))
A security podcast geared towards those looking to better understand security topics of the day. Hosted by Kurt Seifried and Josh Bressers covering a wide range of topics including IoT, application security, operational security, cloud, devops, and security news of the day. There is a special open source twist to the discussion often giving a unique perspective on any given topic.
…
continue reading
T
The NDS Show - An Intelligence Community Podcast covering Geospatial Intelligence, Open Source Intelligence OSINT, Human Intelligence HUMINT, Military & National Security
1
The NDS Show - An Intelligence Community Podcast covering Geospatial Intelligence, Open Source Intelligence OSINT, Human Intelligence HUMINT, Military & National Security
The NDS Show
Unlock a world of valuable insights and thought-provoking discussions related to the Intelligence Community (CIA, NSA, NGA, FBI, Military Intelligence). Join Nick, a successful entrepreneur and business leader, on his journey to discover a world of INTELLIGENCE in all facets of our lives. As an Army Veteran with expertise in geospatial Intelligence Operations, and multiple successful businesses and investments across a variety of industries, including technology, defense, real estate, crypto ...
…
continue reading
Josh and Kurt talk about the Canadian Government banning WeChat and Kaspersky. There's a lot of weird little details in this conversation. It fundamentally comes down to a conversation about risk. It's easy to spout nonsense about risk, but having an honest discussion about it is REALLY complicated. But the government plays by a very different set …
…
continue reading
Josh and Kurt talk about the new EU eIDAS regulation. This is a bill that will force web browsers to add root certificates based on law instead of technical merits, which is how it's currently done. This is concerning for a number of reasons that we discuss on the show. This proposal is not a good idea. Show Notes Mozilla site Root CA mailing list …
…
continue reading
O
Open Source Security Podcast
1
Episode 401 - Security skills shortage - We've tried nothing and the same thing keeps happening
40:09
Josh and Kurt talk about security skills shortage. We start out on the topic of cybersecurity skills and weave our way around a number of human related problems in this space. The world of tech has a lot of weird problems and there's not a lot of movement to fix many of them. Tech is weird and hard, and with the almost complete lack of regulation c…
…
continue reading
Josh and Kurt talk about a proposed Dutch proposal that would allow the intelligence services to hack victims of adversaries they are in the process of infiltrating. The purpose of this discussion isn't to focus on the Dutch specifically, but rather to discuss the larger topic of government oversight. These are all very new concepts and nobody know…
…
continue reading
Josh and Kurt talk to Daniel Stenberg about curl. Daniel is the creator of curl, we chat with him about the security of curl. Daniel tells us how curl is kept secure, we learn about some of the historical reasons curl works the way it does. We hear the story about the curl CVE situation firsthand. We also touch on the importance of curating the com…
…
continue reading
Josh and Kurt talk about Sonatype's 9th Annual State of the Software Supply Chain. There's a ton of data in the report, but the thing we want to talk about is the statistic that only 11% of open source is actually being maintained. Do we think that's true? Does it really matter? Show Notes Sonatype report ecosyste.ms GNOME libcue flaw Reality 2.0 s…
…
continue reading
Josh and Kurt talk about a curl and glibc bug. The bugs themselves aren't super interesting, but there are other conversations around the bugs that are interesting. Why don't we just rewrite everything in Rust? Why can't we just train developers to stop writing insecure code. How can AI solve this problem? It's a marvelous conversation that ends on…
…
continue reading
Josh and Kurt talk about contributor license agreements (CLAs). CLAs used to be seen as a necessary evil, but they're almost certainly bad now. We're seeing CLAs being abused, it's clear now anything controlled by a CLA won't be open source forever. Show Notes A Theory of Joint Authorship for Free and Open Source Software Projects Bruce Perens: Wha…
…
continue reading
Josh and Kurt talk about uncertainty. There are a bunch of stories in the news lately that really just boil down to uncertainty. Uncertainty is incredibly dangerous for everyone. We are afraid of uncertainty, and often don't really understand why it is. Trust is like a currency and uncertainty erodes trust faster than almost anything else. Show Not…
…
continue reading
Josh and Kurt talk about filing bugs for software. There's the old saying that anyone can file bugs and submit patches for open source, but the reality is most people can't. Filing bugs for both closed and open source is nearly impossible in many instances. Even if you want to file a bug for an open source project, there are a lot of hoops before i…
…
continue reading
Josh and Kurt talk about the weird world we live in how where we can't control a lot of our hardware. We don't really have control over most devices we interact with on a daily basis. The conversation shifts into a question of how can we decide what to trust and where. It's a very strange problem we experience now. Show Notes Boots theory MGM cyber…
…
continue reading
Josh and Kurt talk about why CVE is making the news lately. Things are not well in the CVE program, and it's not looking like anything will get fixed anytime soon. Josh and Kurt have a unique set of knowledge around CVE. There's a lot of confusion and difficulty in understanding how CVE works. Show Notes Curl blog post Now it's PostgreSQL's turn to…
…
continue reading
O
Open Source Security Podcast
Josh and Kurt talk about wordpress selling web services with a 100 year lifespan. Will WordPress still be around in 100 years? What would 100 years of disaster recovery look like? Most of us will never need to think about 100 years of disaster recovery. Show Notes WordPress is now selling 100-year domains Danish ransomware 15-Minute City The Year W…
…
continue reading
Josh and Kurt talk about a blog post that explains how C and C++ compilers prioritize performance over correctness. This is the class story of security vs usability. Security is never the primary goal. If a security requirement doesn't also enable other business goals it will fail. We also touch on the news of a Rust package containing binary files…
…
continue reading
Josh and Kurt talk about the HashiCorp license change and copyright problems in open source. This isn't the first and won't be the last time we see this, but it's very likely open source developers and communities will view any project that has a contributor license agreement as a problem moving forward. Show Notes Josh's BSidesLV talk Hacker News …
…
continue reading
Josh and Kurt ask the question what is a vulnerability, but in the framing of video games. Security loves to categorize all bugs as security vulnerabilities or not security vulnerabilities. But the reality nothing is so simple. Everything is a question of risk, not vulnerability. The discussion about video games can help us to better have this disc…
…
continue reading
Josh and Kurt talk about the difference between what we think of as traditional open source, and enterprise software projects that have an open source license. They are both technically open source, but how the projects work is very very different. Show Notes CentOS Stream PR The Most Prolific Packager For Alpine Linux Is Stepping Away…
…
continue reading
Josh and Kurt talk about a new Google proposal that would add DRM for the web. All the ad driven companies seem to be acting very strangely, there's probably a reason for this. The way ads used to pay for content is changing, but a lot of these giant companies don't know how to adapt. It's going to be very interesting times in the near future. Show…
…
continue reading
Josh and Kurt talk about insider threats, but not quite in the way one would expect. The potential for insider threats is possibly higher than usual right now, but what about open source? Are open source developers insider threats for your organization? Have you ever thought about this before? Show Notes CISA insider threats hacks4pancakes toot Don…
…
continue reading
Josh and Kurt talk about some of the efforts to measure and understand open source. There are projects like the OpenSSF Scorecard. We want to measure open source for some idea of quality. Is AI generated code better than a random open source project found on GitHub? Can we track the countries contributors are from? These are all interesting problem…
…
continue reading
Josh and Kurt talk about the notion that open source is somehow dying. What's actually happening is corporate open source is changing, which some are trying to deform into something wrong with open source. Open source is doing great, probably better than ever. Show Notes Open Source isn't sustainable anymore VORON Design Video of the first lathe Pl…
…
continue reading
T
The NDS Show - An Intelligence Community Podcast covering Geospatial Intelligence, Open Source Intelligence OSINT, Human Intelligence HUMINT, Military & National Security
1
MARSOC’s UNTOLD Origins: A Marine’s Path From Deathly Combat to Uplifting Veterans w/ Chayse Roth
1:58:28
1:58:28
Відтворити пізніше
Відтворити пізніше
Списки
Подобається
Подобається
1:58:28
Welcome to a powerful episode of The NDS Show where we host an inspiring conversation with Marine Corps Veteran and Business Owner, Chayse Roth, who is also the Chairman of the Veteran Business Collective. In this revealing episode, Chayse provides his insights into the world of a Critical Skills Operator and what sets MARSOC (Marine Corps Forces S…
…
continue reading
Josh and Kurt talk about Red Hat closing up the RHEL source code. Kurt and Josh both worked at Red Hat in the past. This isn't a show that bashes Red Hat, and it's not a show praising them. We take an honest look at the past, present, and future of Linux. There's a lot to talk about in this one. TL;DR, Red Hat was the chosen on, and we all feel bet…
…
continue reading
Josh and Kurt talk about the incredible Reddit debacle. At the center of it all is an API. What does it mean to be using an API and how does this relate itself back to our own risk. Many of us rely on APIs for countless things, and if a company decides to cut off that API somehow, it could create a mess. Show Notes Grimace's Birthday Reddit’s new A…
…
continue reading
O
Open Source Security Podcast
Josh and Kurt talk about a new program from the Sovereign Tech Fund to fund open source work. It's a great looking program with an acceptable amount of money behind the program. We also talk about a story claiming millions of perfectly good hard drives are destroyed per year. They're probably not OK at all. Show Notes Sovereign Tech Fund Challenges…
…
continue reading
Josh and Kurt talk about some new open source projects that aim to start taking back some of our privacy and rights. It's a huge hill to climb, but it seems like there is some hope. Open source doesn't care about growth, or numbers, or anything really, so it can't ever lose. Show Notes Codeberg Veilid Hawkins Cheezies Apollo's Reddit API costs…
…
continue reading
T
The NDS Show - An Intelligence Community Podcast covering Geospatial Intelligence, Open Source Intelligence OSINT, Human Intelligence HUMINT, Military & National Security
1
CIA’s DEADLY Black Ops: REVEALING the Global FALLOUT from life as a HUMINT Spy | Ric Prado
1:44:42
1:44:42
Відтворити пізніше
Відтворити пізніше
Списки
Подобається
Подобається
1:44:42
Delve deep into the clandestine world of the CIA and Black Ops with former spy and shadow warrior, Enrique "Ric" Prado. Known for volunteering for life or death espionage missions for the Central Intelligence Agency and his pivotal role in human intelligence (HUMINT) operations during the Contra Wars under Ronald Reagan and tracking Osama Bin Laden…
…
continue reading
Josh and Kurt talk about namespaces. They were a topic in the last podcast, and resulted in a much much larger discussion for us. We decided to hash out some of our thinking in an episode. This is a much harder problem than either of us expected. We don't have any great answers, but we do have a lot of questions. Show Notes Not Red Hat NPM hash pac…
…
continue reading
O
Open Source Security Podcast
Josh and Kurt talk about PyPI suspending new accounts and packages for a day, and a 60 minutes story about deepfakes. The problems are mostly the same, but for very different reasons. The world is changing faster than we can keep up, so what is a human to do? Show Notes PyPI Repository Under Attack: User Sign-Ups and Package Uploads Temporarily Hal…
…
continue reading
O
Open Source Security Podcast
Josh and Kurt talk about the Open Source Summit in Vancouver. Josh was there and we pick on two observations. Firstly that security keeps trying to use fear as a feature, except it doesn't work. Secondly we discuss AI and how people are talking about it. It is changing things, how much is yet to be seen. Show Notes SLSA FRSCA S2C2F MSI leak Intel m…
…
continue reading
T
The NDS Show - An Intelligence Community Podcast covering Geospatial Intelligence, Open Source Intelligence OSINT, Human Intelligence HUMINT, Military & National Security
1
Inside SkyFi: Disrupting Earth Observation and Satellite Imagery with CEO Luke Fischer
1:08:30
1:08:30
Відтворити пізніше
Відтворити пізніше
Списки
Подобається
Подобається
1:08:30
Welcome to our latest podcast episode where we sit down with Luke Fischer, the CEO and cofounder of SkyFi, a company revolutionizing the world of satellite imagery. We delve into the fascinating journey of SkyFi, exploring their cutting-edge earth observation application that is reshaping how we order satellite imagery, including Electro Optical, T…
…
continue reading
T
The NDS Show - An Intelligence Community Podcast covering Geospatial Intelligence, Open Source Intelligence OSINT, Human Intelligence HUMINT, Military & National Security
1
$127 BILLION Geospatial Intelligence (GEOINT) Industry: Government Contracting & Commercial SUCCESS
1:16:45
1:16:45
Відтворити пізніше
Відтворити пізніше
Списки
Подобається
Подобається
1:16:45
Welcome to another insightful episode of "The NDS Show," where we delve into the fascinating market of Geospatial Intelligence (GEOINT) including government contracting and commercial industry. We start off by introducing and explaining what GEO261 is all about and the different ways you can become involved in the GEOINT market segment. We also dis…
…
continue reading
O
Open Source Security Podcast
Josh and Kurt finish up the leftpad discussion. We spent a lot of time talking about how the market will respond to these sort of events, and the market did indeed speak; very little has changed. There is an aspect of all these security events where we need to understand the cost vs benefit just isn't there. it may never be there. Rather than whine…
…
continue reading
T
The NDS Show - An Intelligence Community Podcast covering Geospatial Intelligence, Open Source Intelligence OSINT, Human Intelligence HUMINT, Military & National Security
1
Ukraine War: EXPOSING the Russian Military using Publicly Available Information with OSINT Technical
1:18:35
1:18:35
Відтворити пізніше
Відтворити пізніше
Списки
Подобається
Подобається
1:18:35
In this episode, we continue our journey in the enthralling world of Open Source Intelligence with OSINT Technical, one of the leading twitter accounts for sharing publicly available information about the War in Ukraine. We explore the intriguing facets of the Russian & Ukranian military strategies, tactics, and philosophy. Our podcast further unco…
…
continue reading
O
Open Source Security Podcast
Josh and Kurt revisit Episode 77, which was named "npm and the supply chain" but was a discussion about the incident we all know now as "leftpad". We didn't understand what was happening at the time, but this would become an event we talk about for years to come. It's shocking how many of the things we discuss are still completely valid five years …
…
continue reading
T
The NDS Show - An Intelligence Community Podcast covering Geospatial Intelligence, Open Source Intelligence OSINT, Human Intelligence HUMINT, Military & National Security
1
Podcast Updates & Upcoming Events (Special Operations Conference & Geospatial Intelligence Symposium) + Upcoming Episodes on GEOINT, HUMINT, & OSINT
5:29
Subscribe on YouTube HERE Please Rate and Review us on Apple Podcasts! HERE Subscribe to the Newsletter Here to stay up to date! https://www.ndsshow.com/ Connect with Nick on Twitter Upcoming Episodes Geospatial Intelligence - GEOINT We'll be covering insights into the state of the GEOINT industry, a preview of the GEOINT Symposium, and the amazing…
…
continue reading
This is the second part of remastering Episode 42 which is all about the security in the Hitchhiker’s Guide to the Galaxy movie. It's a fun show and it's shocking how many of these security themes are still relevant today. Show Notes Original Episode 42 Part 1
…
continue reading
T
The NDS Show - An Intelligence Community Podcast covering Geospatial Intelligence, Open Source Intelligence OSINT, Human Intelligence HUMINT, Military & National Security
1
MASTERING Open-Source Intelligence (OSINT) Gathering and Analysis: Enter the OSINT Dragon!
1:17:58
1:17:58
Відтворити пізніше
Відтворити пізніше
Списки
Подобається
Подобається
1:17:58
Dive deep into the world of Open Source Intelligence (OSINT) and the power of publicly available information gathering and analysis. In this podcast we define and explain OSINT and how it differs from traditional intelligence methods. You'll learn how OSINT is used to track Russian spies in Sweden, troop movements in Ukraine, investigate ISIS in Sy…
…
continue reading
The podcast is on a hiatus for a little while due to some personal matters, but that creates an opportunity to remaster some fun old episodes. These shows are REALLY hard to listen to at the current quality (tools and talent has come a long way in the last few years). This is a remaster of Episode 42 which is all about the security in the Hitchhike…
…
continue reading
O
Open Source Security Podcast
Josh and Kurt talk about a blog post about pip and virtual environments. This eventually turns into a larger conversation around packaging tools and how we see incremental changes over time. The package ecosystems were what we needed a few years ago, but our needs have changed. Show Notes One Does Not Simply 'pip install' Dag Wieers RPM Webfinger G…
…
continue reading
T
The NDS Show - An Intelligence Community Podcast covering Geospatial Intelligence, Open Source Intelligence OSINT, Human Intelligence HUMINT, Military & National Security
1
Geography & GIS Education during the AI REVOLUTION & Events That Shaped Spatial Thinking FOREVER with ESRI’s Joseph Kerski, PHD
1:19:14
1:19:14
Відтворити пізніше
Відтворити пізніше
Списки
Подобається
Подобається
1:19:14
This podcast covers Geography Education with Artificial Intelligence, Critical Thinking for GIS professionals, the state of Ethics in Geography and GIS, and a deep dive into inspirational figures and events that have shaped geography and geospatial thinking forever. Dr. Joseph Kerski shares his expertise on the explosion of AI tools for GIS applica…
…
continue reading
Josh and Kurt talk about some data on the size of NPM. Josh wrote a blog post and a report about the amount of SEO spam in NPM was released. Open source is enormous, and it's mostly one person. It's hard to imagine how this all works sometimes and this lack of understanding can create challenges. Show Notes Josh's blog on the size of NPM One In Two…
…
continue reading
O
Open Source Security Podcast
Josh and Kurt talk about OpenAI having a bug in ChatGPT, then they tried to blame open source. It didn't go very well. In this episode Josh and Kurt argue a lot, maybe someday we'll know who was the least wrong. Show Notes ChatGPT Tweet ChatGPT Blog redis bug
…
continue reading
Josh and Kurt talk to Fiona Krakenbürger about the Sovereign Tech Fund. This is a fund created by Germany to fund important open source projects. Fiona has amazing insight into how this fund was created, what it's doing today to help fund open source. She discusses where we go from here and what the future will look like. The Sovereign Tech Fund is…
…
continue reading
T
The NDS Show - An Intelligence Community Podcast covering Geospatial Intelligence, Open Source Intelligence OSINT, Human Intelligence HUMINT, Military & National Security
1
The CAPTIVATING Universe of DRONES: from Military Technology to Scientific Research w/ Kerry Mapes
1:20:18
1:20:18
Відтворити пізніше
Відтворити пізніше
Списки
Подобається
Подобається
1:20:18
Drone and Unmanned Aerial Systems (UAS) Expert Kerry Mapes joins the podcast to talk about drones and their many use cases from Military Technology and warfare to Scientific Research. Nick and Kerry discuss the many applications of drone uses including engineering, geospatial science, military warfare, photography, real estate and mapping. Kerry di…
…
continue reading
Josh and Kurt talk about GitHub enforcing sanctions against an open source developer and Docker changing how their registry works. There's a lot to unpack in this one. There's a lot of happenings going on in the world of open source. We are seeing governments paying attention to open source like never before, change is coming and everything is goin…
…
continue reading
T
The NDS Show - An Intelligence Community Podcast covering Geospatial Intelligence, Open Source Intelligence OSINT, Human Intelligence HUMINT, Military & National Security
1
Fight Game Strategy & Tactics: The INTELLIGENCE of MMA with UFC Fighter Joe Solecki (Audio Only)
1:50:11
1:50:11
Відтворити пізніше
Відтворити пізніше
Списки
Подобається
Подобається
1:50:11
UFC Lightweight Fighter Joe Solecki joins THE NDS SHOW to talk about the strategy and mental fight of mixed martial arts and his current flourishing career in the Ultimate Fighting Championship. Joe tells the story of how he made it to the UFC and his experiences on Dana White’s Contender series during the COVID epidemic and his recent victories. W…
…
continue reading
T
The NDS Show - An Intelligence Community Podcast covering Geospatial Intelligence, Open Source Intelligence OSINT, Human Intelligence HUMINT, Military & National Security
1
Fight Game Strategy & Tactics: The INTELLIGENCE of MMA with UFC Fighter Joe Solecki (VIDEO)
1:50:11
1:50:11
Відтворити пізніше
Відтворити пізніше
Списки
Подобається
Подобається
1:50:11
UFC Lightweight Fighter Joe Solecki joins THE NDS SHOW to talk about the strategy and mental fight of mixed martial arts and his current flourishing career in the Ultimate Fighting Championship. Joe tells the story of how he made it to the UFC and his experiences on Dana White’s Contender series during the COVID epidemic and his recent victories. W…
…
continue reading
T
The NDS Show - An Intelligence Community Podcast covering Geospatial Intelligence, Open Source Intelligence OSINT, Human Intelligence HUMINT, Military & National Security
1
The EVOLUTION of Geospatial Intelligence (GEOINT) with Robert Clark (Video)
1:05:37
1:05:37
Відтворити пізніше
Відтворити пізніше
Списки
Подобається
Подобається
1:05:37
This is the Video version of Episode 3. Dr. Robert Clark is an author on several books for intelligence analysis, collection, and distribution. His most recent book is "Geospatial Intelligence: Origins and Evolution." In this episode Nick and Robert discuss the evolution of geospatial intelligence from the early days of remote sensing for surveilla…
…
continue reading
Josh and Kurt talk about the number of dependencies that is now normal. Keeping track of thousands of dependencies used to be impressive, now it's normal. In what instances should we know everything about our open source? The days of being able to ignore your software liability is looking like it's coming to an end. Show Notes LTT millenial pause T…
…
continue reading
