Podcast Episodes
Back to Search
The curl and glibc vulnerabilities
Episode 397
Josh and Kurt talk about a curl and glibc bug. The bugs themselves aren't super interesting, but there are other conversations around the bugs that a…
2 years, 8 months ago
CLAs are bad, Mkay?
Episode 396
Josh and Kurt talk about contributor license agreements (CLAs). CLAs used to be seen as a necessary evil, but they're almost certainly bad now. We're…
2 years, 9 months ago
Uncertainty, trust, and security
Episode 395
Josh and Kurt talk about uncertainty. There are a bunch of stories in the news lately that really just boil down to uncertainty. Uncertainty is incre…
2 years, 9 months ago
The lie anyone can contribute to open source
Episode 394
Josh and Kurt talk about filing bugs for software. There's the old saying that anyone can file bugs and submit patches for open source, but the reali…
2 years, 9 months ago
Can you secure something you don't own?
Episode 393
Josh and Kurt talk about the weird world we live in how where we can't control a lot of our hardware. We don't really have control over most devices …
2 years, 9 months ago
Curl and the calamity of CVE
Episode 392
Josh and Kurt talk about why CVE is making the news lately. Things are not well in the CVE program, and it's not looking like anything will get fixed…
2 years, 10 months ago
The Wordpress 100 year disaster recovery problem
Episode 391
Josh and Kurt talk about wordpress selling web services with a 100 year lifespan. Will WordPress still be around in 100 years? What would 100 years o…
2 years, 10 months ago
Episode 390 - Rust shipping binaries doesn't matter
Episode 390
Josh and Kurt talk about a blog post that explains how C and C++ compilers prioritize performance over correctness. This is the class story of securi…
2 years, 10 months ago
What would HashiCorp do?
Episode 389
Josh and Kurt talk about the HashiCorp license change and copyright problems in open source. This isn't the first and won't be the last time we see t…
2 years, 10 months ago
Episode 388 - Video game vulnerabilities
Josh and Kurt ask the question what is a vulnerability, but in the framing of video games. Security loves to categorize all bugs as security vulnerab…
2 years, 11 months ago