September 6th, 2018 | 44 mins 56 secs
500 mile email, android, attachments, bgp, china, cia, crypto, cryptography, cve, cvss, devops, diffy, election security, elections, email, espionage, firewall, google, isp, linux, manga, netflix, nsa, openssh, podcast, security, security keys, speck, ssh, tcp, tcp rst, usa, wireshark
We’re joined by a special guest to discuss the failures of campaign security, the disastrous consequences of a mismanaged firewall, and the suspicious case of Speck.
August 29th, 2018 | 23 mins 53 secs
advanced local procedure call, apache, cloudflare, cloudflare resolver, cve-2018-11776, dns over https, doh, mozilla, netdata, sandboxescaper, struts, sysadmin podcast, techsnap, windows 10, zero-day
To make DNS more secure, we must move it to the cloud! At least that’s what Mozilla and Google suggest. We breakdown DNS-over-HTTPS, why it requires a “cloud” component, and the advantages it has over traditional DNS.
August 16th, 2018 | 32 mins 31 secs
cabot, conpty, cpu, foreshadow, hyperthreading, inprivate, intel, l1 cache, l1 terminal fault, l1tf, meltdown, nagios, page tables, pty, sgx, sms, spectre, speculative execution, sysadmin podcast, techsnap, two factor auth, virtualization, windows, windows console
Microsoft’s making radical changes to Windows 10, and a new type of speculative execution attack on Intel’s processors is targeting cloud providers.
August 10th, 2018 | 29 mins 16 secs
buffer overflow, eric holmes, freebsd, github audit, gitrob, homebrew, linux, segmentsmack, sysadmin podcast, techsnap, trufflehog, uefi remote attack, undersea data center
Take down a Linux or FreeBSD box with just 2kpps of traffic, own Homebrew in 30 minutes, and infiltrate an entire network via the Inkjet printers.
August 2nd, 2018 | 31 mins 56 secs
bgp, cisco, duo security, netspectre, nice, s3, sms, spectre, sysadmin podcast, techsnap, telegram, two-factor authentication, verizon leak
Reddit’s Two Factor procedures fail, while Google’s prevents years of attacks. We’ll look at the different approaches, and discuss the fundamental weakness of Reddit’s approach.
August 1st, 2018 | 29 mins 15 secs
cryptoware, facebook, malware, oom, oomd, open source jobs, out-of-memory, psi, ransomeware, samsam, sysadmin podcast, techsnap
Some new tools will give you better insights into your system under extreme load, and we flash back to the days of AOL and discuss the new way social hackers are spreading malware.
July 26th, 2018 | 35 mins 8 secs
apple, bluetooth bug, broadcom, cloudfront, diffie-hellman key exchanges, domain fronting, duplicati, https, https encrypted tunnel, intel, off-site backups, qualcomm
We’ll explain what Domain Fronting is, how activists can use it to avoid censorship, and why large organizations are compelled to disable it.
July 19th, 2018 | 35 mins 54 secs
backdoor root, backup strategy, botnet, election systems & software, google cloud outage, iphone, mdm, sysadmin podcast, techsnap
Google's Cloud Platform suffers an outage, and iPhones in India get owned after a very specific attack.
July 13th, 2018 | 47 mins 44 secs
alter attack, cryptography, default ftp password, lte attack, mq-9 reaper, netgear, nighthawk r7000, post-quantum cryptography project, post-quantum resistance, quantum computing, qubits, sysadmin podcast, techsnap, timehop
Good progress is being made on post-quantum resilient computing. We’ll explain how they’re achieving it, the risks facing traditional cryptography.
July 5th, 2018 | 1 hr 35 mins
it culture, server rack death, solar, stock exchange outage, sysadmin podcast, techsnap, ups failure
Allan Jude and Wes sit-down for a special live edition of the TechSNAP program.
June 14th, 2018 | 36 mins 1 sec
building observability tools, cassandra, eager, hive, lazy fpu, linux 4.6, mantis, netflix observability, sysadmin podcast, techsnap
Netflix has learned the hard way how to utilize all the logs, we cover their lessons in their journey to build a fully observable system.
June 7th, 2018 | 44 mins 23 secs
azure ad, datacenter, drupal, drupalgeddon2, drupalgeddonm, linux filesystem forensics, orkney, routersploit, sysadmin podcast, techsnap, ticketfly, underwater data center, vpnfilter, wordpress, zip slip vulnerability
Microsoft puts a data center under the ocean, and they might be onto something. The Zip Slip vulnerability sneaks into your software, and VPNFilter turns out to be more complicated than first known.
June 1st, 2018 | 51 mins 29 secs
containerd, docker, gdpr, ghostery, git security vulnerability, google bug bounty, kubernetes, router malware, routing-protocol, signalling system 7, snoopsnitch, ss7, sysadmin podcast, techsnap, vpnfilter
We explain how the much hyped VPNFilter malware actually works, and its rather surprising sophistication.
May 23rd, 2018 | 44 mins 43 secs
ddos, dhcp flaw, electron exploit, meltdown, red hat, signal, spectre, speculative store bypass, sysadmin podcast, upnp, variant 4
We’ll explain how Speculative Store Bypass works, and the new mitigation techniques that are inbound.
May 15th, 2018 | 36 mins 47 secs
cfb gadgets, cisco webex, efail, encrypted emails, exfiltration channels, gnupg, hp-35, kubernetes, on-premises, openpgp, s/mime, sysadmin podcast
The EFail hype-train has hit hypersonic speed, we’ll tap the breaks and explain who disclosed it, what it is, what it’s not, our recommendations, and early reactions.
May 8th, 2018 | 37 mins 4 secs
ecc, freenas, gpu, iot, logitech harmony hub, rowhammer, supermicro, sysadmin podcast, techsnap, unixsurplus, zfs memory requirements
Our FreeNAS build is complete and Allan’s back to cover the final details. Plus the new GPU attack against Android phones, and a perfect example of poor IoT security.