Podcast Episodes
Back to Search
The lack of compromise in security
Episode 317
Josh and Kurt talk about the binary nature of security. Many of our ideas are yes or no, there's not much in the middle. The conversation ends up d…
4 years, 3 months ago
You have to use open source
Episode 316
Josh and Kurt talk about the latest NPM backdoored package. It feels like this keeps happening. We talk about why this is and why it's probably OK.…
4 years, 3 months ago
Who even makes all these terrible decisions?
Episode 315
Josh and Kurt talk about Microsoft accidentally letting us find out about ads in file explorer. Changing your clocks sucks. And touch on some of the …
4 years, 3 months ago
The Linux Dirty Pipe vulnerability
Episode 314
Josh and Kurt talk about the Linux Kernel Dirty Pipe security vulnerability. This bug is an amazing combination of amazing complexity, incredible sim…
4 years, 4 months ago
Insecurity at scale
Episode 313
Josh and Kurt talk about the challenges of security at scale. Specifically we focus on why a lot of security starts to fall apart once you have to do…
4 years, 4 months ago
The Legend of the SBOM
Episode 312
Josh and Kurt talk about SBOMs. Not what they are, there's plenty about that. We talk about why everyone keeps claiming they're super important, and …
4 years, 4 months ago
Did you scan the QR code?
Josh and Kurt talk about the Coinbase Super Bowl ad. It was a QR code, lots of security people were aghast at how many people scanned the QR code. Th…
4 years, 4 months ago
Hayley Tsukayama from the EFF talks about privacy
Episode 310
Josh and Kurt talk to Hayley Tsukayama from the EFF about privacy. We all know privacy in the modern age is very complicated and difficult. Normal pe…
4 years, 5 months ago
The bright future of open source security
Episode 309
Josh and Kurt talk about NPM requiring 2FA for the top 100 packages. We discuss the new Alpha and Omega projects from the OpenSSF and what it could m…
4 years, 5 months ago
Welcome to the jungle - How to talk about open source security
Episode 308
Josh and Kurt talk about how to get attention for security problems. Recent research around Twitter credentials checked into GitHub showed us how to …
4 years, 5 months ago