Digital Podcast

6: Application Security & Cryptography with Scott Arciszewski


Join Now to Share


Syscast: talking linux, open source, web development and system administration (DevOps) show

Summary: <p>For the 6th episode of SysCast I’m joined by Scott Arciszewski.</p> <p>We talk about PHP, cryptography, securing online applications, cache timing attacks, his CMS called Airship and so much more.</p> <p>If you like security and crypto, you’ll like this episode!</p> <h2>Shownotes</h2> <ul> <li>Scott is <a href="https://twitter.com/ciphpercoder">@CiPHPerCoder</a> on Twitter as well as <a href="https://twitter.com/paragonie">@ParagonIE</a> </li> <li>Scott works at <a href="https://paragonie.com/">Paragon Initiative Enterprises</a> </li> <li><a href="https://paragonie.com/project/airship">CMS Airship</a></li> <li><a href="https://cryptocoding.net/index.php/Coding_rules">Secure Coding Rules</a></li> <li><a href="https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project">OWASP Top 10</a></li> <li><a href="https://grsecurity.net/">grsecurity</a></li> <li><a href="https://paragonie.com/blog/2015/08/you-wouldnt-base64-a-password-cryptography-decoded">You Wouldn’t Base64 a Password – Cryptography Decoded</a></li> <li><a href="http://cryptopals.com/">The Cryptopals Crypto Challenges</a></li> <li><a href="https://en.wikipedia.org/wiki/Timing_attack">Timing Attacks</a></li> <li> <a href="https://github.com/wireghoul/htshells">htshells</a> (Self contained htaccess shells and attacks)</li> <li><a href="http://podcast.sysca.st/podcast/1-matt-holt-creator-caddy-webserver/">SysCast episode on the Caddy Webserver (episode #1)</a></li> <li> <a href="https://github.com/jedisct1/libsodium">libsodium</a> (A modern and easy-to-use crypto library)</li> <li><a href="https://tonyarcieri.com/all-the-crypto-code-youve-ever-written-is-probably-broken">All the crypto code you’ve ever written is probably broken</a></li> <li>“<a href="http://lcamtuf.coredump.cx/squirrel/">This JPEG is also a webpage</a>” (view source of this site!)</li> </ul> <p>Feedback? Let me know via <a href="mailto:podcast@sysca.st">podcast@sysca.st</a> or at <a href="https://twitter.com/mattiasgeniar">@mattiasgeniar</a> on Twitter.</p> <p>Special thanks to Jeroen Flamman (<a href="https://twitter.com/jflamman">@jflamman</a>) and HPCDude (<a href="https://twitter.com/bengui122">@bengui122</a>) for cleaning up the audio and removing most of the clicks and background noise!</p>