This browser doesn't support Spotify Web Player. Switch browsers or download Spotify for your desktop.

Open Source Security Podcast

By Josh Bressers and Kurt Seifried

A security podcast geared towards those looking to better understand security topics of the day. Hosted by Kurt Seifried and Josh Bressers covering a wide range of topics including IoT, application security, operational security, cloud, devops, and security news of the day. There is a special open source twist to the discussion often giving a unique perspective on any given topic.

  1. 1.
    Episode 221 - Security, magic, and FaceID10/26/2020
    30:42
  2. 2.
    Episode 220 - Securing network time and IoT10/19/2020
    30:47
  3. 3.
    Episode 219 - Chat with Larry Cashdollar10/12/2020
    32:13
  4. 4.
    Episode 218 - The past was a terrible place10/05/2020
    29:34
  5. 5.
    Episode 217 - How to tell your story with Travis Murdock09/28/2020
    29:52
  6. 6.
    Episode 216 - Security didn't find life on Venus09/21/2020
    31:32
  7. 7.
    Episode 215 - Real security is boring09/14/2020
    30:07
  8. 8.
    Episode 213 - Security Signals: What are you telling the world09/07/2020
    32:28
  1. 9.
    Episode 212 - Grab Bag: The Security We Deserve Edition08/31/2020
    29:34
  2. 10.
    Episode 211 - The only thing harder than signing files is managing users08/24/2020
    29:57
  3. 11.
    Episode 210 - Cult of Information Security08/17/2020
    28:26
  4. 12.
    Episode 209 - Secure Boot isn't Secure08/10/2020
    33:53
  5. 13.
    Episode 208 - Passwords are pollution08/03/2020
    32:27
  6. 14.
    Episode 207 - Weaponized attention07/27/2020
    33:01
  7. 15.
    Episode 206 - Confidential Virtual Machines; The future of cloud computing07/20/2020
    31:08
  8. 16.
    Episode 205 - The State of Open Source Security with Alyssa Miller from Snyk07/13/2020
    31:36
  9. 17.
    Episode 204 - What Would Apple Do?07/06/2020
    32:52
  10. 18.
    Episode 203 - Humans, conferences, and security: let me think and get back to you in a bit06/29/2020
    32:36
  11. 19.
    Episode 202 - The convergence of application security06/22/2020
    29:17
  12. 20.
    Episode 201 - We broke CVSSv3, now how do we fix it?06/15/2020
    31:19
  13. 21.
    Episode 200 - Talking Container Security with Liz Rice06/08/2020
    28:43
  14. 22.
    Episode 199 - Special cases are special: DNS, Websockets, and CSV06/01/2020
    29:15
  15. 23.
    Episode 198 - Good advice or bad advice? Hang up, look up, and call back05/25/2020
    33:31
  16. 24.
    Episode 197 - Beer, security, and consistency; the newer, better, triad05/17/2020
    29:46
  17. 25.
    Episode 196 - Pounding square solutions into round holes: forced updates from Ubuntu05/11/2020
    32:23
  18. 26.
    Episode 195 - Is BGP actually insecure?05/04/2020
    31:02
  19. 27.
    Episode 194 - Working from home security: resistance is futile04/27/2020
    30:59
  20. 28.
    Episode 193 - Security lessons from space: Apollo 13 edition04/20/2020
    35:07
  21. 29.
    Episode 192 - Work without progress - what Infosec can learn from treadmills04/13/2020
    33:15
  22. 30.
    Episode 191 - Security scanners are all terrible04/06/2020
    35:16
  23. 31.
    Episode 190 - Building a talent "ecosystem"04/05/2020
    32:02
  24. 32.
    Episode 189 - Video game hackers - speedrunning03/30/2020
    33:42
  25. 33.
    Episode 188 - Depressing news sucks, we're talking about cheating in video games03/23/2020
    31:00
  26. 34.
    Episode 187 - Wireguard vs IPsec: the OK Boomer of security03/15/2020
    30:06
  27. 35.
    Episode 186 - Endpoint security with Tony Meehan03/08/2020
    30:22
  28. 36.
    Episode 185 - Is it even possible to fix open source security?03/02/2020
    31:54
  29. 37.
    Episode 184 - It’s DNS. It's always DNS02/24/2020
    33:01
  30. 38.
    Episode 183 - The great working from home experiment02/17/2020
    32:31
  31. 39.
    Episode 182 - Does open source owe us anything?02/10/2020
    28:41
  32. 40.
    Episode 181 - The security of SIM swapping02/03/2020
    32:27
  33. 41.
    Episode 180 - A Tale of Two Vulnerabilities01/27/2020
    31:06
  34. 42.
    Episode 179 - Google Project Zero and the 90 day clock01/20/2020
    31:24
  35. 43.
    Episode 178 - Are CVEs important and will ransomware put you out of business?01/13/2020
    32:35
  36. 44.
    Episode 177 - Fake or real? The security of counterfeit goods01/06/2020
    29:57
  37. 45.
    Episode 176 - The 'predictions are stupid' prediction episode12/30/2019
    32:12
  38. 46.
    Episode 175 - Defenders will always be one step behind12/23/2019
    30:26
  39. 47.
    Episode 174 - GitHub turns security up to 11; A discussion with Rob Schultheis12/16/2019
    29:40
  40. 48.
    Episode 173 - Ho Ho Homeland Security12/09/2019
    34:51
  41. 49.
    Episode 172 - The security of planned obsolescence12/02/2019
    32:07
  42. 50.
    Episode 171 - Measuring cybersecurity with Kathryn Waldron11/25/2019
    30:51
  43. 51.
    Episode 170 - Until that quantum computer is cracking RSA keys, go sit back down!11/17/2019
    31:56
  44. 52.
    Episode 169 - What happens when leadership doesn't care about security?11/11/2019
    31:19
  45. 53.
    Episode 168 - The draconian draconians of DRM11/03/2019
    30:54
  46. 54.
    Episode 167 - Security is terrible because digital literacy is terrible10/28/2019
    35:18
  47. 55.
    Episode 166 - Every day should be cybersecurity awareness month!10/21/2019
    24:38
  48. 56.
    Episode 165 - Grab Bag of Microsoft Security News10/13/2019
    27:44
  49. 57.
    Episode 164 - DNS over HTTPS: Probably not the end of the world10/07/2019
    30:02
  50. 58.
    Episode 163 - Death to Python 209/30/2019
    33:21
  51. 59.
    Episode 162 - SBOM with Allan Friedman09/23/2019
    30:34
  52. 60.
    Episode 161 - Human nature and ad powered open source09/16/2019
    29:18
  53. 61.
    Episode 160 - Disclosing security issues is insanely complicated: Part 209/09/2019
    31:10
  54. 62.
    Episode 159 - Disclosing security issues is insanely complicated: Part 109/02/2019
    29:22
  55. 63.
    Episode 158 - The mess that we call credit agencies in the US08/26/2019
    27:47
  56. 64.
    Episode 157 - Backdoors and snake oil in our cryptography08/19/2019
    30:57
  57. 65.
    Episode 156 - What if we MitM a whole country?07/29/2019
    29:56
  58. 66.
    Episode 155 - Stealing cars and ransomware07/22/2019
    27:21
  59. 67.
    Episode 154 - Chat with the authors of the book "The Fifth Domain"07/16/2019
    31:16
  60. 68.
    Episode 153 - The unexpected security of AI, photographs, and VPN07/08/2019
    34:32
  61. 69.
    Episode 152 - Tavis breaks the world ... again07/01/2019
    30:39
  62. 70.
    Episode 151 - The DARPA Cyber Grand Challenge with David Brumley06/24/2019
    30:11
  63. 71.
    Episode 150 - Our ad funded dystopian present06/17/2019
    30:08
  64. 72.
    Episode 149 - Chat with Michael Coates about data security06/10/2019
    26:26
  65. 73.
    Episode 148 - You just got pwnt, what now?06/03/2019
    29:20
  66. 74.
    Episode 147 - Scams and operations as part of the supply chain05/27/2019
    30:26
  67. 75.
    Episode 146 - What the @#$% happened to Microsoft?05/20/2019
    32:23
  68. 76.
    Episode 145 - What do security and fire have in common?05/13/2019
    34:19
  69. 77.
    Episode 144 - The security of money, which one is best?05/06/2019
    33:33
  70. 78.
    Episode 143 - Security lessons from the phone book04/29/2019
    34:39
  71. 79.
    Episode 142 - Hypothetical security: what if you find a USB flash drive?04/21/2019
    31:26
  72. 80.
    Episode 141 - Timezones are hard, security is harder04/15/2019
    36:13
  73. 81.
    Episode 140 - Good enough security is a pretty high bar04/08/2019
    34:19
  74. 82.
    Episode 139 - Secure voting, firefox send, and toxic comments on the internet04/01/2019
    30:56
  75. 83.
    Episode 138 - Information wants to be free03/25/2019
    32:18
  76. 84.
    Episode 137.5 - Holy cow Beto was in the cDc, this is awesome!03/18/2019
    35:16
  77. 85.
    Episode 137 - When the IoT attacks!03/11/2019
    30:33
  78. 86.
    Episode 136 - How people feel is more important than being right03/04/2019
    31:34
  79. 87.
    Episode 135 - Passwords, AI, and cloud strategy02/25/2019
    30:37
  80. 88.
    Episode 134 - What's up with the container runc security flaw?02/18/2019
    28:57
  81. 89.
    Episode 133 - Smart locks and the government hacking devices02/11/2019
    31:09
  82. 90.
    Episode 132 - Bird Scooter: 0, Cory Doctorow: 102/04/2019
    30:10
  83. 91.
    Episode 131 - Windows micropatches, Google's privacy fine, and Mastercard fixes trial abuse01/28/2019
    33:25
  84. 92.
    Episode 130 - Chat with Snyk co-founder Danny Grander01/21/2019
    34:02
  85. 93.
    Episode 129 - The EU bug bounty program01/14/2019
    33:14
  86. 94.
    Episode 128 - Australia's encryption backdoor bill01/07/2019
    32:58
  87. 95.
    2018 Christmas Special - Is Santa GDPR compliant?12/24/2018
    37:36
  88. 96.
    Episode 127 - Walled gardens, appstores, and more12/17/2018
    34:59
  89. 97.
    Episode 126 - The not so dire future of supply chain security12/10/2018
    33:12
  90. 98.
    Episode 125 - Open Source, supply chains, npm, and you12/03/2018
    31:03
  91. 99.
    Episode 124 - Cloudflare's service workers and the economics of security11/26/2018
    34:03
  92. 100.
    Episode 123 - Talking about Kubernetes and container security with Liz Rice11/19/2018
    27:51
  93. 101.
    Episode 122 - What will Apple's T2 chip mean for the rest of us?11/12/2018
    33:03
  94. 102.
    Episode 121 - All about the security of voting11/05/2018
    36:47
  95. 103.
    Episode 120 - Bloomberg and hardware backdoors - it's already happening10/29/2018
    30:55
  96. 104.
    Episode 119 - The Google+ and Facebook incidents, it's not your data anymore10/22/2018
    31:37
  97. 105.
    Episode 118 - Cloudflare's IPFS and onion service10/15/2018
    30:48
  98. 106.
    Episode 117 - Will security follow Linus' lead on being nice?10/08/2018
    31:01
  99. 107.
    Episode 116 - The future of the CISO with Michael Piacente10/01/2018
    30:30
  100. 108.
    Episode 115 - Discussion with Brian Hajost from SteelCloud09/24/2018
    30:15
  101. 109.
    Episode 114 - Review of "Click Here to Kill Everybody"09/17/2018
    30:49
  102. 110.
    Episode 113 - Actual real security advice09/10/2018
    30:37
  103. 111.
    Episode 112 - Google's Titan Key and the latest Struts issue09/03/2018
    29:05
  104. 112.
    Episode 111 - The TLS 1.3 and DNS episode08/27/2018
    32:37
  105. 113.
    Episode 110 - Review of Black Hat, Defcon, and the effect of security policies08/19/2018
    34:48
  106. 114.
    Episode 109 - OSCon and actionable advice08/13/2018
    34:17
  107. 115.
    Episode 108 - Bluetooth, phishing, airgaps, and eating soup off the floor08/06/2018
    30:34
  108. 116.
    Episode 107 - The year of the Linux Desktop and other hardware stories07/30/2018
    29:03
  109. 117.
    Episode 106 - Data isn't oil, it's nuclear waste07/23/2018
    29:53
  110. 118.
    Episode 105 - More backdoors in open source07/16/2018
    31:44
  111. 119.
    Episode 104 - The Gentoo security incident07/09/2018
    33:13
  112. 120.
    Episode 103 - The Seven Properties of Highly Secure Devices07/02/2018
    33:22
  113. 121.
    Episode 102 - Michael Feiertag from tCell06/25/2018
    30:48
  114. 122.
    Episode 101 - Our unregulated future is here to stay06/17/2018
    32:45
  115. 123.
    Episode 100 - You're bad at buying security, we can help!06/11/2018
    35:53
  116. 124.
    Episode 99 - Consumer security is too broken to fix, and it doesn't matter06/04/2018
    34:19
  117. 125.
    Episode 98 - When IT decisions kill people05/28/2018
    34:23
  118. 126.
    Episode 97 - Automation: Humans are slow and dumb05/20/2018
    33:07
  119. 127.
    Episode 96 - Are legal backdoors a good idea?05/11/2018
    32:53
  120. 128.
    Episode 95 - Twitter passwords and npm backdoors05/07/2018
    29:31
  121. 129.
    Episode 94 - DNSSEC, BGP, and reality04/30/2018
    28:17
  122. 130.
    Episode 93 - Security flaws in beep and patch, how did we get here?04/15/2018
    36:03
  123. 131.
    Episode 92 - Chat with Rami Saas the CEO of WhiteSource04/15/2018
    33:33
  124. 132.
    Episode 91 - Security lessons from a 7 year old04/08/2018
    19:03
  125. 133.
    Episode 90 - Humans and misinformation04/02/2018
    36:24
  126. 134.
    Episode 89 - Short selling AMD security flaws03/25/2018
    33:59
  127. 135.
    Episode 88 - Chat with Chris Rosen from IBM about Container Security03/18/2018
    32:58
  128. 136.
    Episode 87 - Chat with Let's Encrypt co-founder Josh Aas03/11/2018
    38:32
  129. 137.
    Episode 86 - What happens when 23 thousand certificates leak?03/03/2018
    34:23
  130. 138.
    Episode 85 - NPM ate my files02/23/2018
    32:16
  131. 139.
    Episode 84 - Have I been pwned?02/23/2018
    31:54
  132. 140.
    Episode 83 - XKCD + CVE = XKCVE02/21/2018
    31:11
  133. 141.
    Episode 82 - RSA, TLS, Chrome HTTP, and PCI02/13/2018
    29:52
  134. 142.
    Episode 81 - Autosploit, bug bounties, and the future of security02/07/2018
    31:36
  135. 143.
    Episode 80 - GPS tracking and jamming01/31/2018
    33:41
  136. 144.
    Episode 79 - Skyfall: please don't yell 'fire'01/24/2018
    55:45
  137. 145.
    Episode 78 - Risk lessons from Hawaii01/16/2018
    52:58
  138. 146.
    Episode 77 - npm and the supply chain01/10/2018
    1:00:09
  139. 147.
    Episode 76 - Meltdown aftermath01/07/2018
    50:33
  140. 148.
    Episode 75 - Security Planner review12/19/2017
    1:03:08
  141. 149.
    Episode 74 - Facial recognition and physical security12/13/2017
    42:55
  142. 150.
    Episode 73 - Security from Santa12/06/2017
    1:00:47
  143. 151.
    Episode 72 - Bitcoin: It's over 900011/28/2017
    52:39
  144. 152.
    Episode 71 - GitHub's Security Scanner11/21/2017
    46:36
  145. 153.
    Episode 70 - The security of Intel ME11/14/2017
    49:18
  146. 154.
    Episode 69 - Actionable security advice11/07/2017
    46:51
  147. 155.
    Episode 68 - Ruining the Internet11/01/2017
    51:46
  148. 156.
    Episode 67 - Cyber won10/24/2017
    38:03
  149. 157.
    Episode 66 - Objects in mirror are less terrible than they appear10/15/2017
    45:13
  150. 158.
    Episode 65 - Will aliens overthrow us before AI?10/09/2017
    49:38
  151. 159.
    Episode 64 - Networks and Dnsmasq and IoT oh my10/03/2017
    52:02
  152. 160.
    Episode 63 - Shoot, Shovel, and Bury09/26/2017
    58:56
  153. 161.
    Episode 62 - All about the Equifax hack09/11/2017
    1:05:33
  154. 162.
    Episode 61 - Market driven security09/05/2017
    51:46
  155. 163.
    Episode 60 - The official blockchain episode08/30/2017
    46:19
  156. 164.
    Episode 59 - The VPN Episode08/15/2017
    56:11
  157. 165.
    Episode 58 - Backwards compatibility to the point of insanity08/09/2017
    55:26
  158. 166.
    Episode 57 - We may never see amazing security research ever again08/01/2017
    53:11
  159. 167.
    Episode 56 - Devil's Advocate and other fuzzy topics07/18/2017
    58:56
  160. 168.
    Episode 55 - Good Docs Ruin My Story07/12/2017
    50:50
  161. 169.
    Episode 54 - Turning Into An Old Person07/04/2017
    56:30
  162. 170.
    Episode 53 - A Plane Isn't Like A Car06/28/2017
    48:58
  163. 171.
    Episode 52 - You Could Have Done It Right, But You Didn't06/20/2017
    52:21
  164. 172.
    Episode 51 - All About CVE06/12/2017
    54:13
  165. 173.
    Episode 50 - This Is A Security Podcast After All06/06/2017
    49:00
  166. 174.
    Episode 49 - Testing Software Is Impossible05/30/2017
    43:04
  167. 175.
    Episode 48 - Machine Learning: Not Actually Magic05/21/2017
    47:36
  168. 176.
    Episode 47 - WannaCry: Everything Is Basically Broken05/14/2017
    48:09
  169. 177.
    Episode 46 - Turns Out I'm Not A Bad Guy05/04/2017
    49:11
  170. 178.
    Episode 45 - Trust Is More Important Now Than The Truth05/02/2017
    52:19
  171. 179.
    Episode 44 - Bug Bounties Vs Pen Testing04/25/2017
    50:02
  172. 180.
    Episode 43 - We Are Totally Immature04/19/2017
    1:00:34
  173. 181.
    Episode 42 - Hitchhiker's Guide To Security04/13/2017
    1:07:00
  174. 182.
    Episode 41 - All Your Money Are Belong To Us04/10/2017
    56:03
  175. 183.
    Episode 40 - Let's Fork Bitcoin, Again04/02/2017
    1:00:27
  176. 184.
    Episode 39 - Flash On Your Dishwasher03/28/2017
    58:29
  177. 185.
    Episode 38 - We Ruin Everything03/22/2017
    58:18
  178. 186.
    Episode 37 - Your Bathtub Is More Dangerous Than A Shark03/09/2017
    52:15
  179. 187.
    Episode 36 - A Good Enough Podcast03/05/2017
    47:44
  180. 188.
    Episode 35 - Crazy Cosmic Accident02/28/2017
    50:02
  181. 189.
    Episode 34 - Bathing In Ebola Virus02/22/2017
    53:59
  182. 190.
    Episode 33 - Everybody Who Went To The Circus Is In The Circus (RSA 2017)02/15/2017
    36:10
  183. 191.
    Episode 32 - Gambling As A Service02/08/2017
    51:23
  184. 192.
    Episode 31 - XML Is Never The Solution02/01/2017
    53:27
  185. 193.
    Episode 30 - I'm Not An Expert But I've Been Yelled At By Experts01/25/2017
    58:44
  186. 194.
    Episode 29 - The Security Of Rogue One01/22/2017
    1:02:15
  187. 195.
    Episode 28 - RSA Conference 201701/19/2017
    55:46
  188. 196.
    Episode 27 - Prove To Me You Are Human01/16/2017
    55:03
  189. 197.
    Episode 26 - Tell Your Sister, Stallman Was Right01/12/2017
    54:13
  190. 198.
    Episode 25 - The Future Is Now01/09/2017
    55:14
  191. 199.
    Episode 24 - The 2016 Prediction Edition01/03/2017
    56:21
  192. 200.
    Episode 23 - We Can't Patch People12/28/2016
    53:06

Listen to Open Source Security Podcast now.

Listen to Open Source Security Podcast in full in the Spotify app