Open Source Security
Teknik

Open Source Security

Open Source Security is a media project to help showcase and educate on open source security. Our goal is to give the community a platform educate both developers and users on how open source security works. There's a lot of good work happening that doesn't get attention because there's no marketing department behind it, they don't have a developer relations team posting on LinkedIn every two hours. Let's focus on those people and teams then learn what they do and how they do it. The goal is to hear from the people doing the work, they know what's up, they have a lot to teach us. We just have to listen.

Avsnitt(527)

Episode 318 - Social engineering and why zlib got a 2018 CVE ID

Episode 318 - Social engineering and why zlib got a 2018 CVE ID

Josh and Kurt talk about hackers using emergency data requests to gain access to sensitive data. The argument that somehow backdoors can be protected falls under this problem. We don't yet have the te...

11 Apr 202230min

Episode 317 - The lack of compromise in security

Episode 317 - The lack of compromise in security

Josh and Kurt talk about the binary nature of security. Many of our ideas are yes or no, there's not much in the middle. The conversation ends up derailed due to a Twitter thread about pinning depende...

4 Apr 202232min

Episode 316 - You have to use open source

Episode 316 - You have to use open source

Josh and Kurt talk about the latest NPM backdoored package. It feels like this keeps happening. We talk about why this is and why it's probably OK. Kurt fixes Linus' Law, in open source the superpower...

28 Mars 202230min

Episode 315 - Who even makes all these terrible decisions?

Episode 315 - Who even makes all these terrible decisions?

Josh and Kurt talk about Microsoft accidentally letting us find out about ads in file explorer. Changing your clocks sucks. And touch on some of the security implications of the Russian invasion and s...

21 Mars 202233min

Episode 314 - The Linux Dirty Pipe vulnerability

Episode 314 - The Linux Dirty Pipe vulnerability

Josh and Kurt talk about the Linux Kernel Dirty Pipe security vulnerability. This bug is an amazing combination of amazing complexity, incredible simplicity, and a little bit of luck. The discovery is...

14 Mars 202226min

Episode 313 - Insecurity at scale

Episode 313 - Insecurity at scale

Josh and Kurt talk about the challenges of security at scale. Specifically we focus on why a lot of security starts to fall apart once you have to do something more than a few times. There's a lot of ...

7 Mars 202231min

Episode 312 - The Legend of the SBOM

Episode 312 - The Legend of the SBOM

Josh and Kurt talk about SBOMs. Not what they are, there's plenty about that. We talk about why everyone keeps claiming they're super important, and why we're starting to see some people question if w...

28 Feb 202234min

Episode 311 - Did you scan the QR code?

Episode 311 - Did you scan the QR code?

Josh and Kurt talk about the Coinbase Super Bowl ad. It was a QR code, lots of security people were aghast at how many people scanned the QR code. The reality is scanning QR codes isn't dangerous. Wha...

21 Feb 202232min

Populärt inom Teknik

uppgang-och-fall
natets-morka-sida
elbilsveckan
market-makers
rss-laddstationen-med-elbilen-i-sverige
bli-saker-podden
rss-technokratin
bilar-med-sladd
rss-veckans-ai
rss-powerboat-sverige-podcast
skogsforum-podcast
hej-bruksbil
rss-elektrikerpodden
developers-mer-an-bara-kod
rss-uppgang-och-fall
rss-it-sakerhetspodden
rss-fabriken-2
rss-en-ai-till-kaffet
har-vi-akt-till-mars-an
rss-generativet