Episode 199

Episode 199 - Special cases are special: DNS, Websockets, and CSV

Open Source Security · Open Source Security

June 1, 202029m 16s

Audio is streamed directly from the publisher (traffic.libsyn.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.

Original episode page

Show Notes

Josh and Kurt talk about a grab bag of topics. A DNS security flaw, port scanning your machine from a web browser, and CSV files running arbitrary code. All of these things end up being the result of corner cases. Letting a corner case be part of a default setup is always a mistake. Yes always, not even that one time.

Show Notes

Bind advisory
Robustness Principal
eBay port scanning localhost
OWASP CSV injection

← All episodes of Open Source Security