Informações:
Sinopse
Jon and Eric have worked in the security space as developers, architects and leaders for more years than they care to count. At some point Jon said, "we should do a podcast", and here we are. From commentary on current events to random musings, they chat (mostly) about security and technology topics. However, life is more than just the day job. From beekeeping adventures to hiking mountains to shows on Netflix, there's always something fun to wrap up the show.
Episódios
-
192: True Portland Fashion
14/08/2021 Duração: 54minEric has mixed followup, and Jon finishes the Yurt; Scamming the wannabe scammers, AI authored phishing, and Poly Network Hacked and some crypto returned. A bit about the Apple CSAM detection features. A newly realized carnivorous plant, and a climate change serenity prayer. 0:00 - Intro 13:57 - Honor (?) Among Thieves 17:07 - Let the AI Phish 20:56 - Poly Network Hack 26:26 - Crypto Returns 29:26 - CSAM Take 1 35:50 - CSAM Take 2 43:20 - Carnivory 47:25 - Pinboard's Opinion
-
191: Psychologically Vampiric
07/08/2021 Duração: 50minHijinks all around in this episode. Eric fails to injure himself playing softball this week and Jon explains what 20/20 means? Jon expounds on the audio book value proposition while Eric fails to understand (again). A phone was lost, stay tuned next week for the result! A bit of Solarwinds followup, a capsule hotel IoT party, a sportsball video game gambit, and an accelerometer intrigue. Eric empathizes with the Silver Medalists and swoons over David Attenborough (again) while Jon talks up Time Crystals. 0:00 - Intro Hijinks 12:41 - Solarwinds Followup Hijinks 16:00 - Capsule Hotel Hijinks 21:02 - FIFA 21 Theft Hijinks 28:35 - Accelerometer Hijinks 34:30 - Olympic Medal Hijinks 37:41 - Pandemic Hijinks 41:13 - Time Crystal Hijinks
-
190: Angry Anime Dad
31/07/2021 Duração: 45minEric wounds his face and Jon builds a Yurt Base. Keep your devices updated -- more active exploitation. FTC warns of potential crackdowns and fallout from data abuses, location data is not anonymous, and the White House releases a memo regarding cybersecurity for critical infrastructure control systems. For fun we have Project Hail Mary by Andy Weir, and a Google AI blog about movie-style image enhancement. 0:00 - Intro 12:38 - Update Your Apple (and other) Things 14:09 - FTC Crackdown Warning 18:56 - Location Fingerprint 27:46 - Cybersecurity for Critical Infrastructure 33:39 - Project Hail Mary 37:11 - Super-Resolution via Repeated Refinements
-
189: Walk the Asymptote
24/07/2021 Duração: 35minEric's back from camping and Jon disassembles a yurt. Instagram introduces a Security Checkup and Wired outlines an ATM NFC Hack. Millions of printers have bugs and Jon waxes philosophical on security. Eric discovers a new poetry and Jon recommends a book by Trevor Noah. 0:00 - Intro 10:18 - Instagram Security 13:23 - ATM NFC Hack 17:24 - Printer Bugs 20:27 - Security Nihilism 28:32 - Source Code Poetry 31:43 - Born a Crime
-
188: In It For The Bubbles
17/07/2021 Duração: 44minEric's still on vacation, and Jon goes Fishing. Coke Zero is getting a flavor [up|down]grade, and the Kaseya exploit details revealed. Google supports authenticated images in gmail, a glimmer of Net Neutrality, and inside the W3C's Privacy War. For fun we have River Runner and an awesome thread about the Appalachian mountains. 0:00 - Intro 9:14 - Coke Zero Flavor Change 10:52 - Kaseya Followup 17:15 - Google Supports BIMI 21:17 - Internet as Utility 25:06 - W3C Privacy War 34:58 - River Runner 37:14 - Geological Fun
-
187: No one is in a hurry
10/07/2021 Duração: 43minEric is on vacation and Jon goes to the beach. Some Android apps steal Facebook credentials and a law firm gets an injunction against ransomware criminals. Kaseya is busy and Kaspersky fixes a password manager. Goomics hits close to home and Jon chats about James Barry and Solar Panels over Canals. 0:00 - Intro 9:22 - Facebook stealing Android apps 12:24 - Legal Injunction 14:17 - Kaseya 20:45 - Password Manager Ooops 30:40 - goomics.net 33:22 - James Barry 37:49 - Solar Panel'd Canals
-
186: International Asteroid Day
02/07/2021 Duração: 45minEric and Jon both survived the PDX Heat Dome; followup for Microsoft signed malicious drivers, data about elder fraud, LinkedIn breach exposes 700M records, and the Western Digital drive compromise. For fun we have your Birth Day #1 song (or movie, etc), International Asteroid Day, and the first results from a medical trial using systemic application of CRISPR gene editing. 0:00 - Intro 11:04 - Malicious MSFT Signed Drivers 17:30 - Preventing Elder Fraud 23:13 - 700M LinkedIn Records 28:44 - MyBook Live Compromise 35:01 - Birth Day #1 Song 38:14 - International Asteroid Day 39:51 - Systemic CRISPR
-
185: Protesting Strawberries
25/06/2021 Duração: 46minIt's gonna be hot next week. Eric grills on Father's Day and finishes a project. Jon watches a movie for Father's Day. Eric has his credit card number stolen (again!) and chats about Call Center Malware. Jon talks D3FEND and signed rootkits. Eric shares the origins of the Strawberry Moon and Jon speaks to really tall rhinos and disruptive dark fish. 0:00 - Intro 17:07 - Call Center Malware 23:48 - D3FEND 28:01 - Signed Rootkits 34:13 - Strawberry Moon 38:10 - Rhino Fossils 40:17 - Dark Fish
-
184: Drooping Graduation Caps
18/06/2021 Duração: 49minEric has a wet graduation (and grills!) and Jon does more bee whatevers. Another dead Asian Giant Hornet found in Washington. Topics include McAfee demoing a vuln in Peloton, paying Ransomware more than once, and a significant Business Email Compromise found by Microsoft. For fun you can chat with an AI, or have a read about how to improve scientific research funding in the US. Also, go watch Loki. 0:00 - Intro 15:55 - Dead Asian Giant Hornet Found 19:54 - Mcafee + Peloton 23:54 - Ransomware Stats 26:56 - Business Email Compromise 36:26 - Thought Screen 39:52 - Fast Grants
-
183: There's Something Funny About a Shaved Alpaca
12/06/2021 Duração: 51minIt's been a long week and the hosts are tired. Some follow up happened. You can mine crypto with your antivirus software apparently. The FBI runs a legit illegit company. Fastly breaks the internet and you should watch out for an Alpaca on the Attack. Eric dives into Urban Spacial Order and Bird Anting while Jon considers a Stolen Ring from long ago and floats an article you should read above tax avoidance. 0:00 - Intro 12:07 - Followup 13:10 - Norton 360 Crypto Mining 15:56 - FBI, dba Anom 19:51 - Fastly Outage 26:46 - Alpaca Attack 28:36 - There's something funny about a shaved alpaca 37:25 - Urban Spatial Order 41:32 - Anting 43:51 - A Stolen Ring 48:07 - Avoiding Taxes
-
182: Bluetooth Fingerprinting
05/06/2021 Duração: 49minJon returns from camping and Eric grills and is grilled. How to spot malicious extensions using reviews, Android's new privacy options, the Arizona suit against Google for potential privacy violations, and a "cloud first" botnet. For fun we have Ingenuity's latest (anomalous) flight, jumping from a plane without a parachute, and how to play Pinochle. 0:00 - Intro 14:16 - Dangerous Extensions 20:03 - Android 12 Privacy Options 24:18 - Google's Privacy Suit 31:46 - Kubernetes Botnet 36:30 - Ingenuity Anomaly 41:35 - No Parachute 44:28 - Pinochle
-
181: Malware Inception
28/05/2021 Duração: 38minMore water problems for Eric. Jon makes cheese. Apple admits it has a problem and Jon provides an example - then talks about the RSA Hack Ten Year Reunion show! Eric finds Crypto, COBOL and Taxes somewhat funny and Jon follows the trail that defined "Aerosol". 0:00 - Intro 7:08 - Apple has Malware! 11:41 - XCSSET Malware 17:32 - The RSA Hack, 10 years later 26:09 - Crypto, COBOL, and Taxes 30:08 - Define "Aerosol"
-
180: Low Bandwidth Database
22/05/2021 Duração: 46minEric tries his hand at brisket, and Jon has a cow (literally). A cool IMSI-catcher project, four android zero days, and a way to use Apple's Find My network to send arbitrary data. For fun we have "Dangit, Git!", China's mars rover landing, and the Soviet Venera program focused on Venus. 0:00 - Intro 14:47 - SeaGlass 22:44 - Android Zero Days 25:22 - Send My 32:46 - OpenHaystack 35:42 - Dangit, Git!?! 39:32 - China Lands On Mars 41:25 - Soviet Venera Program
-
179: An Intentional Griller
14/05/2021 Duração: 47minJon watches fencing this time, Eric tries out the new grill. Ransomware hits a pipeline and people bag gasoline. Eric figures SSH+YubiKeys is one more step toward a passwordless future. Jon chats up the Frag Attack and Eric likes the logo. A mobile chip bug has a massive footprint. Eric's curiosity is piqued on microreactors and Jon thinks about training some covid detecting bees. 0:00 - Intro 12:20 - Pipeline Ransomware 20:25 - GitHub, SSH and YubiKeys 24:28 - Frag Attack 31:57 - Mobile Chip Bug 36:47 - Nuclear Microreactor 41:35 - Covid Trained Bees
-
178: Rapid Unexpected Disassembly
08/05/2021 Duração: 52minEric is civic-y and ready to BBQ. Jon does more Bee stuff. Space news is good, Signal is rocking it, Anti-vaxxers + Q(R) codes, Google talks about bad apps and developers, and a(nother?) gatekeeper bypass. For fun we have namedrop.io, an immunity tracker dashboard, and did you know there was an annual Planetary Defense Conference? 0:00 - Intro 17:09 - Landing Nominal 19:28 - Ingenuity's 4th Flight 20:11 - C-17 Droppings 21:03 - Signal's Instagram Ads 25:30 - Anti-Vaxx QR 28:35 - Bad Apps and Developers 32:50 - Gatekeeper Bypass 41:24 - Name Drop 44:37 - Immunity Level 49:37 - Planetary Defense Conference
-
177: Serendipitous Opportunity
01/05/2021 Duração: 38minEric and Jon "discuss" cooking with fire. Jon buys an oboe. Eric reminisces about a childhood home now in the news while Jon offers Captain Fantastic. Google Argentina sighs "Whoops!" and a Ransomware Gang yells "Stonks!" Jon drops RotaJakiro and CIA Malware. Eric shares thoughts about left-handed booksellers while Jon watches Ted Lasso and admires this year's crop of cicadas. Finally, if you have the means, please donate to help India out. 0:00 - Intro 9:51 - Hualapai Mountains 11:02 - Captain Fantastic 15:31 - google.com.ar goes where? 17:37 - Ransomware Gang Stonks 20:17 - RotaJakiro 23:30 - CIA Malware 27:33 - The Left-Handed Booksellers of London 32:08 - Ted Lasso 33:10 - Cicada 2021 36:07 - Covid & India
-
176: Fall Off A Truck
24/04/2021 Duração: 52minEric uses Actual Fire while Jon uses Fake Fire, evidently. There will be posts. Vulnerable Energy Production seeks Cybersecurity Defense Solutions. Devices in the UK will need to display how long they'll get security updates (including phones). More supply chain attacks, and the hacked hacks back. Ingenuity has its test flight, Windows embraces Linux GUI apps, and a Cold War to monitor McDonald's ice cream machines. 0:00 - Intro 17:10 - Electricity Operations 21:14 - Security Updates Provided 25:09 - Mo' Supply Chain 30:06 - Signal's Signal 39:01 - Ingenuity Flies 40:49 - X + Windows 44:22 - Cold War
-
175: I Have Not Outgrown Space Yet
16/04/2021 Duração: 43minEric paints a nebula, Jon weighs some bees. Notes about Contact Form Malware and more Exchange webshells. Eric likes Bloom Filters and Jon likes Nuclear Fusion with a side of Kiss the Ground. 0:00 - Intro 14:32 - Contact Form Malware 22:25 - FBI & Web Shells 27:14 - CISA Note 31:51 - Bloom Filters 33:49 - Nuclear Fusion 40:35 - Kiss the Ground
-
174: Fair Use As A Matter Of Law
10/04/2021 Duração: 51min[Had to use backup audio for part of this, sorry!] It's spring -- that means sprinklers and dandelions. Jon talks way too much about bees. More about LoRa, how people are mining on GitHub's dime, the Oracle v. Google suit is ruled, Microsoft is building Java now, and ransomware at the vehicle inspection stations. For fun we have mutant rabbits and hints of a potential new particle. Or not, if you believe the computer folks. 0:00 - Introduction 15:19 - LoRa Part II 17:01 - Mining on GitHub 26:43 - It Is So Ordered 29:47 - Microsoft Builds Java 35:00 - Inspection Outage 39:16 - Mutant Rabbits 42:34 - Fainting Goats 44:25 - Fermilab Muons
-
173: A Little Bit of Trollery
02/04/2021 Duração: 48min"Bees use Tools?" Jon wonders. "I'm tired of driving." Eric muses. LoRa attacks outlined and the Mystery of the Eagles is solved. Apple patches, PHP Hacks and Ubiquity Oopsies, oh my! Classic video game inception and there's something alien at the core of the Earth. 0:00 - Intro 6:38 - Bees with Tools? 16:35 - LoRaWAN Attacks 22:27 - Eagle Mystery Solved! 24:42 - Another Apple Patch 28:08 - PHP Hack 33:17 - Ubiquity Oops 41:03 - Doom Snake 43:32 - Alien World at the Earth's Core 47:22 - Seveneves