Having a common framework around vulnerabilities, around threats, helps us understand the infosec landscape better. STRIDE provides an easy mnemonic. Adam Shostack has a new book, Threats: What Every Engineer Should Learn From Star Wars. that uses both Star Wars and STRIDE to help engineers under vulnerabilities and threats in software development. Adam has more than 20 years in the infosec world, and he even helped create the CVE system that we all use today.
Hacking websites is perhaps often underestimated yet is super interesting with all its potential for command injections and cross site scripting attacks. Tib3rius from White Oak Security discusses his experience as a web application security pen tester, his OSCP certification, and how he’s giving back to the community with his Twitch, Youtube, and tools he's made available on GitHub.
Holiday air travel tips from The Art of Invisibility: The World's Most Famous Hacker Teaches You How to Be Safe in the Age of Big Brother and Big Data by Kevin Mitnick and Robert Vamosi. This is a short episode until The Hacker Mind returns in the new year.
If you call someone on the other side of the world, perhaps you notice the delay in their response. For voice that’s okay, but for live music that’s disastrous. Mark Goldstein thinks he’s solved the latency problem associated with the production of live musical performances online. Having one musician in Bangalore, another in California, and yet another in New York? No problem. Except, perhaps, for finding a mutually agreeable time for them to be awake and play together.