Cover image of In-Security
(0)
Software How-To
Tech News

In-Security

Updated 9 days ago

Software How-To
Tech News
Read more

An in-depth look at computer security from the insides out. Assuming no computer science background we build you from the fundamentals up to being able to deal with current issues in computer security. We're two guys, one with a comprehensive computer security background and the other is here to keep him from jumping too far into the deep end.

Read more

An in-depth look at computer security from the insides out. Assuming no computer science background we build you from the fundamentals up to being able to deal with current issues in computer security. We're two guys, one with a comprehensive computer security background and the other is here to keep him from jumping too far into the deep end.

iTunes Ratings

0 Ratings
Average Ratings
0
0
0
0
0

iTunes Ratings

0 Ratings
Average Ratings
0
0
0
0
0
Cover image of In-Security

In-Security

Updated 9 days ago

Read more

An in-depth look at computer security from the insides out. Assuming no computer science background we build you from the fundamentals up to being able to deal with current issues in computer security. We're two guys, one with a comprehensive computer security background and the other is here to keep him from jumping too far into the deep end.

Rank #1: Hardening is Haaaard – Episode 013

Podcast cover
Read more

EP013 Hardening is Hard As episodes go 013 is a fun & lucky one! We are talking about hardening, we provide a general overview, we provide some ways you can follow along at home to learn on your own and we probably talk complete trash at some point since that’s how we roll! There’s even a b-bomb in this one that I wasn’t expecting, if that’s not enough of a teaser how about this? You will never believe what we cut out of this episode. It was SO cut out of the episode it will never be available to you, the listeners! To be honest I am not sure what it was either but this is the kind of tripe news aggregation websites have to resort to to get people to click something on Facebook and they’re consummate professionals are they not? Hardening is not as dirty as it sounds, I think… It can be summed up as securing infrastructure by eliminating unnecessary weak points. In our context infrastructure means desktops, workstations, routers, network hubs, servers etc. so I think securing means closing open doors, shutting open ports, turning off apps & services that you don’t need, making sure you close the fridge because you aren’t paying to cool the neighbourhood, and locking the front door when you leave the house. Come to think of it, I’m not 100% sure how accurate any of that is, I should probably give the episode another listen. Shownotes

Feb 20 2014
47 mins
Play

Rank #2: Let’s talk about stacks baby! – Episode 014

Podcast cover
Read more

EP014 Let’s talk about stacks baby! We talked about web vulnerabilities and the markup languages, and interpretation of scripts, but those aren’t real programs running on your computer. This time we’re going to get a little more advanced and talk about programming and execution within the computer drawing back to the first few episodes. It’s detailed but will be the bedrock for the more advanced topics we’ll be discussing in vulnerabilities within applications running on a computer. We mention stacks and cover a great dummy program to really tie this episode together into what I lovingly call the greatest episode ever of any podcast on the internet*. Actually I kinda felt we used the word stacks so much that I really latched onto it after editing this episode. For that I apologize. But it lead to the zany title and really confusing title image this week. We also ran into some perceived quality issues with this week’s episode. After some finessing in the editing studio in the spacious west wing of the guest house in stately Max-Manor Max assures me with aplomb that this is resolved. As always if you disagree with Max please feel free to leave us comments below, Tweet us on twitter or email us via email. *With the possible exception of some of the other podcasts on the internet and episodes that they had. Shownotes

Mar 04 2014
38 mins
Play

Rank #3: Let’s Social Engineer Max a Better Microphone – Episode 017

Podcast cover
Read more

EP017 Let’s Social Engineer Max a Better Microphone This was going to be epic. This is the first episode that Max and I have recorded face to face in real meatspace since the beginning of this whole endeavor. We were excited. Some may say a little TOO excited because we didn’t actually listen to what the recording was outputting. There is evidently a setting on the microphone that allows it to record from both sides simultaneously. That setting is … Not the one we used. This is the episode on the fine art of the social engineer that we started discussing in maybe ep01 or ep02 or something and decided to hold off on until we were sufficiently able to mess up the recording for everyone. Social engineers work the fine art of manipulation with the eventual goal of gain. Gaining access, gaining permissions, financial gains, you know… gain. So I apologize on behalf of this “ep01” calibre audio quality but try and stick with it. I believe this will lead to more episodes on the topic. Shownotes

Mar 25 2014
48 mins
Play

Rank #4: Enterprise Scale Development – Episode 023

Podcast cover
Read more

EP023 Enterprise Scale Development Originally recorded back in April We are getting caught up with all the delays that have plagued (or blessed in Max’s case) us. This is the episode where we discuss Enterprise scale development, the different positions that you might find in those circumstances and this will nicely play off the next episode. As usual Max has his large scale pants on and I try to slim him down to small or medium scale so we can get a general overview. Yes, those are fat jokes. Now that I am comfortably heavier than Max I can make those. They aren’t racist, I’m taking them back. So right. Enterprise scale development, what to expect and the roles involved. This episode speaks for itself. Literally. It’s a podcast. We talk. Out loud. And record it. For you. Shownotes

Jun 24 2014
43 mins
Play

Rank #5: Jobs in InfoSec – Episode 024

Podcast cover
Read more

EP024 Jobs in InfoSec This might be a great episode to have listened to at the start of all this podcastery. In reality we sort of dove right in at the start without trying to tempt you with the lurid promise of fat sacks of job satisfaction. This episode centers on possible jobs in InfoSec available with the science we are dropping within each and every episode. It’s definitely a starting point if you’re trying to convince your buddies to listen. I’m going to go ahead and predict available jobs in InfoSec will going to continue to be an ever growing demand until this whole internet craze dies out. Then we can finally go back to actually talking to one another in meatspace. As you all might know we are delayed by my current work schedule as I have had a change in hours. I am slowly trickling out the episodes we had recorded until Max and I are able to reconcile our time zone woes. That’s why you are only getting play-offs references now. In July. Also, Happy Canada and America days, albeit early or late. I guess, among other things, it’s the scheduling conflicts that led Max to putting this episode together. His thinking presumably was along the lines of getting me a break down of jobs in InfoSec might lead me to getting a more consistent schedule? Who am I to pretend to understand the mind of a mad man? Shownotes

Jul 03 2014
53 mins
Play

Rank #6: Once More Unto the Breach – Episode 025

Podcast cover
Read more

EP025 Once More Unto the Breach The Verizon Data Breach Investigation Report is a helpful tool for investigating, reporting, and ultimately solving problems, but just what the heck is it? I had no idea, to be honest, until this episode that breaches were even logged this well. Fortunately Max had a bit to say about this topic. Also fortunately he only had a bit to say about this topic. This could weigh in as our shortest podcast episode yet. You could say we didn’t “BREACH” the subject before… If you did however you’d be wrong the word you were looking for was broach. I’m not saying that you shouldn’t use the word breach at all… Just probably not in this context. Or do, whatever, this is a infosec podcast all about computer security, not vocabulary. I am however very disappointed with you and you might have to see me after the show for some extra tutoring. Shownotes

Jul 10 2014
27 mins
Play

Rank #7: Security on a Cellular Level – Episode 022

Podcast cover
Read more

EP022 Security on a Cellular Level This week was a topic I wanted to take a look at as it’s becoming a growing concern and there is currently no CLEAR winner from the end user perspective. We discuss security on cellular devices. Cellular security is a growing concern since a lot of the new devices have their “Always on” internet connections and become a frequent source for secure and insecure communication. Businesses both large & small with security concerns really have to take a look at these treacherous devices. Like with many of the topics we’ve discussed this really ends up being summarized as a trade-off of security to inconvenience. As cellular security really becomes more prevalent we, as professionals and enthusiasts, really need to take them seriously. Hopefully in the next couple years we’ll see multi-sim or multi-profile phones become more the norm and we might have another rise of RIM or a similar trend towards remote device management for the security professionals but for now tune in for our general review of options you can do yourself! Shownotes

Jun 09 2014
41 mins
Play

Rank #8: And BOOM goes the dynamic input – Episode 015

Podcast cover
Read more

EP015 And BOOM goes the dynamic input! We are drawing ever closer to the 20th episode spectacular! I don’t know if there will in-fact be a spectacle but at this point anything goes. This episode we explain buffer overflow on the heap and stack, format string and off by one vulnerabilities, and what to do to avoid them. It’s maybe a little heavy, maybe a little whimsical, and maybe together we can learn a little bit! Max wanted an image for NOP SLED in the title because that would be more fun than some awkward dude at the top of the post but I was all like “Noooooooooooooope(sled)!” Then I chuckled, then I died a little more inside. Shownotes

Mar 07 2014
38 mins
Play

Rank #9: Lets get active! (Directory) – Episode 026

Podcast cover
Read more

EP026 Let’s get Active! (Directory) Active directory is the topic of this week’s episode. We get a fundamentals course from Max. User accounts, settings, permissions, and more all with a real world scope from an imaginary graphic design studio? I dunno really. We had to try and humanise it. Active directory, while not the only product of its kind, is Microsoft’s offering and, as much of the business world revolves around MS, is one of the more popular solutions. You can expect to hear more about this helpful tool from these helpful tools since as Max rightly points out active directory only gets its surface scratched in this episode. Shownotes

Jul 21 2014
34 mins
Play

Rank #10: Crypto Continued – Episode 021

Podcast cover
Read more

EP021 Crypto Continued More episodes, more episodes, more episodes! We continue our discourse on cryptography with more of Alce Bob & Eve’s adventures! Or should I say MISADVENTURES! I shouldn’t. I should never say that. I apologize sincerely to you dear reader. Crypto is serious business and no place for levity. This has been an enlightening episode. Or HAS IT?! You be the judge, jury, and executioner and then the executor of the will. We’d like some feedback on this episode, Too deep? Too light? What would you like to hear? Send us an email, use the comments for this post or tweet us. We’re all over those things! Hey, just between us, I’ve been thinking of maybe revamping the page layout. What do you think about that? Would that make you feel uncomfortable? Are you so used to this layout from all the time you spend hanging out here on the site? Send an email or a tweet to let me know what your feelings are. And now, back to our regularly scheduled crypto… Shownotes

May 29 2014
29 mins
Play

Rank #11: Cryptographic Adventures of Alice, Bob and Eve – Episode 020

Podcast cover
Read more

EP020 Cryptographic Adventures of Alice, Bob, and Eve Eagle … eared listeners might have noticed we were getting out of control with our time frame references. While I really found it hilarious after a while it just kinda becomes that uncomfortable funny where no one wants to hear the joke but that one guy keeps saying it so people are just sort of laughing to be polite. This had to stop so I took a firm stance on it and decided (which admittedly I should have maybe mentioned on the site) that we weren’t going to keep on posting things out of order. This meant we were going to sit tight until the fabled episode on cryptographic practices in the form of “Cryptographic Adventures of Alice, Bob, and Eve” was finally released. I was comfortable with holding firm on this since I had done the noble thing and left all the editing for this episode on Max’s lap. I am a good friend and host! I guess unless another Heartbleed things comes along we are going to try and stick to this so that I can stop thinking I am funny and can stop doing the same stupid jokes about our shows being out of order. Which, I think is enough excuses, now let’s talk about this episode! Fubswrjudskb! My how clever of him, you are all thinking! He employed a Caesar cipher to write the topic of the podcast because they are going to discuss such things! That’s right folks! I go for the lowest hanging fruit! Anyways give Cryptographic Adventures of Alice, Bob, and Eve a listen and then leave comments on this post or email us or whatever. Just please don’t encode your comments because while we might be able to talk about it doesn’t mean we can crack it. Heck it took months just to complete the talking about it phase… Shownotes

May 13 2014
53 mins
Play

Rank #12: Preemptive Heartbleed – Episode 019

Podcast cover
Read more

EP019 Preemptive Heartbleed I know that we have maybe teased about some pending episodes (and the teasing gets a little out of hand in this episode…) but we kinda figured it made sense to preempt the episodes we have loaded up with this much more timely, much more pressing coverage of Heartbleed. We still have a line-up of recorded & unreleased content coming so don’t worry, and we are not ones to dangle the carrot only to pull the… Carrot out from under you? However hen something in the security world causes this much of a media frenzy we feel we would be doing you, our faithful listeners (Hi Mum!) a disservice without trying to get you correct, useful, and timely information. Now you can impress your friends and woo your paramour with your stunning in-depth knowledge of Heartbleed. That’s right folks this episode deals with Heartbleed bug, how it works, some of the scope and implications and then using this as a launching point we cover just how one would create a security program to handle such threats and vulnerabilities. And to think, I didn’t even know it was a word previously but now I am heart-hemorrhaging “Heartbleed” all over this post. *Special thanks to Codenomicon, for their Heartbleed logo & name. Shownotes

Apr 15 2014
39 mins
Play

Rank #13: CanSecWest Recap – Episode 018

Podcast cover
Read more

EP018 CanSecWest Recap After a triumphant visit out to Vancouver British Columbia (I really had to fight autocorrect to get my U in that spelling…) Max has returned back to a wintry East-coast house filled with leaky windows and… One man microphones. That’s right, It’s a call back to the previous EP where we were supposed to have much better quality and then… didn’t. So we recorded this episode where Max gets to recount his visit and adventures to the West-coast but mostly the bits he spent in the basement nerding out at the CanSecWest conference held March 12-14 2014 at the Sheraton Wall Centre. He grew as a human and now brings all his learning to us peons who weren’t in attendance. I guess for a conference about security that seems a little bit lax. How come he can just tell us everything he learned? Why wouldn’t he have to sign an NDA or something. HOW SECURE WAS THIS CONFERENCE?! Anyways, download, tune in, turn on, switch places, shake it all about… It’s Episode 18! CanSecWest Recap! Shownotes

Apr 08 2014
37 mins
Play

Rank #14: Credit Card Compromise – Episode 016

Podcast cover
Read more

EP016 Credit Card Compromise What started as an experimental episode (see also: Cop out) about “discussing news” ended up as a pretty interesting discussion about the state of the US banking, retail point of sales, & security failings. We had a couple of articles that all dealt with the credit card compromises brought about by the outdated and quite frankly already obsolete mag-stripe on your run of the mill credit card. So the articles discussed can all be accessed in the shownotes so head over there. I’ll also throw in a silly video that I kept thinking about during the show instead of staying on topic. It also lead to the amazing alliteration all around this article! I mentioned in the last write up that there might be something going on for the 20th episode. I didn’t have anything planned. I just had to write some kind of post for the website and was probably delirious from lack of sleep or too much sleep whichever it is I did the night before. I can hardly remember now. I shouldn’t say sleep supersedes our site’s structure but It might maybe make more mentions of spectacles happen. There might be. Quite frankly I didn’t think we’d make it to 5 so the simple fact of 20 episodes was the spectacle I was talking about. I dunno, I’ll have to talk to Max about it some-more and see if there’s actually something we can do to make it more spectacular? I am now all worn out from alliteration. I think I might need to lie down. Shownotes

Mar 14 2014
43 mins
Play

Rank #15: More Common Web Vulnerabilities – Episode 012

Podcast cover
Read more

EP012 More Common Web Vulnerabilities We journey again into the realm of continuity! This is YET ANOTHER part 2 for content and ease of consumption. This time we wrap up our common web vulnerabilities with the creatively named episode 012, More common web vulnerabilities! I know right? We spared no expense on that name. I was pushing for something about sessions, if you listen to the episode you’ll understand why. SPOILERS: We say “sessions” a lot. But it just didn’t make sense, we already set the title continuity precedence with episode 5 and we are nothing without standards. There’s some housekeeping, there’s some, I want to say banter, and there’s more – more common web vulnerabilities than you can shake a stick at! This is a well rounded episode if I do say so myself! I’m not just writing more about it because I’m procrastinating from trying to make up a clever title image. It’s actually THAT GOOD. (Image solution? COP OUT! I’d like to thank laziness, uninspired titles, and all the little people for making this happen!) Shownotes

Feb 11 2014
41 mins
Play