Rank #1: Networking: It’s a Traaaap! – Episode 004
Part one of our introductory podcast to networking & network security.
Housekeeping, family as network, Matt becomes obsessed with the new term he’s learned “Sneakernet” and Max let’s him go hog-wild with a confusing subway car analogy.
We cover the general ideas of networking, explain some of the more common protocols and of-course talk about some potential exploits to take advantage of these.
All this and more, give it a listen!
Sep 29 2013
Rank #2: Common Web Vulnerabilities – Episode 011
Happy new year to all! (With this slightly delayed episode) for which I have no one to blame but procrastination. One might even say it’s a VULNERABILITY of mine. Is that a Segue I hear?! Not really. It’s a poorly shoe-horned in attempt to get back on topic and the topic this “week” is common web vulnerabilities!
What do I mean? We give an overview of some of the most frequently used attacks online, ways that websites, web servers, web apps, and web denizens are often compromised by the malicious.
I admit I was surprised to find I use some of these exploits myself but not in a malicious manner mind you. I was, however, not surprised at all to find out that over the years I have fallen prey to most of these!
The image made more sense before the brains of the operation made me add the “web” part. Just imagine how clever it would be if it was just “common vulnerabilities” SO CLEVER.
Funfact: This post represents the most times I have typed the word vulnerabilities, possibly ever.
Vulnerabilities. Yup, It’s now a lock!
Jan 31 2014
Rank #3: Security on a Cellular Level – Episode 022
This week was a topic I wanted to take a look at as it’s becoming a growing concern and there is currently no CLEAR winner from the end user perspective. We discuss security on cellular devices.
Cellular security is a growing concern since a lot of the new devices have their “Always on” internet connections and become a frequent source for secure and insecure communication.
Businesses both large & small with security concerns really have to take a look at these treacherous devices. Like with many of the topics we’ve discussed this really ends up being summarized as a trade-off of security to inconvenience.
As cellular security really becomes more prevalent we, as professionals and enthusiasts, really need to take them seriously.
Hopefully in the next couple years we’ll see multi-sim or multi-profile phones become more the norm and we might have another rise of RIM or a similar trend towards remote device management for the security professionals but for now tune in for our general review of options you can do yourself!
Jun 09 2014
Rank #4: Hardening is Haaaard – Episode 013
As episodes go 013 is a fun & lucky one! We are talking about hardening, we provide a general overview, we provide some ways you can follow along at home to learn on your own and we probably talk complete trash at some point since that’s how we roll! There’s even a b-bomb in this one that I wasn’t expecting, if that’s not enough of a teaser how about this?
You will never believe what we cut out of this episode. It was SO cut out of the episode it will never be available to you, the listeners!
To be honest I am not sure what it was either but this is the kind of tripe news aggregation websites have to resort to to get people to click something on Facebook and they’re consummate professionals are they not?
Hardening is not as dirty as it sounds, I think… It can be summed up as securing infrastructure by eliminating unnecessary weak points. In our context infrastructure means desktops, workstations, routers, network hubs, servers etc. so I think securing means closing open doors, shutting open ports, turning off apps & services that you don’t need, making sure you close the fridge because you aren’t paying to cool the neighbourhood, and locking the front door when you leave the house.
Come to think of it, I’m not 100% sure how accurate any of that is, I should probably give the episode another listen.
Feb 20 2014
Rank #5: Let’s talk about stacks baby! – Episode 014
We talked about web vulnerabilities and the markup languages, and interpretation of scripts, but those aren’t real programs running on your computer. This time we’re going to get a little more advanced and talk about programming and execution within the computer drawing back to the first few episodes. It’s detailed but will be the bedrock for the more advanced topics we’ll be discussing in vulnerabilities within applications running on a computer. We mention stacks and cover a great dummy program to really tie this episode together into what I lovingly call the greatest episode ever of any podcast on the internet*.
Actually I kinda felt we used the word stacks so much that I really latched onto it after editing this episode. For that I apologize. But it lead to the zany title and really confusing title image this week.
We also ran into some perceived quality issues with this week’s episode. After some finessing in the editing studio in the spacious west wing of the guest house in stately Max-Manor Max assures me with aplomb that this is resolved. As always if you disagree with Max please feel free to leave us comments below, Tweet us on twitter or email us via email.
*With the possible exception of some of the other podcasts on the internet and episodes that they had.
Mar 04 2014
Rank #6: Jobs in InfoSec – Episode 024
This might be a great episode to have listened to at the start of all this podcastery. In reality we sort of dove right in at the start without trying to tempt you with the lurid promise of fat sacks of job satisfaction.
This episode centers on possible jobs in InfoSec available with the science we are dropping within each and every episode. It’s definitely a starting point if you’re trying to convince your buddies to listen. I’m going to go ahead and predict available jobs in InfoSec will going to continue to be an ever growing demand until this whole internet craze dies out. Then we can finally go back to actually talking to one another in meatspace.
As you all might know we are delayed by my current work schedule as I have had a change in hours. I am slowly trickling out the episodes we had recorded until Max and I are able to reconcile our time zone woes. That’s why you are only getting play-offs references now. In July. Also, Happy Canada and America days, albeit early or late.
I guess, among other things, it’s the scheduling conflicts that led Max to putting this episode together. His thinking presumably was along the lines of getting me a break down of jobs in InfoSec might lead me to getting a more consistent schedule?
Who am I to pretend to understand the mind of a mad man?
Jul 03 2014
Rank #7: Seven Layer Burrito – Episode 009
Max is literally 0 milligrams lighter this episode without his Movember monthstache and you can hear the relief in his voice as he takes us delving into the delicious world of the seven layer OSI model.
What is an OSI model you ask?
That’s an excellent question!
Can I answer it?
Not without ruining THE ENTIRE EPISODE…
Is there really 7 layers?
Could there be an eighth layer?
What if I order 2 burritos and pile them on top of one another to make a 14 layer bad mother burrito?
SOME OF THESE ANSWERS AND MORE! So you might as well click on the links below to get your LEARN on! (or fire up your favorite podcatcher with the above subscription links)
We discuss popular sandwich alternatives and something about computers I think. It really is worth the listen.
Dec 19 2013
Rank #8: Plain Ketchup – Episode 044
EP044 Plain Ketchup
Playing catch-up is necessary sometimes. Sometimes life happens. It gets all up in your grill and tries to mess up your best laid plans. When that happens your only choice is to podcast at a much slower pace than expected.
Sometimes life happens all over your Co-Host.
So we have an elegant solution to that. That solution is, of course, to recap everything in one giant recap episode.
We don’t necessarily hit all the points, but we get some of the top ones that we thought were neat.
We don’t necessarily even talk about events more than I go off on a long rambling excuse about why Windows has made my life slightly inconvenient.
Sometimes Windows happens…
But why does it always happen to ME?!
Yeah. That’s not really as important a point here. So anyways.
We have another episode where we are playing catch-up on some of the better topics that happened and as always click the thing below if one of these interests you and we can possibly go more in-depth into it!
Originally Recorded October 12, 2017
Oct 18 2017
Rank #9: Let’s Social Engineer Max a Better Microphone – Episode 017
This was going to be epic.
This is the first episode that Max and I have recorded face to face in real meatspace since the beginning of this whole endeavor.
We were excited. Some may say a little TOO excited because we didn’t actually listen to what the recording was outputting. There is evidently a setting on the microphone that allows it to record from both sides simultaneously.
That setting is … Not the one we used.
This is the episode on the fine art of the social engineer that we started discussing in maybe ep01 or ep02 or something and decided to hold off on until we were sufficiently able to mess up the recording for everyone.
Social engineers work the fine art of manipulation with the eventual goal of gain. Gaining access, gaining permissions, financial gains, you know… gain.
So I apologize on behalf of this “ep01” calibre audio quality but try and stick with it. I believe this will lead to more episodes on the topic.
The post Let’s Social Engineer Max a Better Microphone – Episode 017 appeared first on In-security Podcast.
Mar 25 2014
Rank #10: Enterprise Scale Development – Episode 023
Originally recorded back in April We are getting caught up with all the delays that have plagued (or blessed in Max’s case) us. This is the episode where we discuss Enterprise scale development, the different positions that you might find in those circumstances and this will nicely play off the next episode.
As usual Max has his large scale pants on and I try to slim him down to small or medium scale so we can get a general overview.
Yes, those are fat jokes. Now that I am comfortably heavier than Max I can make those. They aren’t racist, I’m taking them back.
So right. Enterprise scale development, what to expect and the roles involved. This episode speaks for itself. Literally. It’s a podcast.
And record it.
Jun 24 2014
Rank #11: Once More Unto the Breach – Episode 025
The Verizon Data Breach Investigation Report is a helpful tool for investigating, reporting, and ultimately solving problems, but just what the heck is it?
I had no idea, to be honest, until this episode that breaches were even logged this well. Fortunately Max had a bit to say about this topic. Also fortunately he only had a bit to say about this topic. This could weigh in as our shortest podcast episode yet. You could say we didn’t “BREACH” the subject before…
If you did however you’d be wrong the word you were looking for was broach. I’m not saying that you shouldn’t use the word breach at all… Just probably not in this context. Or do, whatever, this is a infosec podcast all about computer security, not vocabulary.
I am however very disappointed with you and you might have to see me after the show for some extra tutoring.
Jul 10 2014
Rank #12: News Update – Episode 028
This is even more continuity than I ever imagined we would do. We are not only doing new content but our new content is a look back at our old content, the changes that have happened to try and keep our content relevant and also to try and take a look at how some of the bigger news stories related to info sec are shaping the industry.
That’s right. We’re going for legitimacy here!
News update is a thing we thought would be a popular feature to have as a recurring theme throughout the show’s run. Looking back in order to see what’s coming?
Aug 21 2014
Rank #13: Lets get active! (Directory) – Episode 026
Active directory is the topic of this week’s episode. We get a fundamentals course from Max.
User accounts, settings, permissions, and more all with a real world scope from an imaginary graphic design studio?
I dunno really. We had to try and humanise it.
Active directory, while not the only product of its kind, is Microsoft’s offering and, as much of the business world revolves around MS, is one of the more popular solutions.
You can expect to hear more about this helpful tool from these helpful tools since as Max rightly points out active directory only gets its surface scratched in this episode.
Jul 21 2014
Rank #14: Software For Rent – Episode 027
There’s a new business model in town friends.
We call it software for rent, for the sake of this podcast, because other wise I didn’t have a clever image for the title.
So there’s a deep insight into our development and release process.
In this one we started, innocently enough, with Max explaining his recent OS upgrade which led into some kind of diatribe on the state of… something.
We discuss at length the ups and downs of this new pay as you go software model. It’s a neat idea to not buy software at the full price but if you go with software for rent then you end up with the full version at a much lower recurring price.
I guess I shouldn’t really go into it here since we sorta get WAY into it in the podcast that you can listen to.
Jul 26 2014
Rank #15: Networking2: Networking Networks – Episode 005
We talk more about networking in part two of our networking basics. There’s a lot more in-depth coverage of networks and their interactions with other networks, time, ping we have it all!
Matt embarrasses himself by admitting he wasn’t very alert when it came to blindly clicking Google links and Max sings a little tune! What are you waiting for?
Oct 10 2013
Rank #16: Crypto Continued – Episode 021
More episodes, more episodes, more episodes!
We continue our discourse on cryptography with more of Alce Bob & Eve’s adventures! Or should I say MISADVENTURES! I shouldn’t. I should never say that. I apologize sincerely to you dear reader. Crypto is serious business and no place for levity.
This has been an enlightening episode. Or HAS IT?! You be the judge, jury, and executioner and then the executor of the will. We’d like some feedback on this episode, Too deep? Too light? What would you like to hear? Send us an email, use the comments for this post or tweet us. We’re all over those things!
Hey, just between us, I’ve been thinking of maybe revamping the page layout. What do you think about that? Would that make you feel uncomfortable? Are you so used to this layout from all the time you spend hanging out here on the site? Send an email or a tweet to let me know what your feelings are.
And now, back to our regularly scheduled crypto…
May 29 2014
Rank #17: And BOOM goes the dynamic input – Episode 015
We are drawing ever closer to the 20th episode spectacular!
I don’t know if there will in-fact be a spectacle but at this point anything goes.
This episode we explain buffer overflow on the heap and stack, format string and off by one vulnerabilities, and what to do to avoid them. It’s maybe a little heavy, maybe a little whimsical, and maybe together we can learn a little bit!
Max wanted an image for NOP SLED in the title because that would be more fun than some awkward dude at the top of the post but I was all like “Noooooooooooooope(sled)!” Then I chuckled, then I died a little more inside.
Mar 07 2014
Rank #18: Tracking U – Episode 46
EP046 Tracking U
This week we talk about online (spoilers: And offline) tracking and the people who do it.
It’s a banner year at the old in-security family, two count on the podcast front and another on the way?!
We discuss Microsoft, google, facebook and the way they go about collecting data from unsuspecting internet users. We also take an in-depth look at cookies and how they are now used for more than ever intended.
Delicious delicious cookies. Used for tracking? next you’re going to tell me that brownies can be used to get you stoned.
Originally Recorded May 2, 2018
May 30 2018
Rank #19: Meltdown Inspector – Episode 45
EP045 Meltdown Inspector
Our first (read: only?) episode for 2018 and we’re ready to talk about Meltdown and Spectre, the new class of hardware vulnerabilities that hadn’t really even been considered prior to this discovery!
We even have some housekeeping in this episode. Who would have thought with like a half year since the last EP that there was any new developments?!
So yeah, we got a lot of great content. This is a delightful reboot. Let’s hope there’s more to come! (this year)
Originally Recorded March 21, 2018
Mar 28 2018
Rank #20: Cryptographic Adventures of Alice, Bob and Eve – Episode 020
Eagle … eared listeners might have noticed we were getting out of control with our time frame references. While I really found it hilarious after a while it just kinda becomes that uncomfortable funny where no one wants to hear the joke but that one guy keeps saying it so people are just sort of laughing to be polite.
This had to stop so I took a firm stance on it and decided (which admittedly I should have maybe mentioned on the site) that we weren’t going to keep on posting things out of order. This meant we were going to sit tight until the fabled episode on cryptographic practices in the form of “Cryptographic Adventures of Alice, Bob, and Eve” was finally released. I was comfortable with holding firm on this since I had done the noble thing and left all the editing for this episode on Max’s lap.
I am a good friend and host!
I guess unless another Heartbleed things comes along we are going to try and stick to this so that I can stop thinking I am funny and can stop doing the same stupid jokes about our shows being out of order.
Which, I think is enough excuses, now let’s talk about this episode!
My how clever of him, you are all thinking! He employed a Caesar cipher to write the topic of the podcast because they are going to discuss such things!
That’s right folks! I go for the lowest hanging fruit!
Anyways give Cryptographic Adventures of Alice, Bob, and Eve a listen and then leave comments on this post or email us or whatever. Just please don’t encode your comments because while we might be able to talk about it doesn’t mean we can crack it. Heck it took months just to complete the talking about it phase…
The post Cryptographic Adventures of Alice, Bob and Eve – Episode 020 appeared first on In-security Podcast.
May 13 2014