Podcasts about TLS

In this episode, Anna Rose and Nico Mohnblatt speak with Dan and Sinu from TLSNotary to trace the project's journey from early Bitcoin forum ideas to its current role as a foundational protocol maintained by PSE. Dan recounts the origins of TLSNotary as a tool for cryptographically proving web data, while Sinu explains how the project was revived to provide modern TLS attestation. The conversation covers the use-cases for verifiable web proofs, the different modes these interactive protocols can take, and the broader impact of this technology on leveraging siloed user data. Related links: Episode 325: Web Proofs with Tracy from Pluto Episode 354: The Founding of Zero Knowledge Systems with Austin Hill Episode 362: zkTLS with Maddy from Reclaim 2013 Blog Post ‘tlsnotary - cryptographic proof of fiat transfer for p2p exchanges' TLSNotary Whitepaper DECO: Liberating Web Data Using Decentralized Oracles for TLS Primus Labs (Previously PADO) Town Crier: An Authenticated Data Feed for Smart Contracts Check out the latest jobs in ZK at the ZK Podcast Jobs Board.  **If you like what we do:** * Find all our links here! @ZeroKnowledge | Linktree * Subscribe to our podcast newsletter * Follow us on Twitter @zeroknowledgefm * Join us on Telegram * Catch us on YouTube **Support the show:** *

The ASX 200 fell 69 points to 8562 after a record yesterday. Banks were weak on proposed RBA charges changes, CBA off % with the Big Bank Basket down to $279.26 (-1.5%) NAB under extra pressure on CEO issues, down 3.4%. Financials generally eased back, MQG off 0.8% and insurers down, QBE off 1.0%. REITs too under pressure with GMG down 0.2% and SCG falling 0.5%. Healthcare mixed, CSL fell 1.3% on US tariff issues on pharmas, PME up 1.7% and FPH slightly firmer. Industrials mostly lower, TCL off 0.7%, ALL down 1.7% and WOW and COL easing back as did TLS. Utilities pulled back as ORG fell 1.1% and AGL down 0.8%. Tech gained, WTC up 0.6%.In resources, it was all about rare and critical metals. News of Apple's investment rocked the sector to the core, with good gains across the board. ILU rose 4.3% with LYC flat, even ARU rose 4.9% with MEI up 14.3%. Gold miners fell on NEM news, quarterlies doing nothing to help on profit taking after rises yesterday. NST falling 2.2% EVN down 2.3% on quarterly and WAF down 3.4%. Lithium stocks held up relatively well. BHP down 0.7% despite iron ore hitting $100 in Singapore. Uranium stocks up again, PDN up 3.3% and BOE up 3.3%. Oil and gas flat.In corporate news, LLC fell 1.7% on a luxury development news. RIO up 0.2% on quarterly and CEO change.Want to invest with Marcus Today? The Managed Strategy Portfolio is designed for investors seeking exposure to our strategy while we do the hard work for you. If you're looking for personal financial advice, our friends at Clime Investment Management can help. Their team of licensed advisers operates across most states, offering tailored financial planning services.  Why not sign up for a free trial? Gain access to expert insights, research, and analysis to become a better investor.

Microsoft Patch Tuesday, July 2025 Today, Microsoft released patches for 130 Microsoft vulnerabilities and 9 additional vulnerabilities not part of Microsoft's portfolio but distributed by Microsoft. 14 of these are rated critical. Only one of the vulnerabilities was disclosed before being patched, and none of the vulnerabilities have so far been exploited. https://isc.sans.edu/diary/Microsoft%20Patch%20Tuesday%2C%20July%202025/32088 Opposum Attack If a TLS server is configured to allow switching from HTTP to HTTPS on a specific port, an attacker may be able to inject a request into the data stream. https://opossum-attack.com/ Ivanti Security Updates Ivanty fixed vulnerabilities in Ivanty Connect Secure, EPMM, and EPM. In particular the password decryption vulnerabliity may be interesting. https://www.ivanti.com/blog/july-security-update-2025

Is security an afterthought in your Flutter projects? In a world where a single breach can cost millions and destroy user trust, every developer needs a solid foundation in security.In this episode of Flying High with Flutter, Allen Wyma sits down with seasoned software developer, trainer, and acclaimed author Laurențiu Spilcă to demystify application security. While Laurențiu's background is deep in the Java/Spring world, the principles he shares are universal and essential for any developer building modern applications.We dive deep into the "why" and "how" of securing your apps, from the initial authentication flow to the communication between your backend services.Timecodes:00:00 - Meet Laurențiu Spilcă & Why Security Can't Be an Afterthought06:16 - The Role of a CISO and Preventing Disasters like the log4j Vulnerability14:09 - The Future is Passwordless30:41 - Understanding OAuth2, OpenID Connect, and Why PKCE is CRITICAL for Mobile Apps41:45 - What is TLS? Why Your App Needs More Than Just HTTPS52:03 - Mutual TLS (mTLS): Securing Communication Between Your MicroservicesGET THE BOOK!

Interesting ssh/telnet usernames Some interesting usernames observed in our honeypots https://isc.sans.edu/diary/A%20few%20interesting%20and%20notable%20ssh%20telnet%20usernames/32080 More sudo trouble The host option in Sudo can be exploited to execute commands on unauthorized hosts. https://www.stratascale.com/vulnerability-alert-CVE-2025-32462-sudo-host CitrixBleed2 PoC Posted (CVE-2025-5777) WatchTwer published additional details about the recently patched CitrixBleed vulnerability, including a PoC exploit. https://labs.watchtowr.com/how-much-more-must-we-bleed-citrix-netscaler-memory-disclosure-citrixbleed-2-cve-2025-5777/ Instagram Using Six Day Certificates Instagram changes their TLS certificates daily and they use certificates that are just about to expire in a week. https://hereket.com/posts/instagram-single-day-certificates/

Vibes, vibes, vibes, what else can we say? Oaks & Jabs bringing the boom and the bap both banging and smooth like thaaaat….. Some classic feels and lush beats. Come along and ride on the fantastic voyage. Playlist: SPOILER ALERTT GOD DID by MARTY The Commission by Phillip Anthony & iNTELLECT ft. Anwar Stanton & DJ Radiohead Prevail by Phathom ft. T.Coda, Journalist & Truth InRhyme JALEN BRUNSON by YP aka Young Paul & ATTAM ft. DJ Mykael V No Laughing Matter by Paradox & Leo Low Pass ft. Illogic & DJ JabbaThaKut My Dependency by Thee Alumni (Kaboose & m1L) ft. Damarcus Wilkins R A I N . C H E C K by REFVGE (Bianca Silver, WAY?, Cyfe II, Josh Lecroy) Take the Train by TLS, Mic Wise & GB Don't Mind Me by Propaganda & Shad THE LIONS DEN by Soulo The Prince ft. Da Commissioner, Orion TheArtist & Anewmefr HPSKTD ONE by Alert312 & eB83 Save Me by Prodi Da Prodigal ft. Alcott This Feeling by J.Solo ft. Joseph SD & HIS Hypeman Stract GG FREESTYLE by Social Club Misfits Already Won by C4 Crotona, Datin & Reece Lache' Vote on the playlist at www.definitionradio.com/show/956 Leave your requests/shout-outs on our socials www.facebook.com/DefinitionRadio www.instagram.com/DefinitionHH www.twitter.com/DefinitionHH www.krosswerdz.com

ASX 200 down 2 to 8596 on a volatile day as banks saw selling and money move to BHP and other resources. CBA was down for another day, as its now four out of five down days closing off % with the Big Bank Basket down to $282.16% (-1.6%). ANZ outperformed up 0.5%. Financials under pressure across the board, MQG down 0.8% and insurers falling hard. QBE off 2.2% and SUN down 3.4%. Defensives generally on the nose, TLS down 1.2% and REA off 3.4% with WES falling 2.0% together with WOW and COL. Tech mixed as XRO fell again and WTC up 1.2% despite more front-page news! Healthcare mixed, CSL up 0.5% and PME racing 7.8% ahead on news of two contract wins. Resources were the stars today, at least BHP up 5.6% with RIO and FMG also up but more modestly, around 1.8%. Gold miners finding some friends, NEM up 1.4% and WAF up 1.3%. Lithium stocks better, PLS up 11.3% with LTR rising 5.0%, MIN up 7.8% with coal stocks also back in favour, WHC up 8.2%. Uranium stocks eased back. WDS and STO slightly better. In corporate news, GLF rose 4.1% on its debit. VGN sinking 1.9% towards issue price. RPL ran 9.3% on $35m performance fee. On the economic front we had the trade balance numbers. Asian markets mixed, Japan unchanged, China up 0.6% and HK down 0.8%.10-year yields rising to 4.18%Want to invest with Marcus Today? The Managed Strategy Portfolio is designed for investors seeking exposure to our strategy while we do the hard work for you.If you're looking for personal financial advice, our friends at Clime Investment Management can help. Their team of licensed advisers operates across most states, offering tailored financial planning services.  Why not sign up for a free trial? Gain access to expert insights, research, and analysis to become a better investor.

ASX 200 rose 57 points to 8598 (0.7%) to a fresh record high as retail sales opened the door to a rate cut next week. Resources leading the way higher with BHP, RIO and FMG all doing well, FMG the best up 3.8%. Some movement in base metal stocks too on Chinese economic hopes, S32 up 5.1% with gold miners flat. Oil and gas firmed, WDS up 1.1% and STO up 0.5%. Lithium stocks eked out some gains with uranium miners flat. Industrials were the real winners today, WES up 0.8% as retail stocks gained on rate cut hopes. DMP crashed 15.8% as its new CEO went ex. WOW and COL firmed with ALL up 1.9% and TLS gaining 1.0%. REITs firm on cut hopes, GMG up 2.1% and SCG gaining 2.7%. Tech stocks mixed, WTC up 1.4% and XRO off 2.1%.  Banks were early losers but found favour and pushed slightly higher as CBA rose 0.6% and the Big Bank Basket up to $286.64 (+0.2%). In corporate news, HLI fell 21.4% as it lost the ING contract. QAN dropped 2.2% as it got hit with a cyberattack.  On the economic front, Retail sales came in at 0.2% higher, slightly below forecast. Asian markets mixed again, Japan down 0.4% on Trump tariff threats, HK up 0.5% and China flat. 10-year yields rose to 4.14%. Dow futures up 120, and Nasdaq futures up 70.Want to invest with Marcus Today? The Managed Strategy Portfolio is designed for investors seeking exposure to our strategy while we do the hard work for you.If you're looking for personal financial advice, our friends at Clime Investment Management can help. Their team of licensed advisers operates across most states, offering tailored financial planning services.  Why not sign up for a free trial? Gain access to expert insights, research, and analysis to become a better investor.

In this episode, Mandy Logan, Summer Craze Fowler, Jason Albuquerque, and Jeff Pollard of Forrester discuss the challenges and strategies for CISOs in navigating volatility in the security landscape. They emphasize the importance of building relationships within the organization, particularly with the CFO, to manage budgets effectively. The conversation also covers the significance of communicating security needs in terms of compliance and customer requirements, maximizing budget through flex spending, and the role of automation and AI in enhancing security operations. Additionally, they highlight the need for effective data management to reduce costs and improve efficiency. In pre-recorded interviews from RSAC, learn the following! With the power of zero trust and AI, Zscaler help organizations strengthen and automate IT and security, reduce costs, and minimize complexity. Zscaler helps reduce the attack surface, block threats via full TLS inspection, and eliminate lateral threat movement. This segment is sponsored by Zscaler. Visit https://securityweekly.com/zscalerrsac to learn more about them! The modern workspace, increasingly reliant on cloud-based applications, browser-first access, and AI integration, faces significant security challenges that outpace the capabilities of traditional tools. Legacy solutions, including VPNs and even early ZTNA implementations, are proving vulnerable to sophisticated attacks leading to data breaches and operational disruptions. The fundamental shift in how we work demands a new approach, one that closes the gaps left by the platform approach. We need the ability to 'trust nothing and click on anything with zero risk.' We need to take zero trust beyond the network that we operate and control. Future of Browser Security Webinar with Google: https://www.menlosecurity.com/resources/2025-prediction-the-future-of-browser-security-lessons-from-the-pioneers Browser security report: https://www.menlosecurity.com/resources/state-of-browser-security-report Global Cyber Gangs report: https://www.menlosecurity.com/resources/global-cyber-gangs-supported-and-sheltered-by-state-sponsors-and-getting-smarter-every-day-report Everywhere Access White Paper: https://www.menlosecurity.com/resources/everywhere-access-the-zero-trust-revolution-for-hybrid-work-white-paper This segment is sponsored by Menlo Security. Visit https://securityweekly.com/menlorsac to learn more about them! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-401

Send us a textThe invisible threads connecting Kubernetes and networking infrastructure form the backbone of today's cloud-native world. In this revealing conversation with Marino Wijay from Kong, we unravel the complex relationship between traditional networking concepts and modern container orchestration.Marino brings a unique perspective as someone who entered the Kubernetes ecosystem through networking, explaining how fundamental networking principles directly translate to Kubernetes operations. "If you don't have a network, there is no Kubernetes," he emphasizes, highlighting how reachability between nodes forms the foundation of cluster communication.The network evolution within Kubernetes proves fascinating – from the early "black box" approach where connectivity was implicit to the sophisticated Container Network Interfaces (CNIs) like Cilium that offer granular control. Network engineers approaching Kubernetes for the first time might feel overwhelmed, but as we discover, concepts like DHCP with DNS registration, NAT, and load balancing all have direct parallels within the Kubernetes networking model.Our discussion ventures into the practical challenges organizations face when implementing service mesh technologies. While offering powerful capabilities for secure pod-to-pod communication through mutual TLS, service mesh introduces significant complexity. Marino shares insights on when this investment makes sense for enterprises versus smaller organizations with more controlled environments.The conversation takes an especially interesting turn when exploring how AI workloads are transforming Kubernetes networking requirements. From GPU-enabled clusters to specialized traffic patterns and the concept of Dynamic Resource Allocation as "QoS for AI," we examine how these resource-intensive applications are pushing the boundaries of what's possible.Whether you're a network engineer curious about containers or a Kubernetes administrator looking to deepen your networking knowledge, this episode bridges crucial gaps between these interconnected worlds. Subscribe to Cables to Clouds for more insights at the intersection of networking and cloud technologies!https://www.linkedin.com/in/mwijay/Purchase Chris and Tim's new book on AWS Cloud Networking: https://www.amazon.com/Certified-Advanced-Networking-Certification-certification/dp/1835080839/ Check out the Fortnightly Cloud Networking Newshttps://docs.google.com/document/d/1fkBWCGwXDUX9OfZ9_MvSVup8tJJzJeqrauaE6VPT2b0/Visit our website and subscribe: https://www.cables2clouds.com/Follow us on BlueSky: https://bsky.app/profile/cables2clouds.comFollow us on YouTube: https://www.youtube.com/@cables2clouds/Follow us on TikTok: https://www.tiktok.com/@cables2cloudsMerch Store: https://store.cables2clouds.com/Join the Discord Study group: https://artofneteng.com/iaatj

In this episode, Mandy Logan, Summer Craze Fowler, Jason Albuquerque, and Jeff Pollard of Forrester discuss the challenges and strategies for CISOs in navigating volatility in the security landscape. They emphasize the importance of building relationships within the organization, particularly with the CFO, to manage budgets effectively. The conversation also covers the significance of communicating security needs in terms of compliance and customer requirements, maximizing budget through flex spending, and the role of automation and AI in enhancing security operations. Additionally, they highlight the need for effective data management to reduce costs and improve efficiency. In pre-recorded interviews from RSAC, learn the following! With the power of zero trust and AI, Zscaler help organizations strengthen and automate IT and security, reduce costs, and minimize complexity. Zscaler helps reduce the attack surface, block threats via full TLS inspection, and eliminate lateral threat movement. This segment is sponsored by Zscaler. Visit https://securityweekly.com/zscalerrsac to learn more about them! The modern workspace, increasingly reliant on cloud-based applications, browser-first access, and AI integration, faces significant security challenges that outpace the capabilities of traditional tools. Legacy solutions, including VPNs and even early ZTNA implementations, are proving vulnerable to sophisticated attacks leading to data breaches and operational disruptions. The fundamental shift in how we work demands a new approach, one that closes the gaps left by the platform approach. We need the ability to 'trust nothing and click on anything with zero risk.' We need to take zero trust beyond the network that we operate and control. Future of Browser Security Webinar with Google: https://www.menlosecurity.com/resources/2025-prediction-the-future-of-browser-security-lessons-from-the-pioneers Browser security report: https://www.menlosecurity.com/resources/state-of-browser-security-report Global Cyber Gangs report: https://www.menlosecurity.com/resources/global-cyber-gangs-supported-and-sheltered-by-state-sponsors-and-getting-smarter-every-day-report Everywhere Access White Paper: https://www.menlosecurity.com/resources/everywhere-access-the-zero-trust-revolution-for-hybrid-work-white-paper This segment is sponsored by Menlo Security. Visit https://securityweekly.com/menlorsac to learn more about them! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-401

In this episode, Mandy Logan, Summer Craze Fowler, Jason Albuquerque, and Jeff Pollard of Forrester discuss the challenges and strategies for CISOs in navigating volatility in the security landscape. They emphasize the importance of building relationships within the organization, particularly with the CFO, to manage budgets effectively. The conversation also covers the significance of communicating security needs in terms of compliance and customer requirements, maximizing budget through flex spending, and the role of automation and AI in enhancing security operations. Additionally, they highlight the need for effective data management to reduce costs and improve efficiency. In pre-recorded interviews from RSAC, learn the following! With the power of zero trust and AI, Zscaler help organizations strengthen and automate IT and security, reduce costs, and minimize complexity. Zscaler helps reduce the attack surface, block threats via full TLS inspection, and eliminate lateral threat movement. This segment is sponsored by Zscaler. Visit https://securityweekly.com/zscalerrsac to learn more about them! The modern workspace, increasingly reliant on cloud-based applications, browser-first access, and AI integration, faces significant security challenges that outpace the capabilities of traditional tools. Legacy solutions, including VPNs and even early ZTNA implementations, are proving vulnerable to sophisticated attacks leading to data breaches and operational disruptions. The fundamental shift in how we work demands a new approach, one that closes the gaps left by the platform approach. We need the ability to 'trust nothing and click on anything with zero risk.' We need to take zero trust beyond the network that we operate and control. Future of Browser Security Webinar with Google: https://www.menlosecurity.com/resources/2025-prediction-the-future-of-browser-security-lessons-from-the-pioneers Browser security report: https://www.menlosecurity.com/resources/state-of-browser-security-report Global Cyber Gangs report: https://www.menlosecurity.com/resources/global-cyber-gangs-supported-and-sheltered-by-state-sponsors-and-getting-smarter-every-day-report Everywhere Access White Paper: https://www.menlosecurity.com/resources/everywhere-access-the-zero-trust-revolution-for-hybrid-work-white-paper This segment is sponsored by Menlo Security. Visit https://securityweekly.com/menlorsac to learn more about them! Show Notes: https://securityweekly.com/bsw-401

ASX 200 fought back to close down only 31 points at 8475 (0.4%). Banks once again the swing factor as , with gold miners sold off despite geopolitical rose 1.0% and the Big Bank Basket better at $284.86 (). Insurers better, QBE up 0.3% with REITs easing, VCX down 0.8% with other financials easing. MFG off 3.8% and ASX down 0.8%. Industrials weaker across the board. BXB off % with QAN falling 1.9% as oil rose, TLS fell 0.2% with ALL down 2.6% and retail under a little pressure. ADH fell 20.5% on disappointing sales, MTS rose 2.7% on better than expected food sales. Tech stocks eased but off lows, WTC down 1.0% and XRO down 0.2% with the All-Tech Index down 0.5%. Resources were weaker, the three iron ore miners slid, BHP down 1.6% and FMG off 1.0% with gold miners sold off despite geo polictical tensions. NST and EVN continuing to be rerate downwards. Oil and gas stocks muted, uranium stocks fell, BOE off 1.8% and coal stocks down, WHC off 3.5%. In corporate news, WDS agreed to supply Japan with winter LNG. SMP agreed to a scheme with Shift4 from the US. Nothing on the economic front today. Asian markets muted on war worries. Japan down 0.2%, HK up 0.6% and China up 0.4%. 10-year yields rising to 4.21%.Want to invest with Marcus Today? The Managed Strategy Portfolio is designed for investors seeking exposure to our strategy while we do the hard work for you.If you're looking for personal financial advice, our friends at Clime Investment Management can help. Their team of licensed advisers operates across most states, offering tailored financial planning services.  Why not sign up for a free trial? Gain access to expert insights, research, and analysis to become a better investor.

The ASX 200 falls another 18 points to 8506 (0.2%) in quiet trade. Banks eased back after a stellar run, CBA down 0.2% with ANZ off 2.5% and MQG falling 1.9%. Financials steady, ASX up 0.6%, must be the new logo, Insurers slightly better. REITs too turned up, DXS up 1.0% and CHC up 0.5%. Defensives slipped, WES off 1.6% and WOW and COL eased with TLS down 0.6%. Retailers also fell slightly, JBH off 1.2% and TPW falling 2.6%. Tech eased with the All-Tech Index unchanged.Resources were mixed, iron ore whipped throughout the day but finished off, RIO down 1.3% and BHP up 0.2%. Gold miners rose after losses this week, NEM up 0.3% and EVN up 0.5% with lithium stocks falling as PLS dropped 5.0%. Uranium stocks stalled, BOE down 4.7% and DYL down 0.6%. Oil and gas mixed, WDS up 0.9%.In corporate news, PBH in a halt as BBT announced an off-market takeover. BCB crashed % after it announced a possible pause in operations due to prices and royalties.Nothing on the economic front locally. Japanese inflation rose more than anticipated. Asian markets better, Japan unchanged. China up 0.3% and HK up 1.0% 10-year yields 4.18%.Want to invest with Marcus Today? The Managed Strategy Portfolio is designed for investors seeking exposure to our strategy while we do the hard work for you.If you're looking for personal financial advice, our friends at Clime Investment Management can help. Their team of licensed advisers operates across most states, offering tailored financial planning services.  Why not sign up for a free trial? Gain access to expert insights, research, and analysis to become a better investor.

This week, what TLS contributors are reading this summer; and Catherine Taylor on a trio of novels highlighting the growing pains of adolescence.'Back in the Day', by Oliver Lovrenski, translated by Nichola Smalley'Fun and Games', by John Patrick McHugh'Girl, 1983', by Linn Ullmann, translated by Martin AitkenProduced by Charlotte Pardy Hosted on Acast. See acast.com/privacy for more information.

The ASX 200 dropped 7 points to 8541 (0.2%) as nerves crept back in on Iran/Israel issues. Trump flew back to Washington to handle the situation. G-7 now G-6. Banks slipped slightly, CBA down 0.2% and ANZ off 0.5%. The BIg Bank Basket down to $280.41(-0.2%). MQG slid 0.4% with REITs also lower except GMG up 1.1% and other financials mixed too. Industrials pretty much lower across the board, drifting rather than sold off, TCL off 0.8%, REA down 0.5% and TLS falling 0.2%. Retailers mixed, as were travel stocks. Tech wafting around too with the All-Tech Index up 0.2%. In resources, uranium and rare earths stocks back in the spotlight or should it be SPUT light, DYL up 5.7% and LOT up 11.4% with physical buying of spot and short covering still dominating. Gold miners recovered some of the losses yesterday on the Iranian uncertainty as bullion rose, NEM up 2.5% and NST recovered 1.5% after the UBS inspired sell off. Iron ore majors eased back as iron ore fell in Singapore trade again. Oil and gas stocks weakened slightly, STO up 0.5%. In corporate news, it was quiet, too quiet. Asian markets drifted around, Japan up 0.5%. HK off 0.5% and China unchanged.10-year yields steady at  4.25%.Want to invest with Marcus Today? The Managed Strategy Portfolio is designed for investors seeking exposure to our strategy while we do the hard work for you. If you're looking for personal financial advice, our friends at Clime Investment Management can help. Their team of licensed advisers operates across most states, offering tailored financial planning services.  Why not sign up for a free trial? Gain access to expert insights, research, and analysis to become a better investor.

Parce que… c'est l'épisode 0x600! Shameless plug 2 au 4 avril 2025 - Humaco 8 et 9 avril 2025 - Cybereco 10 au 18 mai 2025 - NorthSec 27 au 30 mai 2025 - Cycon 4 au 6 juin 2025 - SSTIC 12 au 17 octobre 2025 - Objective by the sea v8 10 au 12 novembre 2025 - IAQ - Le Rendez-vous IA Québec 17 au 20 novembre 2025 - European Cyber Week 25 et 26 février 2026 - SéQCure 2065 Description Introduction et contexte Le 600e épisode du podcast Policesécure réunit une assemblée d'experts en cybersécurité pour aborder un sujet particulièrement pertinent : l'obsec (operational security) personnel et la façon dont les professionnels de la sécurité gèrent leurs propres risques numériques. L'animateur Nicolas souligne d'emblée le paradoxe central de cette discussion : bien que ces experts conseillent quotidiennement leurs clients sur les meilleures pratiques de sécurité, ils admettent volontiers ne pas toujours appliquer ces recommandations dans leur vie personnelle. Cette conversation virtuelle rassemble des professionnels aux parcours variés : Vincent Milette (gestionnaire chez Air Canada), Guillaume Ross (expert en sécurité avec plus de 20 ans d'expérience), Samuel Harper (journaliste spécialisé), Dominique Derrier (consultant en cybersécurité), Catherine Dupont-Gagnon (spécialiste en sensibilisation), Alexandre Fournier (expert en continuité d'activité), Stéphane Laberge (professionnel chevronné) et Andréanne Bergeron (professeure associée à l'Université de Montréal). Les approches personnelles de la sécurité Vincent Milette : l'approche pragmatique Vincent adopte une perspective d'affaires même dans sa vie personnelle. Il privilégie la praticité et évite les solutions trop contraignantes qui pourraient affecter la flexibilité de sa famille. Sa stratégie repose sur la diversification : plusieurs navigateurs selon les contextes, utilisation de VPN pour certaines activités spécifiques, et adaptation aux besoins d'une famille où les niveaux techniques varient considérablement. Guillaume Ross : l'expert prudent mais réaliste Guillaume se distingue par sa rigueur concernant les mises à jour système et les sauvegardes. Il maintient un chiffrement systématique de ses données, qu'elles soient locales ou dans le cloud. Cependant, il avoue ne pas utiliser de VPN par paranoïa du WiFi public, préférant s'appuyer sur le chiffrement TLS généralisé. Son approche révèle une contradiction intéressante : parfois, trop de sécurité peut créer des vulnérabilités, comme il l'illustre avec l'anecdote de ses trois appareils dans le même sac contenant son gestionnaire de mots de passe. Samuel Harper : le journaliste pragmatique En tant que journaliste d'enquête, Samuel présente un cas d'usage particulier. Il utilise des VPN principalement pour ses recherches sur des infrastructures suspectes et maintient des comptes séparés pour ses investigations. Il souligne la difficulté pratique de maintenir un anonymat total, notamment concernant les numéros de téléphone anonymes, et prône une approche équilibrée entre sécurité et sanité mentale. Les autres approches Dominique se décrit comme “pourri” dans son obsec personnel malgré ses conseils professionnels. Catherine révèle les défis liés à son passé en marketing, où elle a construit une présence numérique importante avant de s'intéresser à la cybersécurité. Andréanne propose une philosophie intéressante : éviter la paranoïa excessive tout en maintenant une cohérence entre discours et pratique. Les anecdotes révélatrices L'incident de Catherine : un cas d'école de sécurité physique Catherine partage une anecdote particulièrement instructive de l'époque où elle animait un canal Twitch. En annonçant publiquement ses déplacements vers un café spécifique et en diffusant depuis son appartement avec une fenêtre visible, elle a involontairement fourni assez d'informations pour qu'un spectateur déduise son adresse exacte. Cette histoire illustre parfaitement comment l'ingénierie sociale et l'agrégation d'informations apparemment anodines peuvent compromettre la sécurité personnelle. Les désastres de sauvegarde Plusieurs participants partagent leurs expériences de pertes de données. Nicolas raconte avoir perdu des machines complètes à cause de clés de chiffrement perdues, tandis qu'Alexandre évoque sa “formation” précoce à l'importance des sauvegardes après avoir accidentellement supprimé des répertoires entiers sur un mainframe militaire, affectant 200 personnes passant un examen. La sécurité physique versus numérique La discussion révèle une dichotomie intéressante entre sécurité numérique et physique. Andréanne avoue une obsession pour la sécurité physique, cachant ses équipements dans des “pièces secrètes” et utilisant des leurres, contrastant avec son approche décontractée de la cybersécurité. Cette différence d'approche soulève des questions sur la perception des menaces et leur hiérarchisation. Les participants abordent également les défis pratiques des voyages : où laisser son passeport, comment gérer les appareils électroniques, l'utilisation des coffres-forts d'hôtel (généralement considérés comme peu fiables), et les précautions à prendre aux frontières. Les outils et leur utilisation Gestionnaires de mots de passe La conversation révèle des approches variées concernant les gestionnaires de mots de passe. Alors que la plupart utilisent des solutions classiques, Andréanne se distingue en utilisant un algorithme mental personnel pour générer ses mots de passe. Dominique utilise trois voûtes différentes selon le niveau de sensibilité des comptes. VPN et WiFi public Les avis divergent considérablement sur l'utilité des VPN. Guillaume argue que le chiffrement TLS généralisé rend les VPN moins critiques pour le WiFi public, tandis que d'autres les utilisent pour des cas spécifiques. La discussion souligne l'importance de comprendre la menace réelle plutôt que de suivre aveuglément des recommandations génériques. Passkeys et nouvelles technologies Les participants sont généralement optimistes concernant les passkeys, avec Sony PlayStation citée comme exemple positif d'implémentation, malgré des défis de récupération complexes. L'adoption reste limitée par la fragmentation entre les écosystèmes (Google, Apple, Microsoft). La fatigue sécuritaire et l'expérience utilisateur Un thème central émerge : la fatigue sécuritaire. Trop de mesures de sécurité peuvent conduire à l'abandon ou à des pratiques moins sûres. Les participants soulignent l'importance de l'expérience utilisateur dans l'adoption des bonnes pratiques. Les exemples incluent les sites bloquant le copier-coller de mots de passe, les demandes répétitives d'authentification, et les interfaces mal conçues qui poussent les utilisateurs vers des solutions moins sécurisées. Signal et la communication sécurisée La discussion sur “Signalgate” illustre les limites des outils de communication sécurisée. Signal offre un excellent chiffrement de bout en bout, mais ne protège pas contre les mauvaises pratiques d'utilisation ou les compromissions d'appareils. Les participants soulignent l'importance de comprendre ce que chaque outil protège réellement versus ce qu'il ne protège pas. Les menaces modernes et l'évaluation des risques Au-delà du hacker traditionnel Les participants identifient des menaces souvent négligées : la manipulation par la publicité ciblée, l'exploitation des données par des courtiers légitimes, et l'utilisation de ces informations par les forces de l'ordre sans mandat. Samuel souligne que cette collecte légale de données personnelles représente souvent une menace plus concrète que les cyberattaques traditionnelles. L'exemple des employés nord-coréens La discussion aborde le phénomène des employés nord-coréens infiltrant des entreprises occidentales, illustrant comment les processus de vérification d'identité pour les employés distants sont souvent moins rigoureux que ceux appliqués aux clients. Évolutions technologiques et perspectives Les participants notent plusieurs améliorations positives : 99% des connexions Chrome utilisent maintenant TLS, les gestionnaires de mots de passe sont intégrés dans les systèmes d'exploitation, et le chiffrement devient standard. Cependant, des défis persistent, notamment les paramètres par défaut souvent inadéquats et la complexité de maintenance de certaines solutions. Réflexions sur l'industrie et l'éducation La conversation révèle une autocritique de l'industrie de la sécurité : les experts reconnaissent leur difficulté à communiquer efficacement avec le grand public. Les conseils sont souvent trop techniques, contradictoires, ou inadaptés au modèle de menace réel des utilisateurs moyens. L'exemple du “carnet de mots de passe” illustre cette déconnexion : universellement critiqué par les experts, il peut pourtant être la solution la plus sécurisée pour certains utilisateurs. Conclusion Ce 600e épisode de Policesécure offre une perspective rafraîchissante et honnête sur la sécurité personnelle. En admettant leurs propres failles et contradictions, ces experts humanisent les défis de la cybersécurité. Leur message principal est clair : l'évaluation du risque doit précéder toute mesure de sécurité. Il ne s'agit pas d'atteindre la perfection sécuritaire, mais de trouver un équilibre praticable entre protection et fonctionnalité. La discussion souligne l'importance de contextualiser les conseils de sécurité selon le profil de menace réel de chaque individu, plutôt que d'appliquer une approche universelle. Elle met également en lumière les défis persistants de l'industrie pour rendre la sécurité accessible et compréhensible pour tous, tout en évitant la fatigue sécuritaire qui peut paradoxalement réduire le niveau de protection global. Collaborateurs Nicolas-Loïc Fortin Dominique Derrier Stéphane Laberge Andréanne Bergeron Catherine Dupont-Gagnon Samuel Harper Vincent Milette Guillaume Ross Alexandre Fournier Crédits Montage par Intrasecure inc Locaux virtuels par Riverside.fm

Fundamentals of Operating Systems Course https://oscourse.winktls is brilliant.TLS encryption/decryption often happens in userland. While TCP lives in the kernel. With ktls, userland can hand the keys to the kernel and the kernel does crypto. When calling write, the kernel encrypts the packet and send it to the NIC.When calling read, the kernel decrypts the packet and handed it to the userspace. This mode still taxes the host's CPU of course, so there is another mode where the kernel offloads the crypto to the NIC device! Host CPU becomes free. Incoming packets to the NIC are decrypted in device before they are DMAed to the kernel. outgoing packets are encrypted before they leave the NIC to the network.ktls still need handshake to happen in userspace. There is also enabling zerocopy in some cases (now that kernel has context) Deserves a video. So much good stuff.0:00 Intro2:00 Userspace SSL Libraries 3:00 ktls 6:00 Kernel Encrypts/Decrypts (TLS_SW)8:20 NIC offload mode (TLS_HW)10:15 NIC does it all (TLS_HW_RECORD)12:00 Write TX Example13:50 Read RX Example17:00 Zero copy (sendfile)https://docs.kernel.org/networking/tls-offload.html

In this interview, Lamorna Ash, author of Don't Forget We're Here Forever: A New Generation's Search for Religion, and one of my favourite modern writers, talked about working at the Times Literary Supplement, netball, M. John Harrison, AI and the future of religion, why we should be suspicious of therapy, the Anatomy of Melancholy, the future of writing, what surprised her in the Bible, the Simpsons, the joy of Reddit, the new Pope, Harold Bloom, New Atheism's mistakes, reading J.S. Mill. I have already recommended her new book Don't Forget We're Here Forever, which Lamorna reads aloud from at the end. Full transcript below.Uploading videos onto Substack is too complicated for me (it affects podcast downloads somehow, and the instructions to avoid this problem are complicated, so I have stopped doing it), and to upload to YouTube I have to verify my account but they told me that after I tried to upload it and my phone is dead, so… here is the video embedded on this page. I could quote the whole thing. Here's one good section.Lamorna: Which one would you say I should do first after The Sea, The Sea?Henry: Maybe The Black Prince.Lamorna: The Black Prince. Great.Henry: Which is the one she wrote before The Sea, The Sea and is just a massive masterpiece.Lamorna: I'll read it. Where do you stand on therapy? Do you have a position?Henry: I think on net, it might be a bad thing, even if it is individually useful for people.Lamorna: Why is that?Henry: [laughs] I didn't expect to have to answer the question. Basically two reasons. I think it doesn't take enough account of the moral aspect of the decisions being made very often. This is all very anecdotal and you can find yourself feeling better in the short term, but not necessarily in the long-- If you make a decision that's not outrageously immoral, but which has not had enough weight placed on the moral considerations.There was an article about how lots of people cut out relatives now and the role that therapy plays in that. What I was struck by in the article that was-- Obviously, a lot of those people are justified and their relatives have been abusive or nasty, of course, but there are a lot of cases where you were like, "Well, this is a long-term decision that's been made on a short-term basis." I think in 10 years people may feel very differently. There wasn't enough consideration in the article, at least I felt, given to how any children involved would be affected later on. I think it's a good thing and a bad thing.Lamorna: I'm so with you. I think that's why, because also the fact of it being so private and it being about the individual, and I think, again, there are certain things if you're really struggling with that, it's helpful for, but I think I'm always more into the idea of communal things, like AAA and NA, which obviously a very particular. Something about doing that together, that it's collaborative and therefore there is someone else in the room if you say, "I want to cut out my parent."There's someone else who said that happened to me and it was really hard. It means that you are making those decisions together a little bit more. Therapy, I can feel that in friends and stuff that it does make us, even more, think that we are these bounded individuals when we're not.Henry: I should say, I have known people who've gone to therapy and it's worked really well.Lamorna: I'm doing therapy right now and it is good. TranscriptHenry: Today I am talking to Lamorna Ash. Lamorna is one of the rising stars of her generation. She has written a book about a fishing village in Cornwall. She's written columns for the New Statesman, of which I'm a great admirer. She works for a publisher and now she's written a book called, Don't Forget, We're Here Forever: A New Generation's Search for Religion. I found this book really compelling and I hope you will go and read it right now. Lamorna, welcome.Lamorna Ash: Thank you for having me.Henry: What was it like when you worked at the Times Literary Supplement?Lamorna: It was an amazing introduction to mostly contemporary fiction, but also so many other forms of writing I didn't know about. I went there, I actually wrote a letter, handwritten letter after my finals, saying that I'd really enjoyed this particular piece that somehow linked the anatomy of melancholy to infinite jest, and being deeply, deeply, deeply pretentious, those were my two favorite books. I thought, well, I'll apply for this magazine. I turned up there as an intern. They happened to have a space going.My job was Christmas in that I just spent my entire time unwrapping books and putting them out for editors to swoop by and take away. I'd take on people's corrections. I'd start to see how the editorial process worked. I started reading. I somehow had missed contemporary fiction. I hadn't read people like Rachel Kask or Nausgaard. I was reading them through going to the fiction pages. It made me very excited. Also, my other job whilst I was there, was I had the queries email. You'd get loads of incredibly random emails, including things like, you are cordially invited to go on the Joseph Conrad cycle tour of London. I'd ask the office, "Does anyone want to do this?" Obviously, no one ever said yes.I had this amazing year of doing really weird stuff, like going on Joseph Conrad cycling tour or going to a big talk at the comic book museum or the new advertising museum of London. I loved it. I really loved it.Henry: What was the Joseph Conrad cycling tour of London like? That sounds-Lamorna: Oh, it was so good. I remember at one point we stopped on maybe it was Blackfriars Bridge or perhaps it was Tower Bridge and just read a passage from the secret agent about the boats passing underneath. Then we'd go to parts of the docks where they believe that Conrad stayed for a while, but instead it would be some fancy youth hostel instead.It was run by the Polish Society of London, I believe-- the Polish Society of England, I believe. Again, each time it was like an excuse then to get into that writer and then write a little piece about it for the TLS. I guess, it was also, I was slightly cutting my teeth on how to do that kind of journalism as well.Henry: What do you like about The Anatomy of Melancholy?Lamorna: Almost everything. I think the prologue, Democritus Junior to the Reader is just so much fun and naughty. He says, "I'm writing about melancholy in order to try and avoid melancholy myself." There's six editions of it. He spent basically his entire life writing this book. When he made new additions to the book, rather than adding another chapter, he would often be making insertions within sentences themselves, so it becomes more and more bloated. There's something about the, what's the word for it, the ambition that I find so remarkable of every single possible version of melancholy they could talk about.Then, maybe my favorite bit, and I think about this as a writer a lot, is there's a bit called the digression of air, or perhaps it's digression on the air, where he just suddenly takes the reader soaring upwards to think about air and you sort of travel up like a hawk. It's this sort of breathing moment for a reader where you go in a slightly different direction. I think in my own writing, I always think about digression as this really valuable bit of nonfiction, this sense of, I'm not just taking you straight the way along. I think it'd be useful to go sideways a bit too.Henry: That was Samuel Johnson's favorite book as well. It's a good choice.Lamorna: Was it?Henry: Yes. He said that it was the only book that would get him out of bed in the morning.Lamorna: Really?Henry: Because he was obviously quite depressive. I think he found it useful as well as entertaining, as it were. Should netball be an Olympic sport?Lamorna: [laughs] Oh, it's already going to be my favorite interview. I think the reason it isn't an Olympic-- yes, I have a vested interest in netball and I play netball once a week. I'm not very good, but I am very enthusiastic because it's only played mostly in the Commonwealth. It was invented a year after basketball as a woman-friendly version because women should not run with the ball in case they get overexerted and we shouldn't get too close to contacting each other in case we touch, and that's awful.It really is only played in the Commonwealth. I think the reason it won't become an Olympic sport is because it's not worldwide enough, which I think is a reasonable reason. I'm not, of all the my big things that I want to protest about and care about right now, making that an Olympic sport is a-- it's reasonably low on my list.Henry: Okay, fair enough. You are an admirer of M. John Harrison's fiction, is that right?Lamorna: Yes.Henry: Tell us what should we read and why should we read him?Lamorna: You Should Come With Me Now, is that what it's called? I know I reviewed one of his books years ago and thought it was-- because he's part of that weird sci-fi group that I find really interesting and they've all got a bit of Samuel Delany to them as well. I just remember there was this one particular story in that collection, I think in general, he's a master at sci-fi that doesn't feel in that Dune way of just like, lists of names of places. It somehow has this, it's very literary, it's very odd, it's deeply imaginative. It is like what I wanted adult fiction to be when I was 12 or something, that there's the way the fantasy and imagination works.I remember there was one about all these men, married men who were disappearing into their attics and their wives thought they were just tinkering. What they were doing was building these sort of translucent tubes that were taking them off out of the world. I remember just thinking it was great. His conceits are brilliant and make so much sense, whilst also always being at an interesting slant from reality. Then, I haven't read his memoir, but I hear again and again this anti-memoir he's written. Have you read that?Henry: No.Lamorna: Apparently that's really brilliant too. Then he also, writes those about climbing. He's actually got this one foot in the slightly travel nature writing sports camp. I just always thought he was magic. I remember on Twitter, he was really magic as well. I spent a lot of time following him.Henry: Are you optimistic or pessimistic about the future of writing and literature and books and this whole debate that's going on?Lamorna: It's hard to. I don't want to say anything fast and snappy because it's such a complicated thing. I could just start by saying personally, I'm worried about me and writing because I'm worried about my concentration span. I am so aware that in the same way that a piano player has to be practising the pieces they're going to play all the time. I think partly that's writing and writing, I seem to be able to do even with this broken, distracted form of attention I've got. My reading, I don't feel like I'm getting enough in. I think that means that what I produce will necessarily be less good if I can't solve that.I've just bought a dumb phone on the internet and I hope that's going to help me by no longer having Instagram and things like that. I think, yes, I suppose we do read a bit less. The generation below us is reading less. That's a shame. There's so much more possibility to go out and meet people from different places. On an anthropological level, I think anthropology has had this brilliant turn of becoming more subjective. The places you go, you have to think about your own relationship to them. I think that can make really interesting writing. It's so different from early colonial anthropology.The fact that, I guess, through, although even as I'm saying this, I don't know enough to say it, but I was going to say something about the fact that people, because we can do things like substacks and people can do short form content, maybe that means that more people's voices are getting heard and then they can, if they want to, transfer over and write books as well.I still get excited by books all the time. There's still so much good contemporary stuff that's thrilling me from all over the place. I don't feel that concerned yet. If we all do stop writing books entirely for a year and just read all the extraordinary books that have been happening for the last couple of thousand, we'd be okay.Henry: I simultaneously see the same people complaining that everything's dying and literature is over and that we have an oversupply of books and that capitalism is giving us too many books and that's the problem. I'm like, "Guys, I think you should pick one."Lamorna: [laughs] You're not allowed both those arguments. My one is that I do think it's gross, the bit of publishing that the way that some of these books get so oddly inflated in terms of the sales around them. Then, someone is getting a million pounds for a debut, which is enormous pressure on them. Then, someone else is getting 2K. I feel like there should be, obviously, there should be a massive cap on how large an advance anyone should get, and then more people will actually be able to stay in the world of writing because they won't have to survive on pitiful advances. I think that would actually have a huge impact and we should not be giving, love David Beckham as much as I do, we shouldn't be giving him five million pounds for someone else to go to write his books. It's just crazy.Henry: Don't the sales of books like that subsidize those of us who are not getting such a big advance?Lamorna: I don't think they always do. I think that's the problem is that they do have this wealth of funds to give to celebrities and often those books don't sell either. I still think even if those books sell a huge amount of money, those people still shouldn't be getting ridiculous advances like that. They still should be thinking about young people who are important to the literary, who are going to produce books that are different and surprising and whose voices we need to hear. That feels much more important.Henry: What do you think about the idea that maybe Anglo fiction isn't at a peak? I don't necessarily agree with that, but maybe we can agree that these are not the days of George Eliot and Charles Dickens, but the essay nonfiction periodicals and writing online, this is huge now. Right? Actually, our pessimism is sort of because we're looking in the wrong area and there are other forms of writing that flourish, actually doing great on the internet.Lamorna: Yes, I think so too. Again, I don't think I'm internet worldly enough to know this, but I still find these extraordinary, super weird substats that feel exciting. I also get an enormous amount of pleasure in reading Reddit now, which I only just got into many, many years late, but so many fun, odd things. Like little essays that people write and the way that people respond to each other, which is quick and sharp, and I suppose it fills the gap of what Twitter was.I think nonfiction, I was talking about this morning, because I'm staying with some writers, because we're sort of Cornish, book talk thing together and how much exciting nonfiction has come out this year that we want to read from the UK that is hybrid-y nature travel. Then internationally, I still think there's-- I just read, Perfection by Vincenzo, but there's enough translated fiction that's on the international book list this year that gets me delighted as well. To me, I just don't feel worried about that kind of thing at all when there's so much exciting stuff happening.I love Reddit. I think they really understand things that other people don't on there. I think it's the relief now that when you type in something to Google, you get the AI response. It's something like, it's so nice to feel on Reddit that someone sat down and answered you. Maybe that's such a shame that that's what makes me happy now, that we're in that space. It does feel like someone will tell you not just the answer, but then give you a bit about their life. Then, the particular tool that was passed down by their grandparents. That's so nice.Henry: What do you think of the new Pope?Lamorna: I thought it was because I'd heard all the thing around fat Pope, thin Pope, and obviously, our new Pope is maybe a sort of middle Pope, or at least is closer to Francis, but maybe a bit more palatable to some people. I guess, I'm excited that he's going to do, or it seems like he's also taking time to think, but he's good on migration on supporting the rights of immigrants. I think there's value in the fact of him being American as this being this counterpoint to what's happening in America right now. If feels always feels pointless to say because they're almost the idea of a Pope.I guess, Francis said that, who am I to judge about people being gay, but I think this Pope has so far has been more outly against gay people, but he stood up against JD Vance and his stupid thoughts on theology. I'm quietly optimistic. I guess I'm also waiting for Robert Harris's prophecy to come true and we get an intersex Pope next. Because I think that was prophecy, right? What he wrote.Henry: That would be interesting.Lamorna: Yes.Henry: The religious revival that people say is happening, particularly among young people, how is AI going to make it different than previous religious revivals?Lamorna: Oh, that's so interesting. Maybe first of all, question, sorry, I choked on my coffee. I was slightly questioned the idea if there is a religious revival, it's not actually an argument that I made in the book. When I started writing the book, there wasn't this quiet revival or this Bible studies and survey that suggests that more young people are going to church hadn't come out yet. I was just more, I guess, aware that there were a few people around me who were converting and I thought it'd be interesting if there's a few, there'll be more, which I think probably happens in every single generation, right? Is that that's one way to deal with the longing for meaning we all experience and the struggles in our lives.I was speaking to a New York Times journalist who was questioning the stats that have been coming out because first it's incredibly small pool. It's quite self-selecting that possibly there are people who might have gone to church already. It's still such a small uptick because it makes it hard to say anything definitive. I guess in general, what will the relationship be between AI and religion?I guess, there are so many ways you could go with that. One is that those spaces, religious spaces, are nicely insulated from technology. Not everywhere. Obviously, in some places they aren't, but often it's a space in which you put your phone away. In my head, the desire to go to church is as against having to deal with AI or having to deal with technology being integrated to every other aspect of my life.I guess maybe people will start worshiping the idea of the singularity. Maybe we'll get the singularity and Terminator, or the Matrix is going to happen, and we'll call them our gods because they will feel like gods. That's maybe one option. I don't know how AI-- I guess I don't know enough about AI that maybe you'll have AI, or does this happen? Maybe this has happened already that you could have an AI confession and you'd have an AI priest and they tell you--Henry: Sure. It's huge for therapy, right?Lamorna: Yes.Henry: Which is that adjacent thing.Lamorna: That's a good point. It does feel something about-- I'm sure, theologically, it's not supposed to work if you haven't been ordained, but can an AI be ordained, become a priest?Henry: IndeedLamorna: Could they do communion? I don't know. It's fascinating.Henry: I can see a situation where a young person lives in a secular environment or culture and is interested in things and the AI is the, in some ways, easiest place for them to turn to say, "I need to talk about-- I have these weird semi-religious feelings, or I'm interested." The AI's not going to be like, "Oh, really? That's weird." There's the question of will we worship AI or whatever, but also will we get people's conversions being shaped by their therapy/confessors/whatever chat with their LLM?Lamorna: Oh, it's so interesting. I read a piece recently in the LRB by James Vincent. It was about AI relationships, our relationship with AI, and he looked at AI girlfriends. There was this incredible case, maybe you read about it, about a guy who tried to kill the Queen some years back. His defense was that his AI girlfriend had really encouraged him to do that. Then, you can see the transcripts of the text, and he says, "I'm thinking about killing the Queen." His AI girlfriend is like, "Go for it, baby."It's that thing there of like, at the moment, AI is still reflecting back our own desires or refracting almost like shifting how they're expressed. I'm trying to imagine that in the same case of me saying, "I feel really lonely, and I'm thinking about Christianity." My friend would speak with all of their context and background, and whatever they've got going on for them. Whereas an AI would feel my desire there and go, "That's a good idea. It says online this." It's very straight. It would definitely lead us in directions that feel less than human or other than human.Henry: I also have this thought, you used to, I think you still do, but you see it less. You used to get a Samaritan's Bible in every hotel. The Samaritans, will they start trying to install a religious chatbot in places where people--? There are lots of ways in which you could use it as a distribution mechanism.Lamorna: Which does feel so far from the point. Not to think about the gospels, but that feeling of something I talk about in the book is that, so much of it is human contact. Is that this factor of being changed in the moment, person to person. If I have any philosophy for life at the moment is this sense of desperately needing contact that we are saved by each other all the time, not by our telephones and things that aren't real. It's the surprise.I quote it in the book, but Iris Murdoch describes love is the very difficult realization that someone other than yourself is real. I think that's the thing that makes us all survive, is that reminder that if you're feeling deeply depressed, being like, there is someone else that is real, and they have a struggle that matters as much as mine. I think that's something that you are never going to get through a conversation with a chatbot, because it's like a therapeutic thing. You are not having to ask it the same questions, or you are not having to extend yourself to think about someone else in those conversations.Henry: Which Iris Murdoch novels do you like?Lamorna: I've only read The Sea, The Sea, but I really enjoyed it. Which ones do you like?Henry: I love The Sea, The Sea, and The Black Prince. I like the late books, like The Good Apprentice and The Philosopher's Pupil, as well. Some people tell you, "Don't read those. They're late works and they're no good," but I was obsessed. I was absolutely compelled, and they're still all in my head. They're insane.Lamorna: Oh, I must, because I've got a big collection of her essays. I'm thinking is so beautiful, her philosophical thought. It's that feeling, I know I'm going the wrong-- starting in the wrong place, but I do feel that she's someone I'd really love to explore next, kind of books.Henry: I think you'd like her because she's very interested in the question of, can therapy help, can philosophy help, can religion help? She's very dubious about therapy and philosophy, and she is mystic. There are queer characters and neurodivergent characters. For a novelist in the '70s, you read her now and you're like, "Well, this is all just happening now."Lamorna: Cool.Henry: Maybe we should be passing these books out. People need this right now.Lamorna: Which one would you say I should do first after The Sea, The Sea?Henry: Maybe The Black Prince.Lamorna: The Black Prince. Great.Henry: Which is the one she wrote before The Sea, The Sea and is just a massive masterpiece.Lamorna: I'll read it. Where do you stand on therapy? Do you have a position?Henry: I think on net, it might be a bad thing, even if it is individually useful for people.Lamorna: Why is that?Henry: [laughs] I didn't expect to have to answer the question. Basically two reasons. I think it doesn't take enough account of the moral aspect of the decisions being made very often. This is all very anecdotal and you can find yourself feeling better in the short term, but not necessarily in the long-- If you make a decision that's not outrageously immoral, but which has not had enough weight placed on the moral considerations.There was an article about how lots of people cut out relatives now and the role that therapy plays in that. What I was struck by in the article that was-- Obviously, a lot of those people are justified and their relatives have been abusive or nasty, of course, but there are a lot of cases where you were like, "Well, this is a long-term decision that's been made on a short-term basis." I think in 10 years people may feel very differently. There wasn't enough consideration in the article, at least I felt, given to how any children involved would be affected later on. I think it's a good thing and a bad thing.Lamorna: I'm so with you. I think that's why, because also the fact of it being so private and it being about the individual, and I think, again, there are certain things if you're really struggling with that, it's helpful for, but I think I'm always more into the idea of communal things, like AAA and NA, which obviously a very particular. Something about doing that together, that it's collaborative and therefore there is someone else in the room if you say, "I want to cut out my parent."There's someone else who said that happened to me and it was really hard. It means that you are making those decisions together a little bit more. Therapy, I can feel that in friends and stuff that it does make us, even more, think that we are these bounded individuals when we're not.Henry: I should say, I have known people who've gone to therapy and it's worked really well.Lamorna: I'm doing therapy right now and it is good. I think, in my head, it's like it should be one among many and I still question it whilst doing it.Henry: To the extent that there is a religious revival among "Gen Z," how much is it because they have phones? Because you wrote something like, in fact, I have the quote, "There's a sense of terrible tragedy. How can you hold this constant grief that we feel, whether it's the genocide in Gaza or climate collapse? Where do I put all the misery that I receive every single second through my phone? Church can then be a space where I can quietly go and light a candle." Is it that these young people are going to religion because the phone has really pushed a version of the world into their faces that was not present when I was young or people are older than me?Lamorna: I think it's one of, or that the phone is the symptom because the phone, whatever you call it, technology, the internet, is the thing that draws the world closer to us in so many different ways. One being that this sense of being aware of what's happening around in other places in the world, which maybe means that you become more tolerant of other religions because you're hearing about it more. That, on TikTok, there's loads of kids all across the world talking about their particular faiths and their background and which aspera they're in, and all that kind of thing.Then, this sense of horror being very unavoidable that you wake up and it is there and you wake up and you think, "What am I doing? What am I doing here? I feel completely useless." Perhaps then you end up in a church, but I'm not sure.I think a bigger player in my head is the fact that we are more pluralistic as societies. That you are more likely to encounter other religions in schools. I think then the question is, well then maybe that'll be valuable for me as well. I think also, not having parents pushing religion on you makes kids, the fact of the generation above the British people, your parents' generations, not saying religion is important, you go to church, then it becomes something people can become more curious about in their own right as adults. I think that plays into it.I think isolation plays into it and that's just not about technology and the phone, but that's the sense of-- and again, I'm thinking about early 20s, mid 20s, so adults who are moving from place to place, who maybe feel very isolated and alone, who are doing jobs that make them feel isolated and alone, and there are this dearth of community spaces and then thinking, well, didn't people used to go to churches, it would be so nice to know someone older than me.I don't know how this fits in, but I was thinking about, I saw this documentary, The Encampments, like two days ago, which is about the Columbia University encampments and within that, Mahmood Khalil, who's the one who's imprisoned at the moment, who was this amazing leader within the movement and is from Palestine. The phone in that, the sense about how it was used to gather and collect people and keep people aware of what's happening and mean that everyone is more conscious and there's a point when they need more people in the encampments because the police are going to come. It's like, "Everyone, use your phone, call people now." I think I can often be like, "Oh no, phones are terrible," but this sense within protest, within communal activity, how valuable they can be as well.I haven't quite gotten into that thought. I don't know, basically. I think it's so hard. I've grown up with a phone. I have no sense of how much it plays a part in everything about me, but obviously, it is a huge amount. I do think it's something that we all think about and are horrified by whilst also seeing it as like this weird extension of ourselves. That definitely plays into then culturally, the decisions we make to either try and avoid them, find spaces where you can be without them.Henry: How old do you think a child should be when they're first given a phone? A smartphone, like an iPhone type thing?Lamorna: I think, 21.Henry: Yes?Lamorna: No, I don't know. I obviously wouldn't know that about a child.Henry: I might.Lamorna: I'd love to. I would really love to because, I don't know, I have a few friends who weren't allowed to watch TV until they were 18 and they are eminently smarter than me and lots of my other friends. There's something about, I don't know, I hate the idea that as I'm getting older, I'm becoming more scaremongering like, "Oh no, when I was young--" because I think my generation was backed in loads of ways. This thing of kids spending so much less time outside and so much less time being able to imagine things, I think I am quite happy to say that feels like a terrible loss.I read a piece recently about kids in New York and I think they were quite sort of middle-class Brooklyn-y kids, but they choose to go days without their phones and they all go off into the forest together. There is this sense of saying giving kids autonomy, but at the same time, their relationship with a phone is not one of agency. It's them versus tech bros who have designed things that are so deeply addictive, that no adult can let go of it. Let alone a child who's still forming how to work out self-control, discipline and stuff. I think a good parenting thing would be to limit massively these completely non-neutral objects that they're given, that are made like crack and impossible to let go of.Henry: Do you think religious education in schools should be different or should there be more of it?Lamorna: Yes, I think it should be much better. I don't know about you, but I just remember doing loads of diagrams of different religious spaces like, "This is what a mosque looks like," and then I'd draw the diagram. I knew nothing. I barely knew the difference between the Old Testament and the New Testament. In fact, I probably didn't as a teenager.I remember actually in sixth form, having this great philosophy teacher who was talking about the idea of proto antisemitism within the gospels. I was like, "Wait, what?" Because I just didn't really understand. I didn't know that it was in Greek, that the Old Testament was in Hebrew. I just didn't know. I think all these holy texts that we've been carrying with us for thousands of years across the world have so much in them that's worth reading and knowing.If I was in charge of our R.E., I would get kids to write on all holy texts, but really think about them and try and answer moral problems. You'd put philosophy back with religion and really connect them and think, what is Nietzsche reacting against? What does Freud about how is this form of Christianity different like this? I think that my sense is that since Gove, but also I'm sure way before that as well, the sense of just not taking young people seriously, when actually they're thoughtful, intelligent and able to wrestle with these things, it's good for them to have know what they're choosing against, if they're not interested in religion.Also, at base, those texts are beautiful, all of them are, and are foundational and if you want to be able to study English or history to know things about religious texts and the practices of religion and how those rituals came about and how it's changed over thousands of years, feels important.Henry: Which religious poets do you like other than Hopkins? Because you write very nicely about Hopkins in the book.Lamorna: He's my favorite. I like John Donne a lot. I remember reading lots of his sermons and Lancelot Andrews' sermons at university and thinking they were just astonishingly beautiful. There are certain John Donne sermons and it's this feeling of when he takes just maybe a line from one of Paul's letters and then is able to extend it and extend it, and it's like he's making it grow in material or it's like it's a root where suddenly all these branches are coming off it.Who else do I like? I like George Herbert. Gosh, my brain is going in terms of who else was useful when I was thinking about. Oh it's gone.Henry: Do you like W.H. Auden?Lamorna: Oh yes. I love Auden, yes. I was rereading his poems about, oh what's it called? The one about Spain?Henry: Oh yes.Lamorna: About the idea of tomorrow.Henry: I don't have a memory either, but I know the poem you mean, yes.Lamorna: Okay. Then I'm trying to think of earlier religious poets. I suppose things like The Dream of the Rood and fun ways of getting into it and if you're looking at medieval poetry.Henry: I also think Betjeman is underrated for this.Lamorna: I've barely read any Betjeman.Henry: There's a poem called Christmas. You might like it.Lamorna: Okay.Henry: It's this famous line and is it true and is it true? He really gets into this thing of, "We're all unwrapping tinsely presents and I'm sitting here trying to work out if God became man." It's really good. It's really good. The other one is called Norfolk and again, another famous line, "When did the devil first attack?" It talks about puberty as the arrival of the awareness of sin and so forth.Lamorna: Oh, yes.Henry: It's great. Really, really good stuff. Do you personally believe in the resurrection?Lamorna: [chuckles] I keep being asked this.Henry: I know. I'm sorry.Lamorna: My best answer is sometimes. Because I do sometimes in that way that-- someone I interviewed who's absolutely brilliant in the book, Robert, and he's a Cambridge professor. He's a pragmatist and he talks about the idea of saying I'm a disciplined person means nothing unless you're enacting that discipline daily or it falls away. For him, that belief in a Kierkegaardian leap way is something that needs to be reenacted in every moment to say, I believe and mean it.I think there are moments when my church attendance is better and I'm listening to a reading that's from Acts or whatever and understanding the sense of those moments, Paul traveling around Europe and Asia Minor, only because he fully believed that this is what's happened. Those letters and as you're reading those letters, the way I read literature or biblical writing is to believe in that moment because for that person, they believe too. I think there are points at which the resurrection can feel true to me, but it does feel like I'm accessing that idea of truth in a different way than I am accessing truth about-- it's close to how I think about love as something that's very, very real, but very different from experiential feelings.I had something else I wanted to say about that and it's just gone. Oh yes. I was at Hay Festival a couple of weeks ago. Do you know the Philosopher Agnes Callard?Henry: Oh, sure.Lamorna: She gave a really great talk about Socrates and her love of Socrates, but she also came to my talk and she and her husband, who I think met through arguing about Aristotle, told me they argued for about half a day about a line I'd said, which was that during writing the book, I'd learned to believe in the belief of other people, her husband was like, "You can't believe in the belief of other people if you don't believe it too. That doesn't work. That doesn't make sense." I was like, "That's so interesting." I can so feel that if we're taking that analytically, that if I say I don't believe in the resurrection, not just that I believe you believe it, but I believe in your belief in the resurrection. At what point is that any different from saying, I believe in the resurrection. I feel like I need to spend more time with it. What the slight gap is there that I don't have that someone else does, or as I say it, do I then believe in the resurrection that moment? I'm not sure.I think also what I'm doing right now is trying to sound all clever with it, whereas for other people it's this deep ingrained truth that governs every moment of their life and that they can feel everywhere, or perhaps they can't. Perhaps there's more doubt than they suggest, which I think is the case with lots of us. Say on the deathbed, someone saying that they fully believe in the resurrection because that means there's eternal salvation, and their family believe in that too. I don't think I have that kind of certainty, but I admire it.Henry: Tell me how you got the title for this book from an episode of The Simpsons.Lamorna: It's really good app. It's from When Maggie Makes Three, which is my favorite episode. I think titles are horribly hard. I really struck my first book. I would have these sleepless nights just thinking about words related to the sea, and be like, blue something. I don't know. There was a point where my editor wanted to call it Trawler Girl. I said, "We mustn't. That's awful. That's so bad. It makes me sound like a terrible superhero. I'm not a girl, I'm a woman."With this one, I think it was my fun title for ages. Yes, it's this plaque that Homer has put-- Mr. Burns puts up this plaque to remind him that he will never get to leave the power plant, "Don't forget you're here forever."I just think it's a strong and bonkers line. I think it had this element of play or silliness that I wanted, that I didn't think about too hard. I guess that's an evangelical Christian underneath what they're actually saying is saying-- not all evangelicals, but often is this sense of no, no, no, we are here forever. You are going to live forever. That is what heaven means.That sense of then saying it in this jokey way. I think church is often very funny spaces, and funny things happen. They make good comedy series when you talk about faith.Someone's saying she don't forget we're here forever. The don't forget makes it so colloquial and silly. I just thought it was a funny line for that reason.Then also that question people always ask, "Is religion going to die out?" I thought that played into it. This feeling that, yes, I write about it. There was a point when I was going to an Extinction Rebellion protest, and everyone was marching along with that symbol of the hourglass inside a circle next to a man who had a huge sign saying, "Stop, look, hell is real, the end of the world is coming." This sense of different forms of apocalyptic thinking that are everywhere at the moment. I felt like the title worked for that as well.Henry: I like that episode of The Simpsons because it's an expression of an old idea where he's doing something boring and his life is going to slip away bit by bit. The don't forget you're here forever is supposed to make that worse, but he turns it round into the live like you're going to die tomorrow philosophy and makes his own kind of meaning out of it.Lamorna: By papering it over here with pictures of Maggie. They love wordplay, the writers of The Simpsons, and so that it reads, "Do it for her," instead. That feeling of-- I think that with faith as well of, don't forget we're here forever, think about heaven when actually so much of our life is about papering it over with humanity and being like, "Does it matter? I'm with you right now, and that's what matters." That immediacy of human contact that church is also really about, that joy in the moment. Where it doesn't really matter in that second if you're going to heaven or hell, or if that exists. You're there together, and it's euphoric, or at least it's a relief or comforting.Henry: You did a lot of Bible study and bible reading to write this book. What were the big surprises for you?Lamorna: [chuckles] This is really the ending, but revelation, I don't really think it's very well written at all. It shouldn't be in there, possibly. It's just not [unintelligible 00:39:20] It got added right in the last minute. I guess it should be in there. I just don't know. What can I say?So much of it was a surprise. I think slowly reading the Psalms was a lovely surprise for me because they contain so much uncertainty and anguish, and doubt. Imagining those being read aloud to me always felt like a very exciting thing.Henry: Did you read them aloud?Lamorna: When I go to more Anglo Catholic services, they tend to do them-- I never know how to pronounce this. Antiphonally.Henry: Oh yes.Lamorna: Back and forth between you. It's very reverential, lovely experience to do that. I really think I was surprised by almost everything I was reading. At the start of Kierkegaard's Fear and Trembling, he does this amazing thing where he does four different versions of what could be happening in the Isaac and Abraham story underneath.There's this sense of in the Bible, and I'm going to get this wrong, but in Mimesis, Auerbach talks about the way that you're not given the psychological understanding within the Bible. There's so much space for readers to think with, because you're just being told things that happened, and the story moves on quickly, moment by moment. With Isaac and Abraham, what it would mean if Isaac actually had seen the fact that his father was planning to kill him. Would he then lose his faith? All these different scenarios.I suddenly realised that the Bible was not just a fixed text, but there was space to play with it as well. In the book, I use the story of Jacob and the angel and play around with the meaning of that and what would happen after this encounter between Jacob and an angel for both of them.Bits in the Gospels, I love the story of the Gerasene Demoniac. He was a knight. He was very unwell, and no one knew what to do with him. He was ostracised from his community. He would sit in this cave and scream and lacerate himself against the cave walls. Then Jesus comes to him and speaks to him and speaks to the demons inside him. There's this thing in Mark's Gospel that Harold Bloom talks about, where only demons are actually able to perceive. Most people have to ask Christ who he really is, but demons can perceive him immediately and know he's the son of God.The demons say that they are legion. Then Jesus puts them into 1,000 pigs. Is it more? I can't remember. Then they're sent off over the cliff edge. Then the man is made whole and is able to go back to his community. I just think there's just so much in that. It's so rich and strange. I think, yes, there's something about knowing you could sit down and just read a tiny bit of the Bible and find something strange and unusual that also might speak to something you've read that's from thousands of years later.I also didn't know that in Mark's Gospel, the last part of it is addended, added on to it. Before that, it ended with the women being afraid, seeing the empty tomb, but there's no resolution. There's no sense of Christ coming back as spirit. It ended in this deep uncertainty and fear. I thought that was so fascinating because then again, it reminds you that those texts have been played around with and thought with, and meddled with, and changed over time. It takes away from the idea that it's fixed and certain, the Bible.Henry: What did you think of Harold Bloom's book The Shadow of a Great Rock?Lamorna: I really loved it. He says that he treats Shakespeare more religiously and the Bible more like literature, which I found a funny, irreverent thing to say. There's lovely stuff in there where, I think it was Ruth, he was like, maybe it was written by a woman. He takes you through the different Hebrew writers for Genesis. Which again, becoming at this as such a novice in so many ways, realising that, okay, so when it's Yahweh, it's one particular writer, there's the priestly source for particular kinds of writing. The Yahwist is more ironic, or the God you get is more playful.That was this key into thinking about how each person trying to write about God, it's still them and their sense of the world, which is particular and idiosyncratic is forming the messages that they believe they're receiving from God. I found that exciting.Yes, he's got this line. He's talking about the blessings that God gives to men in Genesis. He's trying to understand, Bloom, what the meaning of a blessing is. He describes it as more life into a time without boundaries. That's a line that I just found so beautiful, and always think about what the meaning of that is. I write it in the book.My best friend, Sammy, who's just the most game person in the world, that you tell them anything, they're like, "Cool." I told them that line. They were like, "I'm getting it tattooed on my arm next week." Then got me to write in my handwriting. I can only write in my handwriting, but write down, "More time into life without boundaries." Now they've just got it on their arm.Henry: Nice.Lamorna: I really like. They're Jewish, non-practicing. They're not that really interested in it. They were like, "That's a good line to keep somewhere."Henry: I think it's actually one of Bloom's best books. There's a lot of discussion about, is he good? Is he not good? I love that book because it really just introduces people to the Bible and to different versions of the Bible. He does all that Harold Bloom stuff where he's like, "These are the only good lines in this particular translation of this section. The rest is so much dross.He's really attentive to the differences between the translations, both theologically but also aesthetically. I think a lot of people don't know the Bible. It's a really good way to get started on a-- sitting down and reading the Bible in order. It's going to fail for a lot of people. Harold Bloom is a good introduction that actually gives you a lot of the Bible itself.Lamorna: For sure, because it's got that midrash feeling of being like someone else working around it, which then helps you get inside it. I was reading that book whilst going to these Bible studies at a conservative evangelical church called All Souls. I wasn't understanding what on earth was going on in Mark through the way that we're being told to read it, which is kids' comprehension.Maybe it was useful to think about why would the people have been afraid when Christ quelled the storms? It was doing something, but there was no sense of getting inside the text. Then, to read alongside that, Bloom saying that the Christ in Mark is the most unknowable of all the versions of Christ. Then again, just thinking, "Oh, hang on." There's an author. The author of Mark's gospel is perceiving Christ in a particular way. This is the first of the gospels writing about Christ. What does it mean? He's unknowable. Suddenly thinking of him as a character, and therefore thinking about how people are relating to him. It totally cracks the text open for you.Henry: Do you think denominational differences are still important? Do most people have actual differences in dogma, or are they just more cultural distinctions?Lamorna: They're ritual distinctions. There really is little that you could compare between a Quaker meeting and a Catholic service. That silence is the fundamental aspect of all of it. There's a sense of enlighten.My Quaker mate, Lawrence, he's an atheist, but he wouldn't go to another church service because he's so against the idea of hierarchy and someone speaking from a pulpit. He's like, honestly, the reincarnated spirit of George Fox in many ways, in lots of ways he's not.I guess it becomes more blurry because, yes, there's this big thing in the early 20th century in Britain anyway, where the line that becomes more significant is conservative liberal. It's very strange that that's how our world gets divided. There's real simplification that perhaps then, a liberal Anglican church and a liberal Catholic church have more in relationship than a conservative Catholic church and a conservative evangelical church. The line that is often thinking about sexuality and marriage.I was interested, people have suddenly was called up in my book that I talk about sex a lot. I think it's because sex comes up so much, it feels hard not to. That does seem to be more important than denominational differences in some ways. I do think there's something really interesting in this idea of-- Oh, [unintelligible 00:48:17] got stung. God, this is a bit dramatic. Sorry, I choked on coffee earlier. Now I'm going to get stung by a bee.Henry: This is good. This is what makes a podcast fun. What next?Lamorna: You don't get this in the BBC studios. Maybe you do. Oh, what was I about to say? Oh, yes. I like the idea of church shopping. People saying that often it speaks to the person they are, what they're looking for in a church. I think it's delightful to me that there's such a broad church, and there's so many different spaces that you can go into to discover the church that's right for you. Sorry. I'm really distracted by this wasp or bee. Anyway.Henry: How easy was it to get people to be honest with you?Lamorna: I don't know. I think that there's certain questions that do tunnel right through to the heart of things. Faith seems to be one of them. When you talk about faith with people, you're getting rid of quite a lot of the chaff around with the politeness or whatever niceties that you'd usually speak about.I was talking about this with another friend who's been doing this. He's doing a play about Grindr. He was talking about how strange it is that when you ask to interview someone and you have a dictaphone there, you do get a deeper instant conversation. Again, it's a bit like a therapeutic conversation where someone has said to you, "I'm just going to sit and listen." You've already agreed, and you know it's going to be in a book. "Do you mind talking about this thing?"That just allows this opportunity for people to be more honest because they're aware that the person there is actually wanting to listen. It's so hard to create spaces. I create a cordon and say, "We're going to have a serious conversation now." Often, that feels very artificial. I think yes, the beauty of getting to sit there with a dictaphone on your notebook is you are like, "I really am interested in this. It really matters to me." I guess it feels easy in that way to get honesty.Obviously, we're all constructing a version of ourselves for each other all the time. It's hard for me to know to what extent they're responding to what they're getting from me, and what they think I want to hear. If someone else interviewed them, they would probably get something quite different. I don't know. I think if you come to be with openness, and you talk a bit about your journey, then often people want to speak about it as well.I'm trying to think. I've rarely interviewed someone where I haven't felt this slightly glowy, shimmery sense of it, or what I'm learning feels new and feels very true. I felt the same with Cornish Fisherman, that there was this real honesty in these conversations. Many years ago, I remember I got really obsessed with interviewing my mom. I think I was just always wanting to practice interviewing. The same thing that if there's this object between you, it shifts the dimensions of the conversation and tends towards seriousness.Henry: How sudden are most people's conversions?Lamorna: Really depends. I was in this conversation with someone the other day. When she was 14, 15, she got caught shoplifting. She literally went, "Oh, if there's a God up there, can you help get me out of the situation?" The guy let her go, and she's been a Christian ever since. She had an instantaneous conversion. Someone I interviewed in the book, and he was a really thoughtful card-carrying atheist. He had his [unintelligible 00:51:58] in his back pocket.He hated the Christians and would always have a go at them at school because he thought it was silly, their belief. Then he had this instant conversion that feels very charismatic in form, where he was just walking down an avenue of trees at school, and he felt the entire universe smiling at him and went, "Oh s**t, I better become a Christian."Again, I wonder if it depends. I could say it depends on the person you are, whether you are capable of having an instant conversion. Perhaps if I were in a religious frame of mind, I'd say it depends on what God would want from you. Do you need an instant conversion, or do you need to very slowly have the well filling up?I really liked when a priest said to me that people often go to church and expect to be changed in a moment. He's like, "No, you have to go for 20 years before anything happens." Something about that slow incremental conversion to me is more satisfying. It's funny, I was having a conversation with someone about if they believe in ghosts, and they were like, "Well, if I saw one, then I believe in ghosts." For some people, transcendental things happen instantaneously, and it does change them ultimately instantly.I don't know, I would love to see some stats about which kinds of conversions are more popular, probably more instant ones. I love, and I use it in the book, but William James' Varieties of Religious Experience. He talks about there's some people who are sick-souled or who are also more porous bordered people for whom strange things can more easily cross the borders of their person. They're more likely to convert and more likely to see things.I really like him describing it that way because often someone who's like that, it might just be described as well, you have a mental illness. That some people are-- I don't know, they've got sharper antennae than the rest of us. I think that is an interesting thought for why some people can convert instantly.Henry: I think all conversions take a long time. At the moment, there's often a pivotal moment, but there's something a long time before or after that, that may or may not look a conversion, but which is an inevitable part of the process. I'm slightly obsessed with the idea of quests, but I think all conversions are a quest or a pilgrimage. Your book is basically a quest narrative. As you go around in your Toyota, visiting these places. I'm suspicious, I think the immediate moment is bundled up with a longer-term thing very often, but it's not easy to see it.Lamorna: I love that. I've thought about the long tail afterwards, but I hadn't thought about the lead-up, the idea of that. Of what little things are changing. That's such a lovely thought. Their conversions began from birth, maybe.Henry: The shoplifter, it doesn't look like that's where they're heading. In retrospect, you can see that there weren't that many ways out of this path that they're on. Malcolm X is like this. One way of reading his autobiography is as a coming-of-age story. Another way of reading it is, when is this guy going to convert? This is going to happen.Lamorna: I really like that. Then there's also that sense of how fixed the conversion is, as well, from moment to moment. That Adam Phillips' book on wanting to change, he talks about our desire for change often outstrips our capacity for change. That sense of how changed am I afterwards? How much does my conversion last in every moment? It goes back to the do you believe in the resurrection thing.I find that that really weird thing about writing a book is, it is partly a construction. You've got the eye in there. You're creating something that is different from your reality and fixed, and you're in charge of it. It's stable, it remains, and you come to an ending. Then your life continues to divert and deviate in loads of different ways. It's such a strange thing in that way. Every conversion narrative we have fixed in writing, be it Augustine or Paul, whatever, is so far from the reality of that person's experience.Henry: What did the new atheists get wrong?Lamorna: Arrogance. They were arrogant. Although I wonder, I guess it was such a cultural moment, and perhaps in the same way that everyone is in the media, very excitedly talking about revival now. There was something that was created around them as well, which was delight in this sense of the end of something. I wonder how much of that was them and how much of it was, they were being carried along by this cultural media movement.I suppose the thing that always gets said, and I haven't read enough Dawkins to say this with any authority, but is that the form of religion that he was attempting to denigrate was a very basic form of Christianity, a real, simplified sense. That he did that with all forms of religion. Scientific progress shows us we've progressed beyond this point, and we don't need this, and it's silly and foolish.I guess he underestimated the depth and richness of religion, and also the fact of this idea of historical progress, when the people in the past were foolish, when they were as bright and stupid as we are now.Henry: I think they believed in the secularization idea. People like Rodney Stark and others were pointing out that it's not really true that we secularized a lot more consistency. John Gray, the whole world is actually very religious. This led them away from John Stuart Mill-type thinking about theism. I think everyone should read more John Stuart Mill, but they particularly should have read the theism essays. That would have been--Lamorna: I've only just got into him because I love the LRB Close Reading podcast. It's Jonathan Rée and James Wood. They did one on John Stuart Mill's autobiography, which I've since been reading. It's an-Henry: It's a great book.Lamorna: -amazing book. His crisis is one of-- He says, "The question of religion is not something that has been a part of my life, but the sense of being so deeply learned." His dad was like, "No poetry." In his crisis moment, suddenly realizing that that's what he needed. He was missing feeling, or he was missing a way of looking at the world that had questioning and doubt within it through poetry.There was a bit in the autobiography, and he talks about when he was in this deep depression, whenever he was at 19 or something. That he was so depressed that he thought if there's a certain number of musical notes, one day there will be no more new music because every single combination will have been done. The sense of, it's so sweetly awful thinking, but without the sense-- I'm not sure what I'm trying to say here.I found his crisis so fascinating to read about and how he comes out of that through this care and attention of beautiful literature and thinking, and through his love of-- What was his wife called again?Henry: Harriet.Lamorna: Harriet. He credits her for almost all his thinking. He wouldn't have moved towards socialism without her. Suddenly, humans are deeply important to him. He feels sorry for the fact that his dad could not express love or take love from him, and that that was such a terrible deficiency in his life.Henry: Mill's interesting on religion because he looks very secular. In fact, if you read his letters, he's often going into churches.Lamorna: Oh, really?Henry: Yes, when he's in Italy, because he had tuberculosis. He had to be abroad a lot. He's always going to services at Easter and going into the churches. For a secular person, he really appreciates all these aspects of religion. His stepdaughter was-- there's a diary of hers in their archives. She was very religious, very intense. As a young woman, when she's 16, 17, intensely Catholic or Anglo-Catholic. Really, it's quite startling.I was reading this thing, and I was like, "Wait, who in the Mill household is writing this? This is insane." There are actually references in his letters where he says, "Oh, we'll have to arrive in time for Good Friday so that she can go to church." He's very attentive to it. Then he writes these theism essays, right at the end of his life. He's very open-minded and very interrogatory of the idea. He really wants to understand. He's not a new atheist at all.Lamorna: Oh, okay. I need to read the deism essays.Henry: You're going to love it. It's very aligned. What hymns do you like?Lamorna: Oh, no.Henry: You can be not a hymn person.Lamorna: No. I'm not a massive hymn person. When I'm in church, the Anglican church that I go to in London now, I always think, "Remember that. That was a really nice one." I like to be a pilgrim. I really don't have the brain that can do this off the cuff. I'm not very musically. I'm deeply unmusical.There was one that I was thinking of. I think it's an Irish one. I feel like I wrote this down at one point, because I thought I might be asked in another interview. I had to write down what I thought in case a hymn that I liked. Which sounds a bit like a politician, when they're asked a question, they're like, "I love football." I actually can't think of any. I'm sorry.Henry: No, that's fine.Lamorna: What are your best? Maybe that will spark something in me.Henry: I like Tell Out My Soul. Do you know that one?Lamorna: Oh, [sings] Tell Out My Soul. That's a good one.Henry: If you have a full church and people are really going for it, that can be amazing. I like all the classics. I don't have any unusual choices. Tell Out My Soul, it's a great one. Lamorna Ash, this has been great. Thank you very much.Lamorna: Thank you.Henry: To close, I think you're going to read us a passage from your book.Lamorna: I am.Henry: This is near the end. It's about the Bible.Lamorna: Yes. Thank you so much. This has definitely been my favourite interview.Henry: Oh, good.Lamorna: I really enjoyed it. It's really fun.Henry: Thank you.Lamorna: Yes, this is right near the end. This is when I ended up at a church, St Luke's, West Holloway. It was a very small 9:00 AM service. Whilst the priest who'd stepped in to read because the actual priest had left, was reading, I just kept thinking about all the stories that I'd heard and wondering about the Bible and how the choices behind where it ends, where it ends.I don't think I understand why the Bible ends where it does. The final lines of the book of Revelation are, "He who testifies to these things says, Yes, I am coming soon. Amen. Come, Lord Jesus, the grace of the Lord Jesus be with God's people. Amen." Which does sound like a to-be-continued. I don't mean the Bible feels incomplete because it ends with Revelation. What I mean is, if we have continued to hear God and wrestle with him and his emissaries ever since the first overtures of the Christian faith sounded.Why do we not treat these encounters with the same reverence as the works assembled in the New Testament? Why have we let our holy text grow so antique and untouchable instead of allowing them to expand like a divine Wikipedia updated in perpetuity? That way, each angelic struggle and Damascene conversion that has ever occurred or one day will, would become part of its fabric.In this Borgesian Bible, we would have the Gospel of Mary, not a fictitious biography constructed by a man a century after her death, but her true words. We would have the conversion of the Ethiopian eunuch on the road between Jerusalem and Gaza from Acts, but this time given in the first person. We would have descriptions from the Picts on Iona of the Irish Saint Columba appearing in a rowboat over the horizon.We would have the Gospels of those from the early Eastern Orthodox churches, Assyrian Gospels, Syriac Orthodox Gospels. We would have records of the crusades from the Christian soldiers sent out through Europe to Jerusalem in order to massacre those of other faiths, both Muslim and Jewish. In reading these accounts, we would be forced to confront the ways in which scripture can be interpreted

The ASX 200 gave up strong early gains closing down 27 at 8565 (0.3%). US futures and lack of detail weighing on sentiment as Asian markets generally weaker. Banks slid slightly, CBA down 0.5% with NAB down 0.2% and the Big Bank Basket down to $262.66 (-0.5%). MQG whacked 1.6% with insurers also under pressure. REITs mixed, GMG off 1.2%. Industrials generally lower, ALL off 1.6% with retail down, led by SUL off 1.6% and BAP falling 2.7%. Travel stocks also under pressure, CTD down 3.1% and WEB off 2.8%. Fast food falling, DMP down 4.9%. REA fell 1.1% and TWE down 1.3% with TLS up 1.0% as defensives back in focus. In resources, gold miners back in demand, GMD up 6.0% and NEM up 3.0%. The Three Iron Ore amigos all down, BHP off 1.8% with FMG off 3.4%. Lithium stocks back under pressure, MIN off 7.6% and PLS falling 6.0%. Rare earth giant LYC rose 0.8%. Oil and gas stocks gave up strong early gains as the crude price fell back, KAR up 2.0% and BPT bouncing 2.4%. Uranium ok, nothing spectacular, DYL up 1.1% and PDN up 0.8%. In corporate news, CTT fell 31.2% on a trading update and a large line of stock going through. MVF rose 9.1% as its CEO resigned. COH up 0.7% after downgrading its earnings outlook. Nothing on the economic front today. Asian markets weaker, Japan off 0.6% and HK off 0.9. China unchanged.Want to invest with Marcus Today? The Managed Strategy Portfolio is designed for investors seeking exposure to our strategy while we do the hard work for you. If you're looking for personal financial advice, our friends at Clime Investment Management can help. Their team of licensed advisers operates across most states, offering tailored financial planning services.  Why not sign up for a free trial? Gain access to expert insights, research, and analysis to become a better investor.

The word “revolution” conjures powerful imagery. But what does it mean today? Do revolutions neatly promote the will of the people, forging radical transformation? Or is it more complicated? Sociologist Volodymyr Ishchenko joins us from Freie Universität Berlin to explain his take on “deficient revolutions” as he reflects on the 2014 Euromaidan uprising and recent events in Ukraine – where, he argues, conflict with roots in class has become polarised along “ethnic” lines, with devastating consequences.Ukraine, he shows, is not an anomalous case on the periphery of Europe and the former USSR. Rather, its story is instructive for the study of global processes, including the “crisis of hegemony” – one he describes in terms of the “shellness” of politics, and which is in fact often compounded by contemporary revolutions. “People want their say”, Volodymyr explains. “They can overthrow the governments. But they cannot bring about the change that would represent their interests”.An urgent discussion about decolonisation and discourse, progress, popular mobilisation and imagining alternative futures. With reflection on Soviet-era sci-fi authors, the Strugatsky brothers – and on sociologists' duty to highlight complex, messy realities.Guest: Volodymyr Ishchenko; Hosts: Rosie Hancock, Alexis Hieu Truong; Executive Producer: Alice Bloch; Sound Engineer: David Crackles; Music: Joe Gardner; Artwork: Erin AnikerFind more about Uncommon SenseEpisode ResourcesBy Volodymyr IshchenkoTowards The Abyss: Ukraine from Maidan to WarUkrainian Voices?Class or regional cleavage? The Russian invasion and Ukraine's ‘East/West' divideInsufficiently diverse: The problem of nonviolent leverage and radicalization of Ukraine's Maidan uprising, 2013–2014Why is Ukraine struggling to mobilise its citizens to fight?From the Sociological Review FoundationCommunity, with Kirsteen PatonSecurity, with Daria KrivonosGood warning, Vietnam? Comparing the Russian opposition to Putin with the greatest anti-war movement in the US – Arseniy KumankovFurther resourcesThe Snail On The Slope – novel by Boris and Arkady Strugatsky, also reviewed in the TLS by Muireann MaguireUnderstanding Ukraine's Euromaidan Protests – Open Society Foundations“Ethnic Conflict: A Global Perspective” – Stefan WolffRead more about Antonio Gramsci, William H. Sewell and Dylan John Riley.Support our work. Make a one-off or regular donation to help fund future episodes of Uncommon Sense: donorbox.org/uncommon-sense

This week, a special podcast from the Hay Festival ranges from the ancient world to the 16th-century, taking in the art of criticism, the centrality of religion and eco-catastrophe. With Stephanie Merritt, Edith Hall, Toby Lichtig and a guest appearance from TLS crossword compiler Praxiteles.'Traitor's Legacy', by SJ Parris'Epic of the Earth: Reading Homer's "Iliad" in the Fight for a Dying World', by Edith HallProduced by Charlotte Pardy Hosted on Acast. See acast.com/privacy for more information.

What the status of Encrypted Client Hello (ECH)? What radio technology would be best for remote inverter shutdown? Some DNS providers already block newly listed domains. Knowing when not to click a link can take true understanding. Why can losing a small portion of a power grid bring the rest down? Where are we in the "AI Hype Cycle" and is this the first? Speaking of hype: An AI system resorted to blackmail? Why are we so quick to imbue AI with awareness? ChatGPT's latest o3 model ignored the order to shutdown. Copilot may not be making Windows core code any better. Venice.AI is an unfiltered and unrestrained LLM Show Notes - https://www.grc.com/sn/SN-1027-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: outsystems.com/twit threatlocker.com for Security Now canary.tools/twit - use code: TWIT hoxhunt.com/securitynow 1password.com/securitynow

What the status of Encrypted Client Hello (ECH)? What radio technology would be best for remote inverter shutdown? Some DNS providers already block newly listed domains. Knowing when not to click a link can take true understanding. Why can losing a small portion of a power grid bring the rest down? Where are we in the "AI Hype Cycle" and is this the first? Speaking of hype: An AI system resorted to blackmail? Why are we so quick to imbue AI with awareness? ChatGPT's latest o3 model ignored the order to shutdown. Copilot may not be making Windows core code any better. Venice.AI is an unfiltered and unrestrained LLM Show Notes - https://www.grc.com/sn/SN-1027-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: outsystems.com/twit threatlocker.com for Security Now canary.tools/twit - use code: TWIT hoxhunt.com/securitynow 1password.com/securitynow

What the status of Encrypted Client Hello (ECH)? What radio technology would be best for remote inverter shutdown? Some DNS providers already block newly listed domains. Knowing when not to click a link can take true understanding. Why can losing a small portion of a power grid bring the rest down? Where are we in the "AI Hype Cycle" and is this the first? Speaking of hype: An AI system resorted to blackmail? Why are we so quick to imbue AI with awareness? ChatGPT's latest o3 model ignored the order to shutdown. Copilot may not be making Windows core code any better. Venice.AI is an unfiltered and unrestrained LLM Show Notes - https://www.grc.com/sn/SN-1027-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: outsystems.com/twit threatlocker.com for Security Now canary.tools/twit - use code: TWIT hoxhunt.com/securitynow 1password.com/securitynow

What the status of Encrypted Client Hello (ECH)? What radio technology would be best for remote inverter shutdown? Some DNS providers already block newly listed domains. Knowing when not to click a link can take true understanding. Why can losing a small portion of a power grid bring the rest down? Where are we in the "AI Hype Cycle" and is this the first? Speaking of hype: An AI system resorted to blackmail? Why are we so quick to imbue AI with awareness? ChatGPT's latest o3 model ignored the order to shutdown. Copilot may not be making Windows core code any better. Venice.AI is an unfiltered and unrestrained LLM Show Notes - https://www.grc.com/sn/SN-1027-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: outsystems.com/twit threatlocker.com for Security Now canary.tools/twit - use code: TWIT hoxhunt.com/securitynow 1password.com/securitynow

What the status of Encrypted Client Hello (ECH)? What radio technology would be best for remote inverter shutdown? Some DNS providers already block newly listed domains. Knowing when not to click a link can take true understanding. Why can losing a small portion of a power grid bring the rest down? Where are we in the "AI Hype Cycle" and is this the first? Speaking of hype: An AI system resorted to blackmail? Why are we so quick to imbue AI with awareness? ChatGPT's latest o3 model ignored the order to shutdown. Copilot may not be making Windows core code any better. Venice.AI is an unfiltered and unrestrained LLM Show Notes - https://www.grc.com/sn/SN-1027-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: outsystems.com/twit threatlocker.com for Security Now canary.tools/twit - use code: TWIT hoxhunt.com/securitynow 1password.com/securitynow

What the status of Encrypted Client Hello (ECH)? What radio technology would be best for remote inverter shutdown? Some DNS providers already block newly listed domains. Knowing when not to click a link can take true understanding. Why can losing a small portion of a power grid bring the rest down? Where are we in the "AI Hype Cycle" and is this the first? Speaking of hype: An AI system resorted to blackmail? Why are we so quick to imbue AI with awareness? ChatGPT's latest o3 model ignored the order to shutdown. Copilot may not be making Windows core code any better. Venice.AI is an unfiltered and unrestrained LLM Show Notes - https://www.grc.com/sn/SN-1027-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: outsystems.com/twit threatlocker.com for Security Now canary.tools/twit - use code: TWIT hoxhunt.com/securitynow 1password.com/securitynow

What the status of Encrypted Client Hello (ECH)? What radio technology would be best for remote inverter shutdown? Some DNS providers already block newly listed domains. Knowing when not to click a link can take true understanding. Why can losing a small portion of a power grid bring the rest down? Where are we in the "AI Hype Cycle" and is this the first? Speaking of hype: An AI system resorted to blackmail? Why are we so quick to imbue AI with awareness? ChatGPT's latest o3 model ignored the order to shutdown. Copilot may not be making Windows core code any better. Venice.AI is an unfiltered and unrestrained LLM Show Notes - https://www.grc.com/sn/SN-1027-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: outsystems.com/twit threatlocker.com for Security Now canary.tools/twit - use code: TWIT hoxhunt.com/securitynow 1password.com/securitynow

What the status of Encrypted Client Hello (ECH)? What radio technology would be best for remote inverter shutdown? Some DNS providers already block newly listed domains. Knowing when not to click a link can take true understanding. Why can losing a small portion of a power grid bring the rest down? Where are we in the "AI Hype Cycle" and is this the first? Speaking of hype: An AI system resorted to blackmail? Why are we so quick to imbue AI with awareness? ChatGPT's latest o3 model ignored the order to shutdown. Copilot may not be making Windows core code any better. Venice.AI is an unfiltered and unrestrained LLM Show Notes - https://www.grc.com/sn/SN-1027-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: outsystems.com/twit threatlocker.com for Security Now canary.tools/twit - use code: TWIT hoxhunt.com/securitynow 1password.com/securitynow

Send us a textCybersecurity professionals need a solid understanding of secure communication protocols, not just for exam success but for real-world implementation. This episode unpacks the essential protocols covered in CISSP Domain 4.1.3, providing clear explanations of how each works and when to use them.We begin with a timely discussion of the recent UnitedHealthcare hack, examining how ransomware crippled Change Healthcare systems nationwide. This case study highlights the critical importance of understanding security protocols and being able to articulate potential business impacts to leadership. Sean shares practical approaches for estimating downtime costs to help justify security investments.The heart of this episode explores crucial security protocols including IPsec tunnels, Kerberos authentication, Secure Shell (SSH), and the Signal protocol. Each section covers how these technologies function, their ideal use cases, and their respective strengths and limitations. The discussion extends to transport layer security (TLS), layer 2 tunneling protocol (L2TP), and lesser-known protocols like secure real-time transport protocol (SRTP) and Zimmerman real-time transport protocol (ZRTP).Sean breaks down complex technical concepts into accessible explanations, perfect for both CISSP candidates and practicing security professionals. Understanding these protocols isn't just about passing an exam—it's about making informed decisions when implementing security architecture in your organization. Whether you're preparing for certification or looking to strengthen your organization's security posture, this episode provides valuable insights into the fundamental building blocks of secure communications.Check out cisspcybertraining.com for free resources including practice questions, training videos, and blog posts to support your cybersecurity learning journey.Gain exclusive access to 360 FREE CISSP Practice Questions delivered directly to your inbox! Sign up at FreeCISSPQuestions.com and receive 30 expertly crafted practice questions every 15 days for the next 6 months—completely free! Don't miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!

We first became aware of the story at the heart of this episode over three years ago. Details were scarce at the time, but we knew that heat casualties had been a major issue for units at Defener Pacific... except for one company that was completely unaffected. And as it turned out, that company had been doing afternoon physical training to deliberately prepare for the heat (plus leveraging H2F experts to optimize the training). Our guest for this episode was the commander of that company at the time, and he provides a ton of insight into how good training management left his company with zero heat casualties while the battalion experienced 45. MAJ Christian Wardynski is an Instructor of Economics in the Department of Social Sciences at the United States Military Academy at West Point, which he also graduated from in 2014. After graduating Engineer BOLC, Chris served in the 54th BEB, 173rd IBCT in Vicenza, Italy as a Light Equipment PL, Sapper PL, and BN Air Officer. Most recently, he served as the Company Commander for Bravo Company, 37th Engineer Battalion, 82nd Airborne Division at Fort Bragg, NC. Chris holds a Bachelor of Science in Economics from West Point, a Master of Science in Engineering Management from the Missouri University of Science and Technology, and a Master of Public Policy from the University of Chicago where he also served as a fellow at the Pearson Institute. Chris and his wife, Jackie, have four daughters.He also provided a bunch of clarifying notes that we'll share here:He said the DoD vs. VA alignment is a Principal-Agent Problem, but as he described it, it would probably fit the definition of a negative externality better - the DoD's decisions to "overuse"/ or under-rehabilitate soldiers impose uncompensated long-term healthcare costs on the VA (and thus the taxpayer); same for the current commander not considering the cost savings of proper rehabilitation/physical resiliency of soldiers for the next commander. Regardless, both principal-agent issue and externality issue apply. You can tell by this correction that he's a true econ instructor...For additional context on the heat acclimation they started in May 2021, they had Company STX the second week of June and he initially started reverse cycle PT to see if it'd help soldiers with performance during the STX event. They executed 9x ESB-style lanes focused on individual soldier and engineer tasks, and covered over 30 miles under load in 24 hours. As a bit of risk management for the event, he mandated that all soldiers had to eat at least the main meal of the MRE and a side, or three sides total if not eating the main meal, as well as the entire salt/electrolyte packet every four hours during the event. If they found any soldier who ate less than the required amount, it would result in a summarized article 15 (if there were no extenuating circumstances). It was on the TLs to decide if they needed to eat more frequently and if they wanted to eat on the move or not. Team leaders led their own teams movement through all the lanes and to each station. This provided a great opportunity for them to exercise some initiative and leadership. Surprisingly, zero heat casualties during this crucible event for the ~80 soldiers that completed it, despite a peak ~95 degree heat index in that timeframe. Regarding Defender Pacific, when he arrived to his company assembly area after the jump, his soldiers looked utterly unphased and appeared completely fresh. The BN TF, however, had about 45 heat casualties by that time. After the BN TF mission was complete, they had a 7 mi ruck to the training area where they'd rest overnight, and his soldiers handled the movement without any issue whatsoever. He did note that they did not have a very hard follow on mission, whereas most other companies in the BN TF had some pretty physically arduous movements/follow-on missions.

In this episode, Michael, Sarah, and Mark talk to Craig Nelson, VP of the Microsoft Red Team about how the Red Team works to help secure Microsoft and its customers.In life, there are things you know you know, things you know you don't know, and finally, things you don't know you don't know. This episode is full of the latter.We also cover security news about LLMs and MCP, TLS 1.1 and 1.0 deprecation, Private End Point Improvements, Containers and more.https://aka.ms/azsecpod

Post-quantum cryptography is rapidly moving from the realm of NIST standards to running in production. The threat of quantum computing advances and coming regulations are driving this acceleration. One major component on the PQC migration plan for companies is VPN. In this episode we look at the Ambit corporate VPN client, which uses a standardized NIST PQC cipher: ML-KEM. Did you know there are potential gotchas with trying hybrids of classical and PQC instead? Find out the technical and philosophical reasons why the developers chose to skip offering a hybrid option. Join host Konstantinos Karagiannis for a wide-ranging chat with Kevin Kane and Andrew McElroy from American Binary.  For more information on American Binary, visit https://www.ambit.inc/.  Visit Protiviti at https://www.protiviti.com/US-en/technology-consulting/quantum-computing-services  to learn more about how Protiviti is helping organizations get post-quantum ready.  Follow host Konstantinos Karagiannis on all socials: @KonstantHacker and follow Protiviti Technology on LinkedIn and Twitter: @ProtivitiTech.               Questions and comments are welcome!  Theme song by David Schwartz, copyright 2021.  The views expressed by the participants of this program are their own and do not represent the views of, nor are they endorsed by, Protiviti Inc., The Post-Quantum World, or their respective officers, directors, employees, agents, representatives, shareholders, or subsidiaries.  None of the content should be considered investment advice, as an offer or solicitation of an offer to buy or sell, or as an endorsement of any company, security, fund, or other securities or non-securities offering. Thanks for listening to this podcast. Protiviti Inc. is an equal opportunity employer, including minorities, females, people with disabilities, and veterans.

Guest Dirkjan Ochtman Panelist Richard Littauer Show Notes In this special Maintainer Month episode of Sustain, host Richard speaks with Dirkjan Ochtman, a long-time open source contributor and Rust advocate. They dive deep into what it's like maintaining critical infrastructure libraries, the motivations behind taking over "abandonware," and how funding ecosystems like GitHub Sponsors and thanks.dev help sustain low-level dependencies. Dirkjan also reflects on how Rust's design lends itself well to long-term maintainability and shares thoughts on the challenges of burnout, context switching, and ensuring project continuity. Hit the download button now! [00:01:33] Dirkjan explains how he chooses which projects he's maintaining, being passionate about memory safety via Rust, and maintaining tools like Rustls, Hickory DNS, and Quinn. [00:03:14] Dirkjan describes his motivation for maintaining abandonware and sees it as providing value to the community. [00:04:23] ISRG funds Dirkjan's work on memory-safe DNS and TLS libraires, and they are replacing C-based libraires with Rust equivalents. [00:05:33] Dirkjan uses thanks.dev to help fund maintainers through the full dependency graph and revenue is limited but promising. [00:08:06] Richard brings up Tidelift and Dirkjan mentions it's not yielding results for Rust projects yet because the Rust ecosystem is smaller. [00:09:30] We hear Dirkjan's journey into Rust, starting in Python but frustrated by lack of type safety and performance, and creating his own compiler before appreciating Rust's complexity. [00:12:20] Dirkjan talks about his transition from Python to Rust. [00:13:39] Dirkjan uses PyO3 to create Python bindings for Rust libraries. [00:15:31] Richard wonders why projects become unmaintained and Dirkjan responds that people have life events, job changes, or shifting interests. [00:17:11] How are unmaintained projects flagged? Dirkjan uses the RustSec Advisory DB to detect projects with no active maintainers. [00:18:47] Dirkjan avoids burnout as a maintainer by keeping the scope narrow, only responds to PRs, doesn't overcommit, and focuses on high-efficiency, low-effort maintenance. [00:19:51] Rust has a strong system, built-in unit tests, great CI support, and Dirkjan encourages atomic commits to simplify code review. [00:21:28] Dirkjan speaks about languages that are more maintainer safe. [00:22:18] Richard brings up attack vectors and the ‘left-pad incident.' Dirkjan shares how he builds trust via his public GitHub record. [00:24:17] We hear Dirkjan's offboarding and succession planning as he explains handing off projects like Askama and promoting multiple maintainers to reduce bus factor. [00:26:08] Dirkjan's long-term vision for OSS sustainability is he hopes to move higher in the stack and wants to make high-quality software easier to build. [00:27:38] Dirkjan explains why he prefers to do asynchronous collaboration over pair programming. [00:28:52] Dirkjan discusses Rust's long-term ecosystem stability. [00:31:09] Find out where you can follow Dirkjan on the web. Quotes [00:03:23] “You call it abandonware and I call it a dependency that has a million users.” [00:19:02] “[When I take on a project], I don't take on the burden of proactively improving the project.” [00:19:11] “I will be there when someone submits a PR." [00:20:37] “I ask folks to make small changes: atomic commits.” Spotlight [00:31:37] Richard's spotlight is Allan Day. [00:32:20] Dirkjan's spotlight is Xilem. Links SustainOSS (https://sustainoss.org/) podcast@sustainoss.org (mailto:podcast@sustainoss.org) richard@sustainoss.org (mailto:richard@sustainoss.org) SustainOSS Discourse (https://discourse.sustainoss.org/) SustainOSS Mastodon (https://mastodon.social/tags/sustainoss) SustainOSS Bluesky (https://bsky.app/profile/sustainoss.bsky.social) SustainOSS LinkedIn (https://www.linkedin.com/company/sustainoss/) Open Collective-SustainOSS (Contribute) (https://opencollective.com/sustainoss) Richard Littauer Socials (https://www.burntfen.com/2023-05-30/socials) Dirkjan Ochtman LinkedIn (https://www.linkedin.com/in/dochtman/?originalSubdomain=nl) Dirkjan Ochtman Blog (https://dirkjan.ochtman.nl/) Dirkjan Ochtman Mastodon (https://hachyderm.io/@djc) Dirkjan Ochtman GitHub (https://github.com/djc) Dirkjan Ochtman Bluesky (https://bsky.app/profile/djc.ochtman.nl) Rust (https://www.rust-lang.org/) Rustls (https://github.com/rustls/rustls) Hickory DNS (https://github.com/hickory-dns/hickory-dns) Quinn (https://github.com/quinn-rs/quinn) Internet Security Research Group (ISRG) (https://www.abetterinternet.org/) Let's Encrypt (https://letsencrypt.org/) Automatic Certificate Management Environment (https://en.wikipedia.org/wiki/Automatic_Certificate_Management_Environment) PyO3 user guide (https://pyo3.rs/v0.15.1/) Sustain Podcast-Episode 108: Sarah Gran and Josh Aas: Sustainable Digital Infrastructure with Memory Safe Code (https://podcast.sustainoss.org/108) Sustain Podcast-Episode 148: Ali Nehzat of thanks.dev and OSS Funding (https://podcast.sustainoss.org/148) Tidelift (https://tidelift.com/) RustSec Advisory Database-GitHub (https://github.com/RustSec/advisory-db) Askama (https://docs.rs/askama/latest/askama/) Allan Day's GNOME Blog (https://blogs.gnome.org/aday/) Xilem (https://xilem.dev/) Credits Produced by Richard Littauer (https://www.burntfen.com/) Edited by Paul M. Bahr at Peachtree Sound (https://www.peachtreesound.com/) Show notes by DeAnn Bahr Peachtree Sound (https://www.peachtreesound.com/) Special Guest: Dirkjan Ochtman.

Eley Williams' collection of short stories Attrib. & Other Stories won the Republic of Consciousness Prize and the James Tait Black Memorial Prize. Her writing appears in The Penguin Book of the Contemporary British Short Story, Liberating the Canon, the TLS and the London Review of Books. She is a Fellow of the Royal Society of Literature. She is the author of the novel The Liar's Dictionary and on this episode of Little Atoms she talks to Neil Denny about her latest story collection Moderate to Poor, Occasionally Good, which is out now in paperback. Hosted on Acast. See acast.com/privacy for more information.

In this episode, Jenna interviews Dean Coclin, senior director of Industry Strategy at DigiCert, about the recent vote by the CA/Browser Forum to shorten the lifespan of TLS certificates to 47 days by 2029. They discuss:The schedule for the changes and the gradual increments lifespans will shorten byThe rationale behind shortening certificate lifetimesHow to start preparing for changesDigiCert will be hosting a webinar on this topic on May 6 called "Unpacking Certificate Changes: Live Expert Q&A." Register here: https://digicert.registration.goldcast.io/events/2c6c723b-5725-4406-9289-6df8ddd20f93?referrer=https://www.digicert.com/&referrer=https://www.digicert.com/&referrer=https://www.digicert.com/&referrer_page=a28f9ca5-7abf-4ce2-9b6b-571e50e49239

Let's Encrypt now offers certificates with 6-day lifetimes but what does that mean for the commercial TLS trust anchor world? On this episode of Security Noise, Geoff and Skyler are joined by Principal Security Consultant Justin Bollinger to discuss new options for certificate lifetimes and the implications of the new maximum ages, good and bad. About this podcast: Security Noise, a TrustedSec Podcast hosted by Geoff Walton and Producer/Contributor Skyler Tuter, features our cybersecurity experts in conversation about the infosec topics that interest them the most. Hack the planet! Find more cybersecurity resources on our website at https://trustedsec.com/resources.

Megan Hunter is a prizewinning novelist, dramatist and screenwriter. Her first novel, The End We Start From was shortlisted for Novel of the Year at the Books Are My Bag Awards, longlisted for the Aspen Words Prize, was a Barnes and Noble Discover Awards finalist and won the Forward Reviews Editor's Choice Award. It was adapted into a major motion picture by Alice Birch, starring Jodie Comer and directed by Mahalia Belo. Her second novel, The Harpy, was Indie Book of the Month; she is currently adapting it for television with Red Planet Pictures. Her dramatic monologue Salt of the Earth premiered at Venice Film Festival. Megan's other writing has appeared in the White Review, the TLS, Literary Hub, Vogue, Elle, BOMB, and elsewhere. On this episode of Little Atoms she talks to Neil Denny about her new novel Days of Light. Hosted on Acast. See acast.com/privacy for more information.

What personal information was compromised in the Hertz breach?The breach exposed customer names, birth dates, contact info, driver's licenses, payment cards, and some Social Security numbers. It stemmed from a cyberattack on Cleo, a third-party vendor previously targeted in a mass-hacking campaign.How is air travel changing, and what are the privacy implications?ICAO aims to replace boarding passes with digital travel credentials using facial recognition and mobile passport data. While data is reportedly deleted quickly, the expansion of biometric surveillance raises major privacy and security concerns.Why is the EU giving staff burner phones for U.S. trips?To mitigate potential U.S. surveillance risks, the EU is issuing burner phones to officials visiting for IMF/World Bank meetings—echoing similar precautions for China and Ukraine. It signals growing distrust in transatlantic cybersecurity.How are North Korean hackers using LinkedIn?Groups like Lazarus use fake recruiter profiles to trick targets into opening malware-laden job materials. These campaigns steal credentials and crypto, funding North Korea's sanctioned activities and highlighting the rise of social engineering threats.Why is Let's Encrypt shortening TLS certificate lifespans?Let's Encrypt now issues 6-day certificates, down from 90. Benefits include improved security and automation; drawbacks involve more frequent renewals, which could create dependency on issuing infrastructure.What is the "Smishing Triad" targeting now?This group has moved from fake delivery texts to targeting banks via iMessage and RCS phishing. They steal banking info to load stolen cards into mobile wallets, illustrating more advanced and lucrative phishing tactics.What's the significance of China acknowledging U.S. infrastructure hacks?China's tacit admission of involvement in Volt Typhoon cyberattacks marks a shift in tone. The U.S. sees these as strategic signals, intensifying concerns about critical infrastructure security amid geopolitical tension.What is Android's new auto-reboot security feature?Android phones will now reboot automatically after three days of inactivity. This clears memory, closes apps, and requires re-authentication—reducing the risk of unauthorized access.

On this week's show Patrick Gray talks to former NSA Cybersecurity Director Rob Joyce about Donald Trump's unprecedented, unwarranted and completely bonkers political persecution of Chris Krebs and his employer SentinelOne. They also talk through the week's cybersecurity news, covering: Mitre's stewardship of the CVE database gets its funding DOGE'd The US signs on to the Pall Mall anti-spyware agreement China tries to play the nationstate cyber-attribution game, but comedically badly Hackers run their malware inside the Windows sandbox, for security against EDR This week's episode is sponsored by open source identity provider Authentik. CEO Fletcher Heisler joins to talk through the increasing sprawl of the identity ecosystem. This episode is also available on Youtube. Show notes Cybersecurity industry falls silent as Trump turns ire on SentinelOne | Reuters U.S. cyber defenders shaken by Trump's attack on their former boss Trump Revenge Tour Targets Cyber Leaders, Elections – Krebs on Security Wyden to block Trump's CISA nominee until agency releases report on telecoms' ‘negligent cybersecurity' | The Record from Recorded Future News Gabbard sets up DOGE-style team to cut costs, uncover intel ‘weaponization' MITRE Warns CVE Program Faces Disruption Amid US Funding Uncertainty US to sign Pall Mall pact aimed at countering spyware abuses | The Record from Recorded Future News Court document reveals locations of WhatsApp victims targeted by NSO spyware | TechCrunch Spyware Maker NSO Group Is Paving a Path Back Into Trump's America | WIRED NCSC shares technical details of spyware targeting Uyghur, Tibetan and Taiwanese groups | The Record from Recorded Future News Risky Bulletin: Chinese APT abuses Windows Sandbox to go invisible on infected hosts China escalates cyber fight with U.S., names alleged NSA hackers Researcher uncovers dozens of sketchy Chrome extensions with 4 million installs - Ars Technica China-based SMS Phishing Triad Pivots to Banks – Krebs on Security Risky Bulletin: CA/B Forum approves 47-days TLS certs Ransomware in het mkb: Cybercriminelen verhogen losgeld bij cyberverzekering 4chan Is Down Following What Looks to Be a Major Hack Spurred By Meme War

MITRE corporation says funding cuts will impact the CVE database, China accuses NSA employees of an Asian Winter Games hack, a ransomware attack disrupts dialysis clinics, the CA/Browser Forum will limit TLS certificate lifetime to 47 days, and 4chan gets hacked. Show notes

AI-powered code generation tools are raising significant security concerns within the software supply chain. Recent research indicates that a notable percentage of package suggestions from both commercial and open-source models are non-existent, a phenomenon referred to as "hallucination." This issue allows malicious actors to exploit these fictitious package names by uploading harmful software to package registries, a tactic known as slop-squatting. Experts emphasize the importance of manual verification and the use of dependency scanners to mitigate these risks, highlighting that developers must rigorously test AI-generated code in isolated environments before deployment.In the tech industry, Intel has made headlines by selling a 51% stake in its programmable chip business, Altera, to private equity firm Silverlake for $4.46 billion. This decision comes after Intel's acquisition of Altera for $16.7 billion in 2015, reflecting a significant drop in valuation. The move is part of a broader strategy to sharpen focus and strengthen the company's balance sheet amid ongoing challenges in the semiconductor market. Despite retaining a minority stake in Altera, Intel's actions raise questions about its ability to compete effectively in critical areas like AI-optimized silicon.Another pressing issue is the impending reduction of the maximum lifespan for SSL and TLS certificates, which will be cut to just 47 days by 2029. This change, supported by major tech companies, aims to enhance digital security by minimizing risks associated with compromised certificates. The transition will require automated and integrated certificate management solutions to keep pace with the new renewal cycles, emphasizing the need for proactive risk management in the evolving threat landscape.Lastly, the reinstatement of tariffs on electronics, including smartphones and laptops, is set to impact the tech industry significantly. The U.S. government aims to encourage domestic manufacturing, but the unpredictability of trade policies complicates planning for businesses. As companies navigate these challenges, they must adopt flexible strategies that account for ongoing volatility in the supply chain and procurement processes, ensuring they remain responsive to changing market conditions. Four things to know today 00:00 Copy, Paste, Compromise? Why AI Code Suggestions Could Lead to Big Security Problems04:45 Altera Is Out, $8.75B Is In—But Intel's Chip Future Is Still in Question06:46 Got 47 Days? Why Your SSL Certificates Just Got a Whole Lot Needier08:14 One More Time with Feeling: Tech Tariffs Are Back, and the Forecast Is Still Chaos  Supported by:  https://cometbackup.com/?utm_source=mspradio&utm_medium=podcast&utm_campaign=sponsorship https://getflexpoint.com/msp-radio/   Join Dave April 22nd to learn about Marketing in the AI Era.  Signup here:  https://hubs.la/Q03dwWqg0 All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech

Topics covered in this episode: How to Write a Git Commit Message Caddy Web Server Some new PEPs approved juv Extras Joke Watch on YouTube About the show Sponsored by Posit Connect: pythonbytes.fm/connect Connect with the hosts Michael: @mkennedy@fosstodon.org / @mkennedy.codes (bsky) Brian: @brianokken@fosstodon.org / @brianokken.bsky.social Show: @pythonbytes@fosstodon.org / @pythonbytes.fm (bsky) Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Monday at 10am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Brian #1: How to Write a Git Commit Message Chris Beams 7 rules of a great commit message Separate subject from body with a blank line Limit the subject line to 50 characters Capitalize the subject line Do not end the subject line with a period Use the imperative mood in the subject line Wrap the body at 72 characters Use the body to explain what and why vs. how Article also includes Why a good commit message matters Discussion about each of the 7 rules Cool hat tips to other articles on the subject “Keep in mind: This has all been said before.” Each word is a different link. Michael #2: Caddy Web Server via Fredrik Mellström Like a more modern NGINX Caddy automatically obtains and renews TLS certificates for all your sites. Caddy's native configuration is a JSON document. Even localhost and internal IPs are served with TLS using the intermediate of a fully-automated, self-managed CA that is automatically installed into most local trust stores. Configure multiple Caddy instances with the same storage, and they will automatically coordinate certificate management as a fleet. Production-grade static file server. Brian #3: Some new PEPs approved PEP 770 – Improving measurability of Python packages with Software Bill-of-Materials Accepted for packaging Author: Seth Larson, Sponsor Brett Cannon “This PEP proposes using SBOM documents included in Python packages as a means to improve automated software measurability for Python packages.” PEP 750 – Template Strings Accepted for Python 3.14 Author: Jim Baker, Guido van Rossum, Paul Everitt, Kaudai Aono, Lysandros Nikolaou, Dave Peck “Templates provide developers with access to the string and its interpolated values before they are combined. This brings native flexible string processing to the Python language and enables safety checks, web templating, domain-specific languages, and more.” Michael #4: juv A toolkit for reproducible Jupyter notebooks, powered by uv. Create, manage, and run Jupyter notebooks with their dependencies Pin dependencies with PEP 723 - inline script metadata Launch ephemeral sessions for multiple front ends (e.g., JupyterLab, Notebook, NbClassic) Powered by uv for fast dependency management Use uvx to run jupyterlab with ephemeral virtual environments and tracked dependencies. Extras Brian: Status of Python versions new-ish format Use this all the time. Can't remember if we've covered the new format yet. See also Python endoflife.date Same dates, very visible encouragement to move on to Python 3.13 if you haven't already. Michael: Python 3.13.3 is out. .git-blame-ignore-revs follow up Joke: BGPT (thanks Doug Farrell)

What if managing databases on Kubernetes didn't require a team of specialists or endless configuration? In this episode of Tech Talks Daily, I sit down with Tamal Saha, founder and CEO of AppsCode, to explore how his team is building a more intuitive, scalable, and enterprise-ready approach to Kubernetes-native data management. Recorded during the IT Press Tour in London, this conversation traces Tamal's journey from Bangladesh to Google, and ultimately to launching AppsCode in 2016. He shares how early experiences with Google's internal systems helped shape his vision for a cloud-native data platform built for modern application environments. What began as an open-source passion project has evolved into a comprehensive enterprise suite that includes solutions like KubeDB, Stash, Voyager, and KubeVault. We discuss the operational realities of managing databases in Kubernetes—from simplifying provisioning and backups to solving problems around TLS management, multi-tenancy, and even secret rotation. Tamal outlines the benefits of a Kubernetes-native architecture for platform engineers, DevOps teams, and developers who want to deploy faster, automate more, and keep full control over their environments. With real-world insights from enterprise deployments, including large-scale telcos modernizing their infrastructure, Tamal explains how AppsCode is helping organizations move from ticket-based database provisioning to true self-service. He also looks ahead to what's coming next, including support for vector databases, AI-powered provisioning interfaces, and deeper integrations with open telemetry and observability tools. Whether you're running stateful workloads in Kubernetes today or exploring how to modernize your data layer, this episode is packed with insight into building platforms that work with developers, not against them. So, is it time to rethink your approach to data in the cloud-native era? Let me know what you think.

Apache Camel Exploit Attempt by Vulnerability Scans A recently patched vulnerability in Apache Camel has been integrated into some vulnerability scanners, like for example OpenVAS. We do see some exploit attempts in our honeypots, but they appear to be part of internal vulnerablity scans https://isc.sans.edu/diary/Apache%20Camel%20Exploit%20Attempt%20by%20Vulnerability%20Scan%20%28CVE-2025-27636%2C%20CVE-2025-29891%29/31814 New Security Requirements for Certificate Authorities Starting in July, certificate authorities need to verify domain ownership data from multiple viewpoints around the internet. They will also have to use linters to verify certificate requests. https://security.googleblog.com/2025/03/new-security-requirements-adopted-by.html Possible Oracle Breach Oracle still denies being the victim of a data berach as leaked data may show different. https://doublepulsar.com/oracle-attempt-to-hide-serious-cybersecurity-incident-from-customers-in-oracle-saas-service-9231c8daff4a https://www.theregister.com/2025/03/30/infosec_news_in_brief/ https://www.darkreading.com/cyberattacks-data-breaches/oracle-still-denies-breach-researchers-persist

Dr. Dave Chatterjee and David Close discuss the implications of post-quantum cryptography (PQC) on cybersecurity readiness. David, a Chief Solutions Architect at Futurex, explains the evolution of cryptographic methods to counter quantum computing threats. He highlights the importance of NIST's role in standardizing quantum-resistant algorithms like Kyber and Dilithium. David shares practical examples, such as Google and Cloudflare's hybrid TLS implementation and a financial institution's use of PQC for data storage. They emphasize the need for organizations to develop roadmaps, inventory cryptographic assets, and ensure vendor readiness. Dr. Chatterjee stresses the importance of a proactive, holistic approach to cybersecurity governance.To access and download the entire podcast summary with discussion highlights -- https://www.dchatte.com/episode-83-future-proofing-your-data-preparing-for-the-post-quantum-era/Latest Articles and Press Releases on The Cybersecurity Readiness Podcast Series:Dr. Dave Chatterjee Hosts Global Podcast Series on Cyber Readiness, Yahoo!Finance, Dec 16, 2024Dr. Dave Chatterjee Hosts Global Podcast Series on Cyber Readiness, Marketers Media, Dec 12, 2024.Cybersecurity Readiness Podcast by Dr. Dave Chatterjee Reaches 10,000 Downloads Globally, Business Insider/Markets Insider, Dec 10, 2024.Connect with Host Dr. Dave Chatterjee and Subscribe to the PodcastPlease subscribe to the podcast so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes are released every two weeks. Connect with Dr. Chatterjee on these platforms: LinkedIn: https://www.linkedin.com/in/dchatte/ Website: https://dchatte.com/Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338https://us.sagepub.com/en-us/nam/cybersecurity-readiness/book275712Latest Publications & Press Releases:“Meet Dr. Dave Chatterjee, the mind behind the CommitmentPreparedness-Discipline method for cybersecurity,” Chicago Tribune, February 24, 2025.“Dr. Dave Chatterjee...

Episode SummaryIn this episode of The Secure Developer, Danny Allan sits down with Mrinal Wadhwa, CTO at Ockam, to explore the evolving landscape of secure communication in distributed systems. They discuss the challenges of securing microservices, IoT networks, and Kubernetes environments and how traditional TLS-based security models may no longer be sufficient. Mrinal shares insights into Ockam's approach to end-to-end encrypted, mutually authenticated channels and the impact of WebAssembly, passkeys, and modern cryptographic identity management on security. Tune in for a deep dive into how organizations can rethink security at runtime to minimize risks in today's complex digital ecosystems.Show NotesSecurity in modern applications is more challenging than ever, with microservices architectures, IoT deployments, and distributed computing environments introducing new risks. In this episode, Danny Allan welcomes Mrinal Wadhwa, CTO at Ockam, to discuss how secure communication models need to evolve beyond traditional TLS and perimeter-based defenses.Topics covered include:The challenges of securing microservices and Kubernetes clustersHow end-to-end encryption and mutual authentication can minimize riskThe importance of cryptographic identities and key rotation at scaleHow Ockam enables secure channels across multiple transport layers (TCP, Bluetooth, Kafka, etc.)The role of WebAssembly and passkeys in rethinking security modelsShifting from perimeter-based security to secure-by-design communicationMrinal shares key insights on how organizations can rethink risk at runtime, considering the number of people and systems involved in data flow rather than just static build-time dependencies. Whether you're a security leader, developer, or architect, this episode provides actionable insights on building trust in your infrastructure without compromising performance or agility.LinksOckamPasskeys OverviewPrivate Compute Cloud by AppleSnyk - The Developer Security Company Follow UsOur WebsiteOur LinkedIn

In this episode, I discuss strategies to beat bad eating habits, my favorite free-weight exercises for leg day, upcoming developments with Legion Clear Protein, and more.As always, these questions come directly from my Instagram followers, who take advantage of my weekly Q&As in my stories.If you have a question you're dying to have answered, make sure you follow me on Instagram (@muscleforlifefitness) and look out for the Q&A posts. Your question might just make it into a podcast episode!If you like this type of episode, let me know. Send me an email (mike@muscleforlife.com) or direct message me on Instagram. And if you don't like it, let me know that too or how you think it could be better.---Timestamps:(00:00) Intro(02:03) Intermittent fasting—fad?(06:33) Beat bad eating habits?(10:39) Dream Whey+ flavor?(11:25) TLS workouts—full coverage?(11:52) Dexa scans reliable?(12:50) Butter healthy?(13:24) Best Adonis belt exercise?(14:34) High urea—lower protein?(14:54) Fastest way to first pull-up?(15:21) Green powder worth it?(16:00) Bicep tendonitis—alternatives?(17:11) Biggest Legion challenge?(26:03) Count all protein?(29:03) Train on period?(29:46) Raising what cows?(30:47) Check nutrients without bloodwork?(31:19) Compound vs. machines?(34:47) 100g+ protein needed?(36:01) Phosphatidic acid thoughts?(37:16) Natural or enhanced?(38:54) Best leg exercise no machines?---Mentioned on the Show:Coaching PageThe Little Black Book of Workout MotivationWhey+

The Unbreakable Multi-Layer Anti-Debugging System Xavier found a nice Python script that included what it calls the "Unbreakable Multi-Layer Anti-Debugging System". Leave it up to Xavier to tear it appart for you. https://isc.sans.edu/diary/The%20Unbreakable%20Multi-Layer%20Anti-Debugging%20System/31658 Take my money: OCR crypto stealers in Google Play and App Store Malware using OCR on screen shots was available not just via Google Play, but also the Apple App Store. https://securelist.com/sparkcat-stealer-in-app-store-and-google-play-2/115385/ Threat Actors Still Leveraging Legit RMM Tool ScreenConnect Unsurprisingly, threat actors still like to use legit remote admin tools, like ScreenConnect, as a command and control channel. Silent Push outlines the latest trends and IoCs they found https://www.silentpush.com/blog/screenconnect/ Cisco Identity Services Engine Insecure Java Deserialization and Authorization Bypass Vulnerabilities Java deserializing strikes again to allow arbitrary code execution. Cisco fixed this vulnerability and a authorization bypass issue in its Identity Services Engine https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multivuls-FTW9AOXF F5 Update F5 fixes an interesting authentication bypass problem affecting TLS client certificates https://my.f5.com/manage/s/article/K000149173