S0E1: "Body Bongos"

Posted
Comments 0

Navigation
Previous EpisodeNext Episode
Log
Recorded (UTC) Aired (UTC) Editor
2015-03-01 23:51:22 2015-03-03 20:29:14 brent s.
Verification
Format SHA256 GPG Audio File
MP3 12592c2da7e16ced35d5f608d073c4650a8d99e393579c8be3b6b781c621eeeb click click
OGG 4ae367bc3cb7f6a80e7a23629cf434485640647728341d93ff6a911d56824711 click click

We talk about our recording rigs (which are also in our bios), Heartbleed, ShellShock, GHOST, a FreeBSD RNG bug, and duplicate SSH keys found in the wild.

Notes

  • Detailed Heartbleed info can be found here, but this may explain it better. The Android Heartbleed vulnerability scanning app can be found here. PolarSSL was, in fact, not affected.
  • You can find out more about ShellShock here. As promised, I dug up as many of the related CVE’s as I could. They are: CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, and CVE-2014-6278. I was able to find this list compiled here, and there may be more.
  • You can find details on GHOST here. The sec researchers that discovered it have their report here.
  • You can read more about the FreeBSD RNG flaw here and here.
  • You can read more about the dupe SSH host keys found via SHODAN here.

We finish the episode with a discussion about GPG/PGP. The article I mention is here. Moxie Marlinspike’s ‘‘sslstrip’‘ is here, and OpenWhisper can be found here.

Errata

This was actually our second take! The first take we did the night before was an absolute mess because jthan’s neighbors were quite noisy. But the sound is a lot cleaner than S0E0!

Music

Music Credits
Track Title Artist Link Copyright/License
Intro Dubstep Bensound click CC-BY-ND 3.0
Outro Sexy Bensound click CC-BY-ND 3.0
(All music is royalty-free, properly licensed for use, used under fair use, or public domain.)

Author
Categories (Pilot Season)

Comments

There are currently no comments on this article.

Comment...

Enter your comment below. Fields marked * are required. You must preview your comment before submitting it.