TechSNAP

Episode Archive

Episode Archive

240 episodes of TechSNAP since the first episode, which aired on December 4th, 2014.

  • Episode 382: Domestic Disappointments

    September 6th, 2018  |  44 mins 56 secs
    500 mile email, android, attachments, bgp, china, cia, crypto, cryptography, cve, cvss, devops, diffy, election security, elections, email, espionage, firewall, google, isp, linux, manga, netflix, nsa, openssh, podcast, security, security keys, speck, ssh, tcp, tcp rst, usa, wireshark

    We’re joined by a special guest to discuss the failures of campaign security, the disastrous consequences of a mismanaged firewall, and the suspicious case of Speck.

  •

    Episode 381: Here Comes Cloud DNS

    August 29th, 2018  |  23 mins 53 secs
    advanced local procedure call, apache, cloudflare, cloudflare resolver, cve-2018-11776, dns over https, doh, mozilla, netdata, sandboxescaper, struts, sysadmin podcast, techsnap, windows 10, zero-day

    To make DNS more secure, we must move it to the cloud! At least that’s what Mozilla and Google suggest. We breakdown DNS-over-HTTPS, why it requires a “cloud” component, and the advantages it has over traditional DNS.

  •

    Episode 380: Terminal Fault

    August 16th, 2018  |  32 mins 31 secs
    cabot, conpty, cpu, foreshadow, hyperthreading, inprivate, intel, l1 cache, l1 terminal fault, l1tf, meltdown, nagios, page tables, pty, sgx, sms, spectre, speculative execution, sysadmin podcast, techsnap, two factor auth, virtualization, windows, windows console

    Microsoft’s making radical changes to Windows 10, and a new type of speculative execution attack on Intel’s processors is targeting cloud providers.

  •

    Episode 379: SegmentSmack is Whack

    August 10th, 2018  |  29 mins 16 secs
    buffer overflow, eric holmes, freebsd, github audit, gitrob, homebrew, linux, segmentsmack, sysadmin podcast, techsnap, trufflehog, uefi remote attack, undersea data center

    Take down a Linux or FreeBSD box with just 2kpps of traffic, own Homebrew in 30 minutes, and infiltrate an entire network via the Inkjet printers.

  • Episode 378: Two-Factor Fraud

    August 2nd, 2018  |  31 mins 56 secs
    bgp, cisco, duo security, netspectre, nice, s3, sms, spectre, sysadmin podcast, techsnap, telegram, two-factor authentication, verizon leak

    Reddit’s Two Factor procedures fail, while Google’s prevents years of attacks. We’ll look at the different approaches, and discuss the fundamental weakness of Reddit’s approach.

  •

    Episode 377: Linux Under Pressure

    August 1st, 2018  |  29 mins 15 secs
    cryptoware, facebook, malware, oom, oomd, open source jobs, out-of-memory, psi, ransomeware, samsam, sysadmin podcast, techsnap

    Some new tools will give you better insights into your system under extreme load, and we flash back to the days of AOL and discuss the new way social hackers are spreading malware.

  •

    Episode 376: Google Don’t Front

    July 26th, 2018  |  35 mins 8 secs
    apple, bluetooth bug, broadcom, cloudfront, diffie-hellman key exchanges, domain fronting, duplicati, https, https encrypted tunnel, intel, off-site backups, qualcomm

    We’ll explain what Domain Fronting is, how activists can use it to avoid censorship, and why large organizations are compelled to disable it.

  •

    Episode 375: Surprise Root Access

    July 19th, 2018  |  35 mins 54 secs
    backdoor root, backup strategy, botnet, election systems & software, google cloud outage, iphone, mdm, sysadmin podcast, techsnap

    Google's Cloud Platform suffers an outage, and iPhones in India get owned after a very specific attack.

  •

    Episode 374: Quantum Resistant Encryption

    July 13th, 2018  |  47 mins 44 secs
    alter attack, cryptography, default ftp password, lte attack, mq-9 reaper, netgear, nighthawk r7000, post-quantum cryptography project, post-quantum resistance, quantum computing, qubits, sysadmin podcast, techsnap, timehop

    Good progress is being made on post-quantum resilient computing. We’ll explain how they’re achieving it, the risks facing traditional cryptography.

  •

    Episode 373: FreeBSD Already Does That

    July 5th, 2018  |  1 hr 35 mins
    it culture, server rack death, solar, stock exchange outage, sysadmin podcast, techsnap, ups failure

    Allan Jude and Wes sit-down for a special live edition of the TechSNAP program.

  •

    Episode 372: Logs and Metrics and Traces, Oh My!

    June 14th, 2018  |  36 mins 1 sec
    building observability tools, cassandra, eager, hive, lazy fpu, linux 4.6, mantis, netflix observability, sysadmin podcast, techsnap

    Netflix has learned the hard way how to utilize all the logs, we cover their lessons in their journey to build a fully observable system.

  •

    Episode 371: They Never Learn

    June 7th, 2018  |  44 mins 23 secs
    azure ad, datacenter, drupal, drupalgeddon2, drupalgeddonm, linux filesystem forensics, orkney, routersploit, sysadmin podcast, techsnap, ticketfly, underwater data center, vpnfilter, wordpress, zip slip vulnerability

    Microsoft puts a data center under the ocean, and they might be onto something. The Zip Slip vulnerability sneaks into your software, and VPNFilter turns out to be more complicated than first known.

  •

    Episode 370: Hidden in Plain Sight

    June 1st, 2018  |  51 mins 29 secs
    containerd, docker, gdpr, ghostery, git security vulnerability, google bug bounty, kubernetes, router malware, routing-protocol, signalling system 7, snoopsnitch, ss7, sysadmin podcast, techsnap, vpnfilter

    We explain how the much hyped VPNFilter malware actually works, and its rather surprising sophistication.

  •

    Episode 369: Another Pass at Bypass

    May 23rd, 2018  |  44 mins 43 secs
    ddos, dhcp flaw, electron exploit, meltdown, red hat, signal, spectre, speculative store bypass, sysadmin podcast, upnp, variant 4

    We’ll explain how Speculative Store Bypass works, and the new mitigation techniques that are inbound.

  • Episode 368: EFail Explained

    May 15th, 2018  |  36 mins 47 secs
    cfb gadgets, cisco webex, efail, encrypted emails, exfiltration channels, gnupg, hp-35, kubernetes, on-premises, openpgp, s/mime, sysadmin podcast

    The EFail hype-train has hit hypersonic speed, we’ll tap the breaks and explain who disclosed it, what it is, what it’s not, our recommendations, and early reactions.

  •

    Episode 367: FreeNAS Uber Build

    May 8th, 2018  |  37 mins 4 secs
    ecc, freenas, gpu, iot, logitech harmony hub, rowhammer, supermicro, sysadmin podcast, techsnap, unixsurplus, zfs memory requirements

    Our FreeNAS build is complete and Allan’s back to cover the final details. Plus the new GPU attack against Android phones, and a perfect example of poor IoT security.