuclear waste

Episode 106 - Data isn't oil, it's nuclear waste

Josh and Kurt talk about Cory Doctorow's piece on Facebook data privacy. It's common to call data the new oil but it's more like nuclear waste. How we fix the data problem in the future is going to re...

23 Juli 201829min

Episode 105 - More backdoors in open source

Episode 105 - More backdoors in open source

Josh and Kurt talk about some recent backdoor problems in open source packages. We touch on is open source secure, how that security works, and what it should look like in the future. This problem is ...

16 Juli 201831min

Populärt inom Teknik

uppgang-och-fall
bilar-med-sladd
market-makers
elbilsveckan
natets-morka-sida
rss-technokratin
rss-laddstationen-med-elbilen-i-sverige
skogsforum-podcast
bli-saker-podden
har-vi-akt-till-mars-an
rss-veckans-ai
rss-elektrikerpodden
developers-mer-an-bara-kod
rss-uppgang-och-fall
rss-powerboat-sverige-podcast
rss-fabriken-2
rss-en-ai-till-kaffet
rss-generativet
rss-digitala-influencer-podden
rss-snacka-om-ai