#6: Application Security & Cryptography with Scott Arciszewski
Syscast Podcast by Mattias Geniar
August 26, 20161h 5m
Audio is streamed directly from the publisher (ma.ttias.be) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
For the 6th episode of SysCast I’m joined by Scott Arciszewski.
We talk about PHP, cryptography, securing online applications, cache timing attacks, his CMS called Airship and so much more.
If you like security and crypto, you’ll like this episode!
Shownotes#
- Scott is @CiPHPerCoder on Twitter as well as @ParagonIE
- Scott works at Paragon Initiative Enterprises
- CMS Airship
- Secure Coding Rules
- OWASP Top 10
- grsecurity
- You Wouldn’t Base64 a Password – Cryptography Decoded
- The Cryptopals Crypto Challenges
- Timing Attacks
- htshells (Self contained htaccess shells and attacks)
- SysCast episode on the Caddy Webserver (episode #1)
- libsodium (A modern and easy-to-use crypto library)
- All the crypto code you’ve ever written is probably broken
- “This JPEG is also a webpage ” (view source of this site!)
Feedback? Let me know via [email protected] or at @mattiasgeniar on Twitter.
Special thanks to Jeroen Flamman (@jflamman ) and HPCDude (@bengui122 ) for cleaning up the audio and removing most of the clicks and background noise!