194: My PGP Shame
Mike Burns discusses the ins and outs of application security, his comprehensive Application Security Guide, common security holes, and his personal information & security management workflow.
Audio is streamed directly from the publisher (aphid.fireside.fm) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
On this week's episode, Chris is joined by Mike Burns, developer in our New York studio, to discuss the ins and outs of application security. Mike recently added a comprehensive Application Security Guide to the thoughtbot guides, and in this chat they discuss some of the high points of the guide, some of the low points of common security holes, and some of the fantastically specific workflows and approaches Mike has for his personal information and security management.
- Mike Burns on Mastodon
- Mike Burns on the thoughtbot blog
- Application Security Guide
- YAML
- JSON
- TOML
- Bcrypt
- Scrypt
- TLS Handshake explained with paint colors
- NIST - Digital Identity Guidelines
- Clearance
- DKIM & SPF for email verification
- PGP Signing of Emails
- PGP Signing git Commits
- Facebook Stored Millions Of Passwords In Plaintext
- PhishMe (now Cofense)
- Mutt email client
- YubiKey
- Pass
- pwgen
- LastPass
- Perfect Forward Secrecy
- Tarsnap