Podcasts about TLS

What are common mistakes folks are making with their Azure tenant(s)? While at the Kansas City Developers Conference, Richard chatted with Scott Sauber to run down his top ten list of issues he checks on for all his customers using Azure. From tenant ownership to naming conventions, policies, identities, and cost controls - there are a lot of things you can do to make your Azure experience more reliable, cost-effective, and efficient. Check out the links for more details on each of the potential issues!LinksAzure Service GroupsAzure Naming ConventionsAzure Naming ToolAzure Tagging StrategyAzure PolicyManaged IdentitiesDefaultAzureCredentialTLS in Azure App ServiceSSL LabsFederated Identity CredentialsBudgets and Cost AlertsAzure ReservationsAzure Savings PlanRecorded August 14, 2025

Are you panicked? Here are FACTS to help you and strategies that might benefit your thinking. Here are the links to all the sales: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠SAVE ON TRENDSPIDER - GET THE ANNUAL SUBSCRIPTION TO GET MY 4 HOUR ALGORITHM ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

DigiCert is widely recognized for its expertise in PKI and as a TLS certificate authority. As you can imagine, they have a significant perspective on the quantum computing threat to encryption and the migration to post-quantum cryptography (PQC). We cover everything from the challenges of upgrading IoT devices to ML-DSA signature sizes, as well as the new DigiCert One platform the company offers to help manage the migration process. In the middle of this episode, you'll even get a clear summary of what a successful rollout to PQC looks like. Join host Konstantinos Karagiannis for a wide-ranging chat on actionable PQC steps you can take with Kevin Hilscher from DigiCert. There's even a Quantum Safe Playground to experiment with!For more information on DigiCert, visit www.digicert.com/.   Visit the Quantum Safe Playground at https://labs.digicert.com/quantum-safe.Visit Protiviti at www.protiviti.com/US-en/technology-consulting/quantum-computing-services to learn more about how Protiviti is helping organizations get post-quantum ready.  Follow host Konstantinos Karagiannis on all socials: @KonstantHacker and follow Protiviti on LinkedIn and Twitter: @Protiviti.     Questions and comments are welcome!  Theme song by David Schwartz, copyright 2021.Visit Protiviti at www.protiviti.com/US-en/technology-consulting/quantum-computing-services  to learn more about how Protiviti is helping organizations get post-quantum ready.  Follow host Konstantinos Karagiannis on all socials: @KonstantHacker and follow Protiviti Technology on LinkedIn and X: @ProtivitiTech.             Questions and comments are welcome!  Theme song by David Schwartz, copyright 2021.  The views expressed by the participants of this program are their own and do not represent the views of, nor are they endorsed by, Protiviti Inc., The Post-Quantum World, or their respective officers, directors, employees, agents, representatives, shareholders, or subsidiaries.  None of the content should be considered investment advice, as an offer or solicitation of an offer to buy or sell, or as an endorsement of any company, security, fund, or other securities or non-securities offering. Thanks for listening to this podcast. Protiviti Inc. is an equal opportunity employer, including minorities, females, people with disabilities, and veterans.  

Cloud computing giant Amazon Web Services (AWS) has added support for the ML-KEM post-quantum key encapsulation mechanism to secure TLS connections from potential quantum threats. You can listen to all of the Quantum Minute episodes at https://QuantumMinute.com. The Quantum Minute is brought to you by Applied Quantum, a leading consultancy and solutions provider specializing in quantum computing, quantum cryptography, quantum communication, and quantum AI. Learn more at https://AppliedQuantum.com.

Spiritual researcher and Unifyd TV founder Jason Shurka   @JasonShurka26 reveals the truth about the TLS organization, The Pyramid Code, and energy-based healing technologies  in episode 211 of the Far Out with Faust podcast.In this explosive episode, Faust and Jason explore the covert operations of TLS — a spiritually driven organization working to neutralize global darkness. Jason shares psychic downloads, miraculous healings, and a chilling firsthand account of the aftermath of a deadly ambush. From ancient architecture to suppressed energy tech, this conversation connects elite agendas, consciousness manipulation, and the awakening of humanity through energy, frequency, and vibration.In this episode:

Jennifer is a single mom of two children who all fled for their lives on January 7th. Along with her parents, sister and their families, who all lived together in Altadena, they lost home. Jennifer talks with Rabbi Joshua about her life pre-fire and what has happened since that harrowing night. Jennifer and her kids, after 7 months of moving around from motels to airbnbs, are now settled in a new apartment in Pasadena, the first people in Friends In Deed's new time limited subsidy program (TLS), which offers families up to 12 months rent to help them get back on their feet, along with case management and ongoing support. We are grateful to Jennifer for sharing her story with us. Closing music: Eric Claptonhttps://friendsindeedpas.org

Das Domain Name System - kurz DNS - ist einer der Grundpfeiler des modernen Internet. Umso wichtiger, dass es zuverlässige und unfälschbare Informationen liefert. Dabei hilft DNSSEC - die DNS Security Extensions. Was das ist, was es kann, wie man es aktiviert und was man davon hat, erklärt den Hosts in dieser Folge ein Gast: DNSSEC-Experte Peter Thomassen arbeitet seit Jahren an vorderster Front bei verschiedenen Gremien mit und entwickelt die Sicherhetismerkmale von DNS weiter. Er kümmert sich besonders um Automatisierung - ein Thema, bei dem DNSSEC anderen großen Ökosystemen wie dem CA-Kosmos noch hinterherhinkt. - https://desec.io/ - Malware in TXT Records: https://arstechnica.com/security/2025/07/hackers-exploit-a-blind-spot-by-hiding-malware-inside-dns-records/ - Post-Quantum DNSSEC Testbed & Feldstudie: https://pq-dnssec.dedyn.io/ - DS-Automatisierung: RFC 7344, 8078, 9615 - IETF-Draft: "Dry run DNSSEC" - ICANN SSAC Report zu DS-Automatisierung (SAC126): https://itp.cdn.icann.org/en/files/security-and-stability-advisory-committee-ssac-reports/sac-126-16-08-2024-en.pdf - Automatisierungs-Guidelines für Registrierungsstellen (Entwurf): https://datatracker.ietf.org/doc/draft-shetho-dnsop-ds-automation/ - Folgt uns im Fediverse: @christopherkunz@chaos.social @syt@social.heise.de Mitglieder unserer Security Community auf heise security PRO hören alle Folgen bereits zwei Tage früher. Mehr Infos: https://pro.heise.de/passwort

Natalie is joined by Professors Islam Issa and Edith Hall to tell the story of the great library of Alexandria. It was included in Alexander the Great's original design for his city, located in the Nile Delta. Alexandria was to be a city of knowledge. The founders of the library were ambitious: they wanted nothing less than to collect all the books in the world. They were willing to pay huge sums, but they were also ruthless and unscrupulous. The Ptolemies would write to fellow rulers and wealthy friends and ask to borrow their priceless texts. Then the library would copy the scrolls, and return the copies. Or alternatively they'd just steal them. Handily, papyrus, the principal reading material of the era, grew in great abundance around Alexandria. So there was plenty of it for those copies. Less fortunately, it's extremely flammable. So in 48 BCE, when Julius Caesar's besieged army set fire to ships in the harbour in order to block the invading fleet, the fire spread and destroyed a significant part of the library.'Rockstar mythologist' Natalie Haynes is the best-selling author of 'Divine Might', 'Stone Blind', and 'A Thousand Ships' as well as a reformed comedian who is a little bit obsessive about Ancient Greek and Rome.Islam Issa is Professor of Literature and History at Birmingham City University. His book 'Alexandria, the City that Changed the World' is the Winner of the Runciman Award and The Times, Sunday Times, TLS, Booklist, Epoch Times and Waterstones Book of the Year.Edith Hall is Professor of Classics at Durham University, specialising in ancient Greek literature. She has written over thirty books and is a Fellow of the British Academy.Producer...Mary Ward-Lowery

The ASX 200 drifted 28 points lower to 8709 (-0.3%) as Michele Bullock's lunch time speech partly dashed rate cut hopes for August. Banks flat with CBA unchanged and the Big Bank Basket at $274.86 (+0.2%). MQG had a nasty day as its AGM saw selling down 5.1% as the CFO retired and earnings softened. Other financials also under a little pressure, CGF down 2.9% and QBE off 1.2%. ZIP had a good day up 4.7%. REITs slid on higher rates, GMG down 0.8% and GPT off 1.2%. Industrials pretty flat too. Tech eased back, XRO down 1.2% and TNE off 2.3%. CPU dropped 3.3% with BXB falling 1.5%. TLS also slipping away with healthcare stocks remaining firm, CSL up 1.5% again.Resources mixed, LYC up 5.0% on a JV as MIN gained 4.7% on lithium buying and LTR turned from early losses to close up 3.2%. FMG production numbers were solid, pulling out of hydrogen also a positive up 4.3%. Gold miners lid, NST down 2.4% and EVN off 2.7%. Uranium mixed, BOE fell 6.4% on resignation of CEO, PDN recovered slightly. Coal saw sellers back.In corporate news, BAP was punished for a triple whammy of director resignations, bad debts and earnings downgrade, finishing down 28.4%. DRO fell 5.9% after another order win, CMM off 3.4% as it bid for WA8. In economic news, Bullock's speech trimmed rate cut hopes. Asian markets solid. Japan up 1.9% on trade deal relief. HK up 0.4%. China up 0.4%. 10-year yields up to 4.37%. US futures mixed.Want to invest with Marcus Today? The Managed Strategy Portfolio is designed for investors seeking exposure to our strategy while we do the hard work for you. If you're looking for personal financial advice, our friends at Clime Investment Management can help. Their team of licensed advisers operates across most states, offering tailored financial planning services.  Why not sign up for a free trial? Gain access to expert insights, research, and analysis to become a better investor.

Natalie is joined by Professors Islam Issa and Edith Hall to tell the story of the ancient city of Alexandria. Located on the Nile Delta, this spectacular and highly innovative city was founded by Alexander the Great around two and half thousand years ago. And like all great ideas, it came to him in a dream.'Rockstar mythologist' Natalie Haynes is the best-selling author of 'Divine Might', 'Stone Blind', and 'A Thousand Ships' as well as a reformed comedian who is a little bit obsessive about Ancient Greek and Rome. Islam Issa is Professor of Literature and History at Birmingham City University. His book 'Alexandria, the City that Changed the World' is the Winner of the Runciman Award and The Times, Sunday Times, TLS, Booklist, Epoch Times and Waterstones Book of the Year.Edith Hall is Professor of Classics at Durham University, specialising in ancient Greek literature. She has written over thirty books and is a Fellow of the British Academy.Producer...Mary Ward-Lowery

In this episode, we explore Azure Bastion, Microsoft's fully managed Platform-as-a-Service (PaaS) solution designed to provide secure Remote Desktop Protocol (RDP) and Secure Shell Protocol (SSH) access to Azure virtual machines (VMs). This Q&A-style episode dives deep into how Azure Bastion strengthens cloud security by eliminating the need for public IP addresses on VMs, reducing exposure to external threats like port scanning or protocol exploits. Alan poses critical questions about Azure Bastion's functionality, architecture, deployment options, and integration with Azure's security ecosystem, while our consultant delivers actionable insights tailored for IT administrators, security professionals, and cloud architects. We cover: Core Functionality: How Azure Bastion enables secure, clientless RDP/SSH access via the Azure portal or native clients, protecting VMs by removing public IP dependencies. Architecture Breakdown: The role of the dedicated AzureBastionSubnet, private IP connectivity, and TLS-based sessions, including support for zonal deployments for high availability. SKU Options: A detailed look at Developer, Basic, Standard, and Premium SKUs, highlighting features like session recording, Private Link integration, and host scaling for different organizational needs. Security Integrations: How Azure Bastion works with Microsoft Defender for Cloud, Microsoft Entra ID (with MFA and conditional access), Azure Private Link, and Azure Monitor to enforce Zero Trust principles and ensure compliance. Real-World Use Cases: Practical scenarios, such as secure admin access for global teams, compliance for regulated industries (e.g., healthcare, finance), and streamlined dev/test environments, with examples like Metinvest's global VM management. Best Practices: Tips for deployment (e.g., subnet sizing, VNet peering), security (e.g., MFA, NSG configuration), monitoring (e.g., Azure Monitor logs), and cost management (e.g., SKU selection, scaling strategies). Limitations and Considerations: Key factors like SKU constraints, regional availability for zonal deployments, performance considerations, and cost implications, with guidance on mitigating challenges. What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

In this episode, Anna Rose and Nico Mohnblatt speak with Dan and Sinu from TLSNotary to trace the project's journey from early Bitcoin forum ideas to its current role as a foundational protocol maintained by PSE. Dan recounts the origins of TLSNotary as a tool for cryptographically proving web data, while Sinu explains how the project was revived to provide modern TLS attestation. The conversation covers the use-cases for verifiable web proofs, the different modes these interactive protocols can take, and the broader impact of this technology on leveraging siloed user data. Related links: Episode 325: Web Proofs with Tracy from Pluto Episode 354: The Founding of Zero Knowledge Systems with Austin Hill Episode 362: zkTLS with Maddy from Reclaim 2013 Blog Post ‘tlsnotary - cryptographic proof of fiat transfer for p2p exchanges' TLSNotary Whitepaper DECO: Liberating Web Data Using Decentralized Oracles for TLS Primus Labs (Previously PADO) Town Crier: An Authenticated Data Feed for Smart Contracts Check out the latest jobs in ZK at the ZK Podcast Jobs Board.  **If you like what we do:** * Find all our links here! @ZeroKnowledge | Linktree * Subscribe to our podcast newsletter * Follow us on Twitter @zeroknowledgefm * Join us on Telegram * Catch us on YouTube **Support the show:** *

The ASX 200 fell 69 points to 8562 after a record yesterday. Banks were weak on proposed RBA charges changes, CBA off % with the Big Bank Basket down to $279.26 (-1.5%) NAB under extra pressure on CEO issues, down 3.4%. Financials generally eased back, MQG off 0.8% and insurers down, QBE off 1.0%. REITs too under pressure with GMG down 0.2% and SCG falling 0.5%. Healthcare mixed, CSL fell 1.3% on US tariff issues on pharmas, PME up 1.7% and FPH slightly firmer. Industrials mostly lower, TCL off 0.7%, ALL down 1.7% and WOW and COL easing back as did TLS. Utilities pulled back as ORG fell 1.1% and AGL down 0.8%. Tech gained, WTC up 0.6%.In resources, it was all about rare and critical metals. News of Apple's investment rocked the sector to the core, with good gains across the board. ILU rose 4.3% with LYC flat, even ARU rose 4.9% with MEI up 14.3%. Gold miners fell on NEM news, quarterlies doing nothing to help on profit taking after rises yesterday. NST falling 2.2% EVN down 2.3% on quarterly and WAF down 3.4%. Lithium stocks held up relatively well. BHP down 0.7% despite iron ore hitting $100 in Singapore. Uranium stocks up again, PDN up 3.3% and BOE up 3.3%. Oil and gas flat.In corporate news, LLC fell 1.7% on a luxury development news. RIO up 0.2% on quarterly and CEO change.Want to invest with Marcus Today? The Managed Strategy Portfolio is designed for investors seeking exposure to our strategy while we do the hard work for you. If you're looking for personal financial advice, our friends at Clime Investment Management can help. Their team of licensed advisers operates across most states, offering tailored financial planning services.  Why not sign up for a free trial? Gain access to expert insights, research, and analysis to become a better investor.

Microsoft Patch Tuesday, July 2025 Today, Microsoft released patches for 130 Microsoft vulnerabilities and 9 additional vulnerabilities not part of Microsoft's portfolio but distributed by Microsoft. 14 of these are rated critical. Only one of the vulnerabilities was disclosed before being patched, and none of the vulnerabilities have so far been exploited. https://isc.sans.edu/diary/Microsoft%20Patch%20Tuesday%2C%20July%202025/32088 Opposum Attack If a TLS server is configured to allow switching from HTTP to HTTPS on a specific port, an attacker may be able to inject a request into the data stream. https://opossum-attack.com/ Ivanti Security Updates Ivanty fixed vulnerabilities in Ivanty Connect Secure, EPMM, and EPM. In particular the password decryption vulnerabliity may be interesting. https://www.ivanti.com/blog/july-security-update-2025

Is security an afterthought in your Flutter projects? In a world where a single breach can cost millions and destroy user trust, every developer needs a solid foundation in security.In this episode of Flying High with Flutter, Allen Wyma sits down with seasoned software developer, trainer, and acclaimed author Laurențiu Spilcă to demystify application security. While Laurențiu's background is deep in the Java/Spring world, the principles he shares are universal and essential for any developer building modern applications.We dive deep into the "why" and "how" of securing your apps, from the initial authentication flow to the communication between your backend services.Timecodes:00:00 - Meet Laurențiu Spilcă & Why Security Can't Be an Afterthought06:16 - The Role of a CISO and Preventing Disasters like the log4j Vulnerability14:09 - The Future is Passwordless30:41 - Understanding OAuth2, OpenID Connect, and Why PKCE is CRITICAL for Mobile Apps41:45 - What is TLS? Why Your App Needs More Than Just HTTPS52:03 - Mutual TLS (mTLS): Securing Communication Between Your MicroservicesGET THE BOOK!

Interesting ssh/telnet usernames Some interesting usernames observed in our honeypots https://isc.sans.edu/diary/A%20few%20interesting%20and%20notable%20ssh%20telnet%20usernames/32080 More sudo trouble The host option in Sudo can be exploited to execute commands on unauthorized hosts. https://www.stratascale.com/vulnerability-alert-CVE-2025-32462-sudo-host CitrixBleed2 PoC Posted (CVE-2025-5777) WatchTwer published additional details about the recently patched CitrixBleed vulnerability, including a PoC exploit. https://labs.watchtowr.com/how-much-more-must-we-bleed-citrix-netscaler-memory-disclosure-citrixbleed-2-cve-2025-5777/ Instagram Using Six Day Certificates Instagram changes their TLS certificates daily and they use certificates that are just about to expire in a week. https://hereket.com/posts/instagram-single-day-certificates/

Vibes, vibes, vibes, what else can we say? Oaks & Jabs bringing the boom and the bap both banging and smooth like thaaaat….. Some classic feels and lush beats. Come along and ride on the fantastic voyage. Playlist: SPOILER ALERTT GOD DID by MARTY The Commission by Phillip Anthony & iNTELLECT ft. Anwar Stanton & DJ Radiohead Prevail by Phathom ft. T.Coda, Journalist & Truth InRhyme JALEN BRUNSON by YP aka Young Paul & ATTAM ft. DJ Mykael V No Laughing Matter by Paradox & Leo Low Pass ft. Illogic & DJ JabbaThaKut My Dependency by Thee Alumni (Kaboose & m1L) ft. Damarcus Wilkins R A I N . C H E C K by REFVGE (Bianca Silver, WAY?, Cyfe II, Josh Lecroy) Take the Train by TLS, Mic Wise & GB Don't Mind Me by Propaganda & Shad THE LIONS DEN by Soulo The Prince ft. Da Commissioner, Orion TheArtist & Anewmefr HPSKTD ONE by Alert312 & eB83 Save Me by Prodi Da Prodigal ft. Alcott This Feeling by J.Solo ft. Joseph SD & HIS Hypeman Stract GG FREESTYLE by Social Club Misfits Already Won by C4 Crotona, Datin & Reece Lache' Vote on the playlist at www.definitionradio.com/show/956 Leave your requests/shout-outs on our socials www.facebook.com/DefinitionRadio www.instagram.com/DefinitionHH www.twitter.com/DefinitionHH www.krosswerdz.com

In this episode, Mandy Logan, Summer Craze Fowler, Jason Albuquerque, and Jeff Pollard of Forrester discuss the challenges and strategies for CISOs in navigating volatility in the security landscape. They emphasize the importance of building relationships within the organization, particularly with the CFO, to manage budgets effectively. The conversation also covers the significance of communicating security needs in terms of compliance and customer requirements, maximizing budget through flex spending, and the role of automation and AI in enhancing security operations. Additionally, they highlight the need for effective data management to reduce costs and improve efficiency. In pre-recorded interviews from RSAC, learn the following! With the power of zero trust and AI, Zscaler help organizations strengthen and automate IT and security, reduce costs, and minimize complexity. Zscaler helps reduce the attack surface, block threats via full TLS inspection, and eliminate lateral threat movement. This segment is sponsored by Zscaler. Visit https://securityweekly.com/zscalerrsac to learn more about them! The modern workspace, increasingly reliant on cloud-based applications, browser-first access, and AI integration, faces significant security challenges that outpace the capabilities of traditional tools. Legacy solutions, including VPNs and even early ZTNA implementations, are proving vulnerable to sophisticated attacks leading to data breaches and operational disruptions. The fundamental shift in how we work demands a new approach, one that closes the gaps left by the platform approach. We need the ability to 'trust nothing and click on anything with zero risk.' We need to take zero trust beyond the network that we operate and control. Future of Browser Security Webinar with Google: https://www.menlosecurity.com/resources/2025-prediction-the-future-of-browser-security-lessons-from-the-pioneers Browser security report: https://www.menlosecurity.com/resources/state-of-browser-security-report Global Cyber Gangs report: https://www.menlosecurity.com/resources/global-cyber-gangs-supported-and-sheltered-by-state-sponsors-and-getting-smarter-every-day-report Everywhere Access White Paper: https://www.menlosecurity.com/resources/everywhere-access-the-zero-trust-revolution-for-hybrid-work-white-paper This segment is sponsored by Menlo Security. Visit https://securityweekly.com/menlorsac to learn more about them! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-401

Send us a textThe invisible threads connecting Kubernetes and networking infrastructure form the backbone of today's cloud-native world. In this revealing conversation with Marino Wijay from Kong, we unravel the complex relationship between traditional networking concepts and modern container orchestration.Marino brings a unique perspective as someone who entered the Kubernetes ecosystem through networking, explaining how fundamental networking principles directly translate to Kubernetes operations. "If you don't have a network, there is no Kubernetes," he emphasizes, highlighting how reachability between nodes forms the foundation of cluster communication.The network evolution within Kubernetes proves fascinating – from the early "black box" approach where connectivity was implicit to the sophisticated Container Network Interfaces (CNIs) like Cilium that offer granular control. Network engineers approaching Kubernetes for the first time might feel overwhelmed, but as we discover, concepts like DHCP with DNS registration, NAT, and load balancing all have direct parallels within the Kubernetes networking model.Our discussion ventures into the practical challenges organizations face when implementing service mesh technologies. While offering powerful capabilities for secure pod-to-pod communication through mutual TLS, service mesh introduces significant complexity. Marino shares insights on when this investment makes sense for enterprises versus smaller organizations with more controlled environments.The conversation takes an especially interesting turn when exploring how AI workloads are transforming Kubernetes networking requirements. From GPU-enabled clusters to specialized traffic patterns and the concept of Dynamic Resource Allocation as "QoS for AI," we examine how these resource-intensive applications are pushing the boundaries of what's possible.Whether you're a network engineer curious about containers or a Kubernetes administrator looking to deepen your networking knowledge, this episode bridges crucial gaps between these interconnected worlds. Subscribe to Cables to Clouds for more insights at the intersection of networking and cloud technologies!https://www.linkedin.com/in/mwijay/Purchase Chris and Tim's new book on AWS Cloud Networking: https://www.amazon.com/Certified-Advanced-Networking-Certification-certification/dp/1835080839/ Check out the Fortnightly Cloud Networking Newshttps://docs.google.com/document/d/1fkBWCGwXDUX9OfZ9_MvSVup8tJJzJeqrauaE6VPT2b0/Visit our website and subscribe: https://www.cables2clouds.com/Follow us on BlueSky: https://bsky.app/profile/cables2clouds.comFollow us on YouTube: https://www.youtube.com/@cables2clouds/Follow us on TikTok: https://www.tiktok.com/@cables2cloudsMerch Store: https://store.cables2clouds.com/Join the Discord Study group: https://artofneteng.com/iaatj

In this episode, Mandy Logan, Summer Craze Fowler, Jason Albuquerque, and Jeff Pollard of Forrester discuss the challenges and strategies for CISOs in navigating volatility in the security landscape. They emphasize the importance of building relationships within the organization, particularly with the CFO, to manage budgets effectively. The conversation also covers the significance of communicating security needs in terms of compliance and customer requirements, maximizing budget through flex spending, and the role of automation and AI in enhancing security operations. Additionally, they highlight the need for effective data management to reduce costs and improve efficiency. In pre-recorded interviews from RSAC, learn the following! With the power of zero trust and AI, Zscaler help organizations strengthen and automate IT and security, reduce costs, and minimize complexity. Zscaler helps reduce the attack surface, block threats via full TLS inspection, and eliminate lateral threat movement. This segment is sponsored by Zscaler. Visit https://securityweekly.com/zscalerrsac to learn more about them! The modern workspace, increasingly reliant on cloud-based applications, browser-first access, and AI integration, faces significant security challenges that outpace the capabilities of traditional tools. Legacy solutions, including VPNs and even early ZTNA implementations, are proving vulnerable to sophisticated attacks leading to data breaches and operational disruptions. The fundamental shift in how we work demands a new approach, one that closes the gaps left by the platform approach. We need the ability to 'trust nothing and click on anything with zero risk.' We need to take zero trust beyond the network that we operate and control. Future of Browser Security Webinar with Google: https://www.menlosecurity.com/resources/2025-prediction-the-future-of-browser-security-lessons-from-the-pioneers Browser security report: https://www.menlosecurity.com/resources/state-of-browser-security-report Global Cyber Gangs report: https://www.menlosecurity.com/resources/global-cyber-gangs-supported-and-sheltered-by-state-sponsors-and-getting-smarter-every-day-report Everywhere Access White Paper: https://www.menlosecurity.com/resources/everywhere-access-the-zero-trust-revolution-for-hybrid-work-white-paper This segment is sponsored by Menlo Security. Visit https://securityweekly.com/menlorsac to learn more about them! Show Notes: https://securityweekly.com/bsw-401

In this episode, Mandy Logan, Summer Craze Fowler, Jason Albuquerque, and Jeff Pollard of Forrester discuss the challenges and strategies for CISOs in navigating volatility in the security landscape. They emphasize the importance of building relationships within the organization, particularly with the CFO, to manage budgets effectively. The conversation also covers the significance of communicating security needs in terms of compliance and customer requirements, maximizing budget through flex spending, and the role of automation and AI in enhancing security operations. Additionally, they highlight the need for effective data management to reduce costs and improve efficiency. In pre-recorded interviews from RSAC, learn the following! With the power of zero trust and AI, Zscaler help organizations strengthen and automate IT and security, reduce costs, and minimize complexity. Zscaler helps reduce the attack surface, block threats via full TLS inspection, and eliminate lateral threat movement. This segment is sponsored by Zscaler. Visit https://securityweekly.com/zscalerrsac to learn more about them! The modern workspace, increasingly reliant on cloud-based applications, browser-first access, and AI integration, faces significant security challenges that outpace the capabilities of traditional tools. Legacy solutions, including VPNs and even early ZTNA implementations, are proving vulnerable to sophisticated attacks leading to data breaches and operational disruptions. The fundamental shift in how we work demands a new approach, one that closes the gaps left by the platform approach. We need the ability to 'trust nothing and click on anything with zero risk.' We need to take zero trust beyond the network that we operate and control. Future of Browser Security Webinar with Google: https://www.menlosecurity.com/resources/2025-prediction-the-future-of-browser-security-lessons-from-the-pioneers Browser security report: https://www.menlosecurity.com/resources/state-of-browser-security-report Global Cyber Gangs report: https://www.menlosecurity.com/resources/global-cyber-gangs-supported-and-sheltered-by-state-sponsors-and-getting-smarter-every-day-report Everywhere Access White Paper: https://www.menlosecurity.com/resources/everywhere-access-the-zero-trust-revolution-for-hybrid-work-white-paper This segment is sponsored by Menlo Security. Visit https://securityweekly.com/menlorsac to learn more about them! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-401

In this episode, Mandy Logan, Summer Craze Fowler, Jason Albuquerque, and Jeff Pollard of Forrester discuss the challenges and strategies for CISOs in navigating volatility in the security landscape. They emphasize the importance of building relationships within the organization, particularly with the CFO, to manage budgets effectively. The conversation also covers the significance of communicating security needs in terms of compliance and customer requirements, maximizing budget through flex spending, and the role of automation and AI in enhancing security operations. Additionally, they highlight the need for effective data management to reduce costs and improve efficiency. In pre-recorded interviews from RSAC, learn the following! With the power of zero trust and AI, Zscaler help organizations strengthen and automate IT and security, reduce costs, and minimize complexity. Zscaler helps reduce the attack surface, block threats via full TLS inspection, and eliminate lateral threat movement. This segment is sponsored by Zscaler. Visit https://securityweekly.com/zscalerrsac to learn more about them! The modern workspace, increasingly reliant on cloud-based applications, browser-first access, and AI integration, faces significant security challenges that outpace the capabilities of traditional tools. Legacy solutions, including VPNs and even early ZTNA implementations, are proving vulnerable to sophisticated attacks leading to data breaches and operational disruptions. The fundamental shift in how we work demands a new approach, one that closes the gaps left by the platform approach. We need the ability to 'trust nothing and click on anything with zero risk.' We need to take zero trust beyond the network that we operate and control. Future of Browser Security Webinar with Google: https://www.menlosecurity.com/resources/2025-prediction-the-future-of-browser-security-lessons-from-the-pioneers Browser security report: https://www.menlosecurity.com/resources/state-of-browser-security-report Global Cyber Gangs report: https://www.menlosecurity.com/resources/global-cyber-gangs-supported-and-sheltered-by-state-sponsors-and-getting-smarter-every-day-report Everywhere Access White Paper: https://www.menlosecurity.com/resources/everywhere-access-the-zero-trust-revolution-for-hybrid-work-white-paper This segment is sponsored by Menlo Security. Visit https://securityweekly.com/menlorsac to learn more about them! Show Notes: https://securityweekly.com/bsw-401

This week, what TLS contributors are reading this summer; and Catherine Taylor on a trio of novels highlighting the growing pains of adolescence.'Back in the Day', by Oliver Lovrenski, translated by Nichola Smalley'Fun and Games', by John Patrick McHugh'Girl, 1983', by Linn Ullmann, translated by Martin AitkenProduced by Charlotte Pardy Hosted on Acast. See acast.com/privacy for more information.

Fundamentals of Operating Systems Course https://oscourse.winktls is brilliant.TLS encryption/decryption often happens in userland. While TCP lives in the kernel. With ktls, userland can hand the keys to the kernel and the kernel does crypto. When calling write, the kernel encrypts the packet and send it to the NIC.When calling read, the kernel decrypts the packet and handed it to the userspace. This mode still taxes the host's CPU of course, so there is another mode where the kernel offloads the crypto to the NIC device! Host CPU becomes free. Incoming packets to the NIC are decrypted in device before they are DMAed to the kernel. outgoing packets are encrypted before they leave the NIC to the network.ktls still need handshake to happen in userspace. There is also enabling zerocopy in some cases (now that kernel has context) Deserves a video. So much good stuff.0:00 Intro2:00 Userspace SSL Libraries 3:00 ktls 6:00 Kernel Encrypts/Decrypts (TLS_SW)8:20 NIC offload mode (TLS_HW)10:15 NIC does it all (TLS_HW_RECORD)12:00 Write TX Example13:50 Read RX Example17:00 Zero copy (sendfile)https://docs.kernel.org/networking/tls-offload.html

This week, a special podcast from the Hay Festival ranges from the ancient world to the 16th-century, taking in the art of criticism, the centrality of religion and eco-catastrophe. With Stephanie Merritt, Edith Hall, Toby Lichtig and a guest appearance from TLS crossword compiler Praxiteles.'Traitor's Legacy', by SJ Parris'Epic of the Earth: Reading Homer's "Iliad" in the Fight for a Dying World', by Edith HallProduced by Charlotte Pardy Hosted on Acast. See acast.com/privacy for more information.

What the status of Encrypted Client Hello (ECH)? What radio technology would be best for remote inverter shutdown? Some DNS providers already block newly listed domains. Knowing when not to click a link can take true understanding. Why can losing a small portion of a power grid bring the rest down? Where are we in the "AI Hype Cycle" and is this the first? Speaking of hype: An AI system resorted to blackmail? Why are we so quick to imbue AI with awareness? ChatGPT's latest o3 model ignored the order to shutdown. Copilot may not be making Windows core code any better. Venice.AI is an unfiltered and unrestrained LLM Show Notes - https://www.grc.com/sn/SN-1027-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: outsystems.com/twit threatlocker.com for Security Now canary.tools/twit - use code: TWIT hoxhunt.com/securitynow 1password.com/securitynow

What the status of Encrypted Client Hello (ECH)? What radio technology would be best for remote inverter shutdown? Some DNS providers already block newly listed domains. Knowing when not to click a link can take true understanding. Why can losing a small portion of a power grid bring the rest down? Where are we in the "AI Hype Cycle" and is this the first? Speaking of hype: An AI system resorted to blackmail? Why are we so quick to imbue AI with awareness? ChatGPT's latest o3 model ignored the order to shutdown. Copilot may not be making Windows core code any better. Venice.AI is an unfiltered and unrestrained LLM Show Notes - https://www.grc.com/sn/SN-1027-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: outsystems.com/twit threatlocker.com for Security Now canary.tools/twit - use code: TWIT hoxhunt.com/securitynow 1password.com/securitynow

What the status of Encrypted Client Hello (ECH)? What radio technology would be best for remote inverter shutdown? Some DNS providers already block newly listed domains. Knowing when not to click a link can take true understanding. Why can losing a small portion of a power grid bring the rest down? Where are we in the "AI Hype Cycle" and is this the first? Speaking of hype: An AI system resorted to blackmail? Why are we so quick to imbue AI with awareness? ChatGPT's latest o3 model ignored the order to shutdown. Copilot may not be making Windows core code any better. Venice.AI is an unfiltered and unrestrained LLM Show Notes - https://www.grc.com/sn/SN-1027-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: outsystems.com/twit threatlocker.com for Security Now canary.tools/twit - use code: TWIT hoxhunt.com/securitynow 1password.com/securitynow

What the status of Encrypted Client Hello (ECH)? What radio technology would be best for remote inverter shutdown? Some DNS providers already block newly listed domains. Knowing when not to click a link can take true understanding. Why can losing a small portion of a power grid bring the rest down? Where are we in the "AI Hype Cycle" and is this the first? Speaking of hype: An AI system resorted to blackmail? Why are we so quick to imbue AI with awareness? ChatGPT's latest o3 model ignored the order to shutdown. Copilot may not be making Windows core code any better. Venice.AI is an unfiltered and unrestrained LLM Show Notes - https://www.grc.com/sn/SN-1027-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: outsystems.com/twit threatlocker.com for Security Now canary.tools/twit - use code: TWIT hoxhunt.com/securitynow 1password.com/securitynow

What the status of Encrypted Client Hello (ECH)? What radio technology would be best for remote inverter shutdown? Some DNS providers already block newly listed domains. Knowing when not to click a link can take true understanding. Why can losing a small portion of a power grid bring the rest down? Where are we in the "AI Hype Cycle" and is this the first? Speaking of hype: An AI system resorted to blackmail? Why are we so quick to imbue AI with awareness? ChatGPT's latest o3 model ignored the order to shutdown. Copilot may not be making Windows core code any better. Venice.AI is an unfiltered and unrestrained LLM Show Notes - https://www.grc.com/sn/SN-1027-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: outsystems.com/twit threatlocker.com for Security Now canary.tools/twit - use code: TWIT hoxhunt.com/securitynow 1password.com/securitynow

What the status of Encrypted Client Hello (ECH)? What radio technology would be best for remote inverter shutdown? Some DNS providers already block newly listed domains. Knowing when not to click a link can take true understanding. Why can losing a small portion of a power grid bring the rest down? Where are we in the "AI Hype Cycle" and is this the first? Speaking of hype: An AI system resorted to blackmail? Why are we so quick to imbue AI with awareness? ChatGPT's latest o3 model ignored the order to shutdown. Copilot may not be making Windows core code any better. Venice.AI is an unfiltered and unrestrained LLM Show Notes - https://www.grc.com/sn/SN-1027-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: outsystems.com/twit threatlocker.com for Security Now canary.tools/twit - use code: TWIT hoxhunt.com/securitynow 1password.com/securitynow

What the status of Encrypted Client Hello (ECH)? What radio technology would be best for remote inverter shutdown? Some DNS providers already block newly listed domains. Knowing when not to click a link can take true understanding. Why can losing a small portion of a power grid bring the rest down? Where are we in the "AI Hype Cycle" and is this the first? Speaking of hype: An AI system resorted to blackmail? Why are we so quick to imbue AI with awareness? ChatGPT's latest o3 model ignored the order to shutdown. Copilot may not be making Windows core code any better. Venice.AI is an unfiltered and unrestrained LLM Show Notes - https://www.grc.com/sn/SN-1027-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: outsystems.com/twit threatlocker.com for Security Now canary.tools/twit - use code: TWIT hoxhunt.com/securitynow 1password.com/securitynow

What the status of Encrypted Client Hello (ECH)? What radio technology would be best for remote inverter shutdown? Some DNS providers already block newly listed domains. Knowing when not to click a link can take true understanding. Why can losing a small portion of a power grid bring the rest down? Where are we in the "AI Hype Cycle" and is this the first? Speaking of hype: An AI system resorted to blackmail? Why are we so quick to imbue AI with awareness? ChatGPT's latest o3 model ignored the order to shutdown. Copilot may not be making Windows core code any better. Venice.AI is an unfiltered and unrestrained LLM Show Notes - https://www.grc.com/sn/SN-1027-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: outsystems.com/twit threatlocker.com for Security Now canary.tools/twit - use code: TWIT hoxhunt.com/securitynow 1password.com/securitynow

Send us a textCybersecurity professionals need a solid understanding of secure communication protocols, not just for exam success but for real-world implementation. This episode unpacks the essential protocols covered in CISSP Domain 4.1.3, providing clear explanations of how each works and when to use them.We begin with a timely discussion of the recent UnitedHealthcare hack, examining how ransomware crippled Change Healthcare systems nationwide. This case study highlights the critical importance of understanding security protocols and being able to articulate potential business impacts to leadership. Sean shares practical approaches for estimating downtime costs to help justify security investments.The heart of this episode explores crucial security protocols including IPsec tunnels, Kerberos authentication, Secure Shell (SSH), and the Signal protocol. Each section covers how these technologies function, their ideal use cases, and their respective strengths and limitations. The discussion extends to transport layer security (TLS), layer 2 tunneling protocol (L2TP), and lesser-known protocols like secure real-time transport protocol (SRTP) and Zimmerman real-time transport protocol (ZRTP).Sean breaks down complex technical concepts into accessible explanations, perfect for both CISSP candidates and practicing security professionals. Understanding these protocols isn't just about passing an exam—it's about making informed decisions when implementing security architecture in your organization. Whether you're preparing for certification or looking to strengthen your organization's security posture, this episode provides valuable insights into the fundamental building blocks of secure communications.Check out cisspcybertraining.com for free resources including practice questions, training videos, and blog posts to support your cybersecurity learning journey.Gain exclusive access to 360 FREE CISSP Practice Questions delivered directly to your inbox! Sign up at FreeCISSPQuestions.com and receive 30 expertly crafted practice questions every 15 days for the next 6 months—completely free! Don't miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!

We first became aware of the story at the heart of this episode over three years ago. Details were scarce at the time, but we knew that heat casualties had been a major issue for units at Defener Pacific... except for one company that was completely unaffected. And as it turned out, that company had been doing afternoon physical training to deliberately prepare for the heat (plus leveraging H2F experts to optimize the training). Our guest for this episode was the commander of that company at the time, and he provides a ton of insight into how good training management left his company with zero heat casualties while the battalion experienced 45. MAJ Christian Wardynski is an Instructor of Economics in the Department of Social Sciences at the United States Military Academy at West Point, which he also graduated from in 2014. After graduating Engineer BOLC, Chris served in the 54th BEB, 173rd IBCT in Vicenza, Italy as a Light Equipment PL, Sapper PL, and BN Air Officer. Most recently, he served as the Company Commander for Bravo Company, 37th Engineer Battalion, 82nd Airborne Division at Fort Bragg, NC. Chris holds a Bachelor of Science in Economics from West Point, a Master of Science in Engineering Management from the Missouri University of Science and Technology, and a Master of Public Policy from the University of Chicago where he also served as a fellow at the Pearson Institute. Chris and his wife, Jackie, have four daughters.He also provided a bunch of clarifying notes that we'll share here:He said the DoD vs. VA alignment is a Principal-Agent Problem, but as he described it, it would probably fit the definition of a negative externality better - the DoD's decisions to "overuse"/ or under-rehabilitate soldiers impose uncompensated long-term healthcare costs on the VA (and thus the taxpayer); same for the current commander not considering the cost savings of proper rehabilitation/physical resiliency of soldiers for the next commander. Regardless, both principal-agent issue and externality issue apply. You can tell by this correction that he's a true econ instructor...For additional context on the heat acclimation they started in May 2021, they had Company STX the second week of June and he initially started reverse cycle PT to see if it'd help soldiers with performance during the STX event. They executed 9x ESB-style lanes focused on individual soldier and engineer tasks, and covered over 30 miles under load in 24 hours. As a bit of risk management for the event, he mandated that all soldiers had to eat at least the main meal of the MRE and a side, or three sides total if not eating the main meal, as well as the entire salt/electrolyte packet every four hours during the event. If they found any soldier who ate less than the required amount, it would result in a summarized article 15 (if there were no extenuating circumstances). It was on the TLs to decide if they needed to eat more frequently and if they wanted to eat on the move or not. Team leaders led their own teams movement through all the lanes and to each station. This provided a great opportunity for them to exercise some initiative and leadership. Surprisingly, zero heat casualties during this crucible event for the ~80 soldiers that completed it, despite a peak ~95 degree heat index in that timeframe. Regarding Defender Pacific, when he arrived to his company assembly area after the jump, his soldiers looked utterly unphased and appeared completely fresh. The BN TF, however, had about 45 heat casualties by that time. After the BN TF mission was complete, they had a 7 mi ruck to the training area where they'd rest overnight, and his soldiers handled the movement without any issue whatsoever. He did note that they did not have a very hard follow on mission, whereas most other companies in the BN TF had some pretty physically arduous movements/follow-on missions.

In this episode, Michael, Sarah, and Mark talk to Craig Nelson, VP of the Microsoft Red Team about how the Red Team works to help secure Microsoft and its customers.In life, there are things you know you know, things you know you don't know, and finally, things you don't know you don't know. This episode is full of the latter.We also cover security news about LLMs and MCP, TLS 1.1 and 1.0 deprecation, Private End Point Improvements, Containers and more.https://aka.ms/azsecpod

Post-quantum cryptography is rapidly moving from the realm of NIST standards to running in production. The threat of quantum computing advances and coming regulations are driving this acceleration. One major component on the PQC migration plan for companies is VPN. In this episode we look at the Ambit corporate VPN client, which uses a standardized NIST PQC cipher: ML-KEM. Did you know there are potential gotchas with trying hybrids of classical and PQC instead? Find out the technical and philosophical reasons why the developers chose to skip offering a hybrid option. Join host Konstantinos Karagiannis for a wide-ranging chat with Kevin Kane and Andrew McElroy from American Binary.  For more information on American Binary, visit https://www.ambit.inc/.  Visit Protiviti at https://www.protiviti.com/US-en/technology-consulting/quantum-computing-services  to learn more about how Protiviti is helping organizations get post-quantum ready.  Follow host Konstantinos Karagiannis on all socials: @KonstantHacker and follow Protiviti Technology on LinkedIn and Twitter: @ProtivitiTech.               Questions and comments are welcome!  Theme song by David Schwartz, copyright 2021.  The views expressed by the participants of this program are their own and do not represent the views of, nor are they endorsed by, Protiviti Inc., The Post-Quantum World, or their respective officers, directors, employees, agents, representatives, shareholders, or subsidiaries.  None of the content should be considered investment advice, as an offer or solicitation of an offer to buy or sell, or as an endorsement of any company, security, fund, or other securities or non-securities offering. Thanks for listening to this podcast. Protiviti Inc. is an equal opportunity employer, including minorities, females, people with disabilities, and veterans.

Guest Dirkjan Ochtman Panelist Richard Littauer Show Notes In this special Maintainer Month episode of Sustain, host Richard speaks with Dirkjan Ochtman, a long-time open source contributor and Rust advocate. They dive deep into what it's like maintaining critical infrastructure libraries, the motivations behind taking over "abandonware," and how funding ecosystems like GitHub Sponsors and thanks.dev help sustain low-level dependencies. Dirkjan also reflects on how Rust's design lends itself well to long-term maintainability and shares thoughts on the challenges of burnout, context switching, and ensuring project continuity. Hit the download button now! [00:01:33] Dirkjan explains how he chooses which projects he's maintaining, being passionate about memory safety via Rust, and maintaining tools like Rustls, Hickory DNS, and Quinn. [00:03:14] Dirkjan describes his motivation for maintaining abandonware and sees it as providing value to the community. [00:04:23] ISRG funds Dirkjan's work on memory-safe DNS and TLS libraires, and they are replacing C-based libraires with Rust equivalents. [00:05:33] Dirkjan uses thanks.dev to help fund maintainers through the full dependency graph and revenue is limited but promising. [00:08:06] Richard brings up Tidelift and Dirkjan mentions it's not yielding results for Rust projects yet because the Rust ecosystem is smaller. [00:09:30] We hear Dirkjan's journey into Rust, starting in Python but frustrated by lack of type safety and performance, and creating his own compiler before appreciating Rust's complexity. [00:12:20] Dirkjan talks about his transition from Python to Rust. [00:13:39] Dirkjan uses PyO3 to create Python bindings for Rust libraries. [00:15:31] Richard wonders why projects become unmaintained and Dirkjan responds that people have life events, job changes, or shifting interests. [00:17:11] How are unmaintained projects flagged? Dirkjan uses the RustSec Advisory DB to detect projects with no active maintainers. [00:18:47] Dirkjan avoids burnout as a maintainer by keeping the scope narrow, only responds to PRs, doesn't overcommit, and focuses on high-efficiency, low-effort maintenance. [00:19:51] Rust has a strong system, built-in unit tests, great CI support, and Dirkjan encourages atomic commits to simplify code review. [00:21:28] Dirkjan speaks about languages that are more maintainer safe. [00:22:18] Richard brings up attack vectors and the ‘left-pad incident.' Dirkjan shares how he builds trust via his public GitHub record. [00:24:17] We hear Dirkjan's offboarding and succession planning as he explains handing off projects like Askama and promoting multiple maintainers to reduce bus factor. [00:26:08] Dirkjan's long-term vision for OSS sustainability is he hopes to move higher in the stack and wants to make high-quality software easier to build. [00:27:38] Dirkjan explains why he prefers to do asynchronous collaboration over pair programming. [00:28:52] Dirkjan discusses Rust's long-term ecosystem stability. [00:31:09] Find out where you can follow Dirkjan on the web. Quotes [00:03:23] “You call it abandonware and I call it a dependency that has a million users.” [00:19:02] “[When I take on a project], I don't take on the burden of proactively improving the project.” [00:19:11] “I will be there when someone submits a PR." [00:20:37] “I ask folks to make small changes: atomic commits.” Spotlight [00:31:37] Richard's spotlight is Allan Day. [00:32:20] Dirkjan's spotlight is Xilem. Links SustainOSS (https://sustainoss.org/) podcast@sustainoss.org (mailto:podcast@sustainoss.org) richard@sustainoss.org (mailto:richard@sustainoss.org) SustainOSS Discourse (https://discourse.sustainoss.org/) SustainOSS Mastodon (https://mastodon.social/tags/sustainoss) SustainOSS Bluesky (https://bsky.app/profile/sustainoss.bsky.social) SustainOSS LinkedIn (https://www.linkedin.com/company/sustainoss/) Open Collective-SustainOSS (Contribute) (https://opencollective.com/sustainoss) Richard Littauer Socials (https://www.burntfen.com/2023-05-30/socials) Dirkjan Ochtman LinkedIn (https://www.linkedin.com/in/dochtman/?originalSubdomain=nl) Dirkjan Ochtman Blog (https://dirkjan.ochtman.nl/) Dirkjan Ochtman Mastodon (https://hachyderm.io/@djc) Dirkjan Ochtman GitHub (https://github.com/djc) Dirkjan Ochtman Bluesky (https://bsky.app/profile/djc.ochtman.nl) Rust (https://www.rust-lang.org/) Rustls (https://github.com/rustls/rustls) Hickory DNS (https://github.com/hickory-dns/hickory-dns) Quinn (https://github.com/quinn-rs/quinn) Internet Security Research Group (ISRG) (https://www.abetterinternet.org/) Let's Encrypt (https://letsencrypt.org/) Automatic Certificate Management Environment (https://en.wikipedia.org/wiki/Automatic_Certificate_Management_Environment) PyO3 user guide (https://pyo3.rs/v0.15.1/) Sustain Podcast-Episode 108: Sarah Gran and Josh Aas: Sustainable Digital Infrastructure with Memory Safe Code (https://podcast.sustainoss.org/108) Sustain Podcast-Episode 148: Ali Nehzat of thanks.dev and OSS Funding (https://podcast.sustainoss.org/148) Tidelift (https://tidelift.com/) RustSec Advisory Database-GitHub (https://github.com/RustSec/advisory-db) Askama (https://docs.rs/askama/latest/askama/) Allan Day's GNOME Blog (https://blogs.gnome.org/aday/) Xilem (https://xilem.dev/) Credits Produced by Richard Littauer (https://www.burntfen.com/) Edited by Paul M. Bahr at Peachtree Sound (https://www.peachtreesound.com/) Show notes by DeAnn Bahr Peachtree Sound (https://www.peachtreesound.com/) Special Guest: Dirkjan Ochtman.

Eley Williams' collection of short stories Attrib. & Other Stories won the Republic of Consciousness Prize and the James Tait Black Memorial Prize. Her writing appears in The Penguin Book of the Contemporary British Short Story, Liberating the Canon, the TLS and the London Review of Books. She is a Fellow of the Royal Society of Literature. She is the author of the novel The Liar's Dictionary and on this episode of Little Atoms she talks to Neil Denny about her latest story collection Moderate to Poor, Occasionally Good, which is out now in paperback. Hosted on Acast. See acast.com/privacy for more information.

Let's Encrypt now offers certificates with 6-day lifetimes but what does that mean for the commercial TLS trust anchor world? On this episode of Security Noise, Geoff and Skyler are joined by Principal Security Consultant Justin Bollinger to discuss new options for certificate lifetimes and the implications of the new maximum ages, good and bad. About this podcast: Security Noise, a TrustedSec Podcast hosted by Geoff Walton and Producer/Contributor Skyler Tuter, features our cybersecurity experts in conversation about the infosec topics that interest them the most. Hack the planet! Find more cybersecurity resources on our website at https://trustedsec.com/resources.

Megan Hunter is a prizewinning novelist, dramatist and screenwriter. Her first novel, The End We Start From was shortlisted for Novel of the Year at the Books Are My Bag Awards, longlisted for the Aspen Words Prize, was a Barnes and Noble Discover Awards finalist and won the Forward Reviews Editor's Choice Award. It was adapted into a major motion picture by Alice Birch, starring Jodie Comer and directed by Mahalia Belo. Her second novel, The Harpy, was Indie Book of the Month; she is currently adapting it for television with Red Planet Pictures. Her dramatic monologue Salt of the Earth premiered at Venice Film Festival. Megan's other writing has appeared in the White Review, the TLS, Literary Hub, Vogue, Elle, BOMB, and elsewhere. On this episode of Little Atoms she talks to Neil Denny about her new novel Days of Light. Hosted on Acast. See acast.com/privacy for more information.

What personal information was compromised in the Hertz breach?The breach exposed customer names, birth dates, contact info, driver's licenses, payment cards, and some Social Security numbers. It stemmed from a cyberattack on Cleo, a third-party vendor previously targeted in a mass-hacking campaign.How is air travel changing, and what are the privacy implications?ICAO aims to replace boarding passes with digital travel credentials using facial recognition and mobile passport data. While data is reportedly deleted quickly, the expansion of biometric surveillance raises major privacy and security concerns.Why is the EU giving staff burner phones for U.S. trips?To mitigate potential U.S. surveillance risks, the EU is issuing burner phones to officials visiting for IMF/World Bank meetings—echoing similar precautions for China and Ukraine. It signals growing distrust in transatlantic cybersecurity.How are North Korean hackers using LinkedIn?Groups like Lazarus use fake recruiter profiles to trick targets into opening malware-laden job materials. These campaigns steal credentials and crypto, funding North Korea's sanctioned activities and highlighting the rise of social engineering threats.Why is Let's Encrypt shortening TLS certificate lifespans?Let's Encrypt now issues 6-day certificates, down from 90. Benefits include improved security and automation; drawbacks involve more frequent renewals, which could create dependency on issuing infrastructure.What is the "Smishing Triad" targeting now?This group has moved from fake delivery texts to targeting banks via iMessage and RCS phishing. They steal banking info to load stolen cards into mobile wallets, illustrating more advanced and lucrative phishing tactics.What's the significance of China acknowledging U.S. infrastructure hacks?China's tacit admission of involvement in Volt Typhoon cyberattacks marks a shift in tone. The U.S. sees these as strategic signals, intensifying concerns about critical infrastructure security amid geopolitical tension.What is Android's new auto-reboot security feature?Android phones will now reboot automatically after three days of inactivity. This clears memory, closes apps, and requires re-authentication—reducing the risk of unauthorized access.

On this week's show Patrick Gray talks to former NSA Cybersecurity Director Rob Joyce about Donald Trump's unprecedented, unwarranted and completely bonkers political persecution of Chris Krebs and his employer SentinelOne. They also talk through the week's cybersecurity news, covering: Mitre's stewardship of the CVE database gets its funding DOGE'd The US signs on to the Pall Mall anti-spyware agreement China tries to play the nationstate cyber-attribution game, but comedically badly Hackers run their malware inside the Windows sandbox, for security against EDR This week's episode is sponsored by open source identity provider Authentik. CEO Fletcher Heisler joins to talk through the increasing sprawl of the identity ecosystem. This episode is also available on Youtube. Show notes Cybersecurity industry falls silent as Trump turns ire on SentinelOne | Reuters U.S. cyber defenders shaken by Trump's attack on their former boss Trump Revenge Tour Targets Cyber Leaders, Elections – Krebs on Security Wyden to block Trump's CISA nominee until agency releases report on telecoms' ‘negligent cybersecurity' | The Record from Recorded Future News Gabbard sets up DOGE-style team to cut costs, uncover intel ‘weaponization' MITRE Warns CVE Program Faces Disruption Amid US Funding Uncertainty US to sign Pall Mall pact aimed at countering spyware abuses | The Record from Recorded Future News Court document reveals locations of WhatsApp victims targeted by NSO spyware | TechCrunch Spyware Maker NSO Group Is Paving a Path Back Into Trump's America | WIRED NCSC shares technical details of spyware targeting Uyghur, Tibetan and Taiwanese groups | The Record from Recorded Future News Risky Bulletin: Chinese APT abuses Windows Sandbox to go invisible on infected hosts China escalates cyber fight with U.S., names alleged NSA hackers Researcher uncovers dozens of sketchy Chrome extensions with 4 million installs - Ars Technica China-based SMS Phishing Triad Pivots to Banks – Krebs on Security Risky Bulletin: CA/B Forum approves 47-days TLS certs Ransomware in het mkb: Cybercriminelen verhogen losgeld bij cyberverzekering 4chan Is Down Following What Looks to Be a Major Hack Spurred By Meme War

AI-powered code generation tools are raising significant security concerns within the software supply chain. Recent research indicates that a notable percentage of package suggestions from both commercial and open-source models are non-existent, a phenomenon referred to as "hallucination." This issue allows malicious actors to exploit these fictitious package names by uploading harmful software to package registries, a tactic known as slop-squatting. Experts emphasize the importance of manual verification and the use of dependency scanners to mitigate these risks, highlighting that developers must rigorously test AI-generated code in isolated environments before deployment.In the tech industry, Intel has made headlines by selling a 51% stake in its programmable chip business, Altera, to private equity firm Silverlake for $4.46 billion. This decision comes after Intel's acquisition of Altera for $16.7 billion in 2015, reflecting a significant drop in valuation. The move is part of a broader strategy to sharpen focus and strengthen the company's balance sheet amid ongoing challenges in the semiconductor market. Despite retaining a minority stake in Altera, Intel's actions raise questions about its ability to compete effectively in critical areas like AI-optimized silicon.Another pressing issue is the impending reduction of the maximum lifespan for SSL and TLS certificates, which will be cut to just 47 days by 2029. This change, supported by major tech companies, aims to enhance digital security by minimizing risks associated with compromised certificates. The transition will require automated and integrated certificate management solutions to keep pace with the new renewal cycles, emphasizing the need for proactive risk management in the evolving threat landscape.Lastly, the reinstatement of tariffs on electronics, including smartphones and laptops, is set to impact the tech industry significantly. The U.S. government aims to encourage domestic manufacturing, but the unpredictability of trade policies complicates planning for businesses. As companies navigate these challenges, they must adopt flexible strategies that account for ongoing volatility in the supply chain and procurement processes, ensuring they remain responsive to changing market conditions. Four things to know today 00:00 Copy, Paste, Compromise? Why AI Code Suggestions Could Lead to Big Security Problems04:45 Altera Is Out, $8.75B Is In—But Intel's Chip Future Is Still in Question06:46 Got 47 Days? Why Your SSL Certificates Just Got a Whole Lot Needier08:14 One More Time with Feeling: Tech Tariffs Are Back, and the Forecast Is Still Chaos  Supported by:  https://cometbackup.com/?utm_source=mspradio&utm_medium=podcast&utm_campaign=sponsorship https://getflexpoint.com/msp-radio/   Join Dave April 22nd to learn about Marketing in the AI Era.  Signup here:  https://hubs.la/Q03dwWqg0 All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech

Topics covered in this episode: How to Write a Git Commit Message Caddy Web Server Some new PEPs approved juv Extras Joke Watch on YouTube About the show Sponsored by Posit Connect: pythonbytes.fm/connect Connect with the hosts Michael: @mkennedy@fosstodon.org / @mkennedy.codes (bsky) Brian: @brianokken@fosstodon.org / @brianokken.bsky.social Show: @pythonbytes@fosstodon.org / @pythonbytes.fm (bsky) Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Monday at 10am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Brian #1: How to Write a Git Commit Message Chris Beams 7 rules of a great commit message Separate subject from body with a blank line Limit the subject line to 50 characters Capitalize the subject line Do not end the subject line with a period Use the imperative mood in the subject line Wrap the body at 72 characters Use the body to explain what and why vs. how Article also includes Why a good commit message matters Discussion about each of the 7 rules Cool hat tips to other articles on the subject “Keep in mind: This has all been said before.” Each word is a different link. Michael #2: Caddy Web Server via Fredrik Mellström Like a more modern NGINX Caddy automatically obtains and renews TLS certificates for all your sites. Caddy's native configuration is a JSON document. Even localhost and internal IPs are served with TLS using the intermediate of a fully-automated, self-managed CA that is automatically installed into most local trust stores. Configure multiple Caddy instances with the same storage, and they will automatically coordinate certificate management as a fleet. Production-grade static file server. Brian #3: Some new PEPs approved PEP 770 – Improving measurability of Python packages with Software Bill-of-Materials Accepted for packaging Author: Seth Larson, Sponsor Brett Cannon “This PEP proposes using SBOM documents included in Python packages as a means to improve automated software measurability for Python packages.” PEP 750 – Template Strings Accepted for Python 3.14 Author: Jim Baker, Guido van Rossum, Paul Everitt, Kaudai Aono, Lysandros Nikolaou, Dave Peck “Templates provide developers with access to the string and its interpolated values before they are combined. This brings native flexible string processing to the Python language and enables safety checks, web templating, domain-specific languages, and more.” Michael #4: juv A toolkit for reproducible Jupyter notebooks, powered by uv. Create, manage, and run Jupyter notebooks with their dependencies Pin dependencies with PEP 723 - inline script metadata Launch ephemeral sessions for multiple front ends (e.g., JupyterLab, Notebook, NbClassic) Powered by uv for fast dependency management Use uvx to run jupyterlab with ephemeral virtual environments and tracked dependencies. Extras Brian: Status of Python versions new-ish format Use this all the time. Can't remember if we've covered the new format yet. See also Python endoflife.date Same dates, very visible encouragement to move on to Python 3.13 if you haven't already. Michael: Python 3.13.3 is out. .git-blame-ignore-revs follow up Joke: BGPT (thanks Doug Farrell)

What if managing databases on Kubernetes didn't require a team of specialists or endless configuration? In this episode of Tech Talks Daily, I sit down with Tamal Saha, founder and CEO of AppsCode, to explore how his team is building a more intuitive, scalable, and enterprise-ready approach to Kubernetes-native data management. Recorded during the IT Press Tour in London, this conversation traces Tamal's journey from Bangladesh to Google, and ultimately to launching AppsCode in 2016. He shares how early experiences with Google's internal systems helped shape his vision for a cloud-native data platform built for modern application environments. What began as an open-source passion project has evolved into a comprehensive enterprise suite that includes solutions like KubeDB, Stash, Voyager, and KubeVault. We discuss the operational realities of managing databases in Kubernetes—from simplifying provisioning and backups to solving problems around TLS management, multi-tenancy, and even secret rotation. Tamal outlines the benefits of a Kubernetes-native architecture for platform engineers, DevOps teams, and developers who want to deploy faster, automate more, and keep full control over their environments. With real-world insights from enterprise deployments, including large-scale telcos modernizing their infrastructure, Tamal explains how AppsCode is helping organizations move from ticket-based database provisioning to true self-service. He also looks ahead to what's coming next, including support for vector databases, AI-powered provisioning interfaces, and deeper integrations with open telemetry and observability tools. Whether you're running stateful workloads in Kubernetes today or exploring how to modernize your data layer, this episode is packed with insight into building platforms that work with developers, not against them. So, is it time to rethink your approach to data in the cloud-native era? Let me know what you think.

Apache Camel Exploit Attempt by Vulnerability Scans A recently patched vulnerability in Apache Camel has been integrated into some vulnerability scanners, like for example OpenVAS. We do see some exploit attempts in our honeypots, but they appear to be part of internal vulnerablity scans https://isc.sans.edu/diary/Apache%20Camel%20Exploit%20Attempt%20by%20Vulnerability%20Scan%20%28CVE-2025-27636%2C%20CVE-2025-29891%29/31814 New Security Requirements for Certificate Authorities Starting in July, certificate authorities need to verify domain ownership data from multiple viewpoints around the internet. They will also have to use linters to verify certificate requests. https://security.googleblog.com/2025/03/new-security-requirements-adopted-by.html Possible Oracle Breach Oracle still denies being the victim of a data berach as leaked data may show different. https://doublepulsar.com/oracle-attempt-to-hide-serious-cybersecurity-incident-from-customers-in-oracle-saas-service-9231c8daff4a https://www.theregister.com/2025/03/30/infosec_news_in_brief/ https://www.darkreading.com/cyberattacks-data-breaches/oracle-still-denies-breach-researchers-persist

Episode SummaryIn this episode of The Secure Developer, Danny Allan sits down with Mrinal Wadhwa, CTO at Ockam, to explore the evolving landscape of secure communication in distributed systems. They discuss the challenges of securing microservices, IoT networks, and Kubernetes environments and how traditional TLS-based security models may no longer be sufficient. Mrinal shares insights into Ockam's approach to end-to-end encrypted, mutually authenticated channels and the impact of WebAssembly, passkeys, and modern cryptographic identity management on security. Tune in for a deep dive into how organizations can rethink security at runtime to minimize risks in today's complex digital ecosystems.Show NotesSecurity in modern applications is more challenging than ever, with microservices architectures, IoT deployments, and distributed computing environments introducing new risks. In this episode, Danny Allan welcomes Mrinal Wadhwa, CTO at Ockam, to discuss how secure communication models need to evolve beyond traditional TLS and perimeter-based defenses.Topics covered include:The challenges of securing microservices and Kubernetes clustersHow end-to-end encryption and mutual authentication can minimize riskThe importance of cryptographic identities and key rotation at scaleHow Ockam enables secure channels across multiple transport layers (TCP, Bluetooth, Kafka, etc.)The role of WebAssembly and passkeys in rethinking security modelsShifting from perimeter-based security to secure-by-design communicationMrinal shares key insights on how organizations can rethink risk at runtime, considering the number of people and systems involved in data flow rather than just static build-time dependencies. Whether you're a security leader, developer, or architect, this episode provides actionable insights on building trust in your infrastructure without compromising performance or agility.LinksOckamPasskeys OverviewPrivate Compute Cloud by AppleSnyk - The Developer Security Company Follow UsOur WebsiteOur LinkedIn

In this episode, I discuss strategies to beat bad eating habits, my favorite free-weight exercises for leg day, upcoming developments with Legion Clear Protein, and more.As always, these questions come directly from my Instagram followers, who take advantage of my weekly Q&As in my stories.If you have a question you're dying to have answered, make sure you follow me on Instagram (@muscleforlifefitness) and look out for the Q&A posts. Your question might just make it into a podcast episode!If you like this type of episode, let me know. Send me an email (mike@muscleforlife.com) or direct message me on Instagram. And if you don't like it, let me know that too or how you think it could be better.---Timestamps:(00:00) Intro(02:03) Intermittent fasting—fad?(06:33) Beat bad eating habits?(10:39) Dream Whey+ flavor?(11:25) TLS workouts—full coverage?(11:52) Dexa scans reliable?(12:50) Butter healthy?(13:24) Best Adonis belt exercise?(14:34) High urea—lower protein?(14:54) Fastest way to first pull-up?(15:21) Green powder worth it?(16:00) Bicep tendonitis—alternatives?(17:11) Biggest Legion challenge?(26:03) Count all protein?(29:03) Train on period?(29:46) Raising what cows?(30:47) Check nutrients without bloodwork?(31:19) Compound vs. machines?(34:47) 100g+ protein needed?(36:01) Phosphatidic acid thoughts?(37:16) Natural or enhanced?(38:54) Best leg exercise no machines?---Mentioned on the Show:Coaching PageThe Little Black Book of Workout MotivationWhey+

The Unbreakable Multi-Layer Anti-Debugging System Xavier found a nice Python script that included what it calls the "Unbreakable Multi-Layer Anti-Debugging System". Leave it up to Xavier to tear it appart for you. https://isc.sans.edu/diary/The%20Unbreakable%20Multi-Layer%20Anti-Debugging%20System/31658 Take my money: OCR crypto stealers in Google Play and App Store Malware using OCR on screen shots was available not just via Google Play, but also the Apple App Store. https://securelist.com/sparkcat-stealer-in-app-store-and-google-play-2/115385/ Threat Actors Still Leveraging Legit RMM Tool ScreenConnect Unsurprisingly, threat actors still like to use legit remote admin tools, like ScreenConnect, as a command and control channel. Silent Push outlines the latest trends and IoCs they found https://www.silentpush.com/blog/screenconnect/ Cisco Identity Services Engine Insecure Java Deserialization and Authorization Bypass Vulnerabilities Java deserializing strikes again to allow arbitrary code execution. Cisco fixed this vulnerability and a authorization bypass issue in its Identity Services Engine https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multivuls-FTW9AOXF F5 Update F5 fixes an interesting authentication bypass problem affecting TLS client certificates https://my.f5.com/manage/s/article/K000149173