6: Application Security & Cryptography with Scott Arciszewski
For the 6th episode of SysCast I’m joined by Scott Arciszewski. We talk about PHP, cryptography, securing online applications, cache timing attacks, his CMS called Airship and so much more. If you like security and crypto, you’ll like this episode! Shownotes Scott is @CiPHPerCoder on Twitter as well as @ParagonIE Scott works at Paragon Initiative Enterprises CMS Airship Secure Coding Rules OWASP Top 10 grsecurity You Wouldn’t Base64 a Password – Cryptography Decoded The Cryptopals Crypto Challenges Timing Attacks htshells (Self contained htaccess shells and attacks) SysCast episode on the Caddy Webserver (episode #1) libsodium (A modern and easy-to-use crypto library) All the crypto code you’ve ever written is probably broken “This JPEG is also a webpage” (view source of this site!) Feedback? Let me know via firstname.lastname@example.org or at @mattiasgeniar on Twitter. Special thanks to Jeroen Flamman (@jflamman) and HPCDude (@bengui122) for cleaning up the audio and removing most of the clicks and background noise!