Yesterday, after reading a post in which I cautioned about a popular security podcast, someone asked me what cyber security podcasts I do listen to. I wrote this up a long time ago and never posted it for some reason, so now I’m correcting the oversight. Here’s my collection of the best of the best security podcasts.
These are the security podcasts I’ve been listening to for several years now and continue to recommend. Security podcasts are a good way to keep in touch with current issues, and also a good way to get continuing education.
The other day I heard a reference to the “high side vs low side” of a computer system in a podcast, and the speaker didn’t stop to clarify. Worse yet is when you hear “on the low side” or “on the high side.” I came from the private sector into government contracting myself. I wasn’t born knowing this jargon either, so I’ll explain it.
I was listening to a podcast when the talk went off on a tangent, to a utility called F.lux. Whoever was talking made it sound like it was just for one platform, so I went looking for an alternative for Windows, given that merely 90.53% of us use it. The answer was F.lux! F.lux is also available for Linux, for what it’s worth. So I downloaded it.
The concept is simple. The lighting on our screens can interfere with our sleep patterns, so F.lux adjusts the screen based on what time it is, so that it interferes less.
Buried unfortunately deep in August’s Social Engineer podcast was some outstanding advice from British TV star R. Paul Wilson, who turned scamming into prime-time BBC TV for several seasons.
Wilson, who literally has sold someone a bridge that he of course didn’t own, has lots of experience on both sides of scamming, so his experience is invaluable. I was just disappointed that we had to listen to 45 minutes of Christopher Hadnagy and David Kennedy arguing before we could hear it, so I’ll cut through the garbage.
Josh Drake, the researcher who discovered the Stagefright vulnerability in Android that lets an attacker hack into an Android device by sending a specially crafted picture or video in a text message, was on the Risky Business security podcast this week to talk about it. What he had to say was interesting.
Patrick Gray, the host, tends to be a pretty outspoken critic of Android and isn’t shy about talking up Apple. He tried to get Drake to say Android is a trainwreck, security-wise, but Drake wouldn’t say it. Drake actually went as far as to say he thinks Android and IOS are fairly close, security wise.
So why do we see so many more Android bugs? Drake had an answer.
St. Louis-based security researcher Charlie Miller and his collaborator Chris Valasek got themselves in the news this week by hacking a Jeep driven by Wired journalist Andy Greenberg on I-64.
The reaction was mixed, but one common theme was, why I-64, where lives could have been at risk, rather than an abandoned parking lot?
I don’t know Miller or Valasek, so it goes without saying I don’t speak for either one of them, but I think I have a pretty good idea why they did it that way.
I wanted to bring up another subtopic from Dr. Ellen Langer’s interview on the Social Engineer podcast: work-life integration. It’s important to consider work-life integration vs. work-life balance.
Dr. Langer stated that work-life balance is inherently unhealthy, because the idea creates a notion that you have to be one person at home and a completely different person at work. She didn’t put it this bluntly, but essentially it means living a lie at least part of the time. She did say nobody should want to live life like that.
Security researcher Chris Roberts has posted some inflammatory things about Boeing airplanes earlier this year, going as far as claiming to have once used the in-flight entertainment system, with a special cable, to send commands to one of the engines and affect the plane’s flight.
When I first heard Roberts’ assertions, my initial reaction was to ask why any security professional would continue to board a plane. Then last week Patrick Gray had the brilliant idea to talk to an Airbus pilot. After listening to the interview, I felt better.
This month’s Social Engineer podcast featured psychology professor Dr. Ellen Langer, whose specialty is mindfulness. Dr. Langer brought up a lot of important things, including the idea of work-life integration rather than the more difficult work-life balance, but another thing she briefly touched on really resonated with me. She brought up a study, originally done in the late 1970s, where a group of 80-somethings were immersed in 1959 for a week. At the end of the week, they didn’t act like 80-somethings anymore. It seems nostalgia can make you younger.
That got me thinking about the power of nostalgia.
I’ve read a few things here and there about Waze, a crowdsourced GPS that runs on smartphones, including those that run Android, Apple, and Windows. Its premise is simple: Based on how traffic is moving, it figures out the fastest way to get where you want to go. It adds intelligence to the GPS.
The trade-off, of course, is that it’s tracking you too. The data is anonymized, they promise, but it’s up to you to decide whether it’s a showstopper.