#6: Application Security & Cryptography with Scott Arciszewski Syscast Podcast by Mattias Geniar

For the 6th episode of SysCast I’m joined by Scott Arciszewski.

We talk about PHP, cryptography, securing online applications, cache timing attacks, his CMS called Airship and so much more.

If you like security and crypto, you’ll like this episode!

Shownotes

Scott is @CiPHPerCoder on Twitter as well as @ParagonIE
Scott works at Paragon Initiative Enterprises
CMS Airship
Secure Coding Rules
OWASP Top 10
grsecurity
You Wouldn’t Base64 a Password – Cryptography Decoded
The Cryptopals Crypto Challenges
Timing Attacks
htshells (Self contained htaccess shells and attacks)
SysCast episode on the Caddy Webserver (episode #1)
libsodium (A modern and easy-to-use crypto library)
All the crypto code you’ve ever written is probably broken
“This JPEG is also a webpage” (view source of this site!)

Feedback? Let me know via syscast@ttias.be or at @mattiasgeniar on Twitter.

Special thanks to Jeroen Flamman (@jflamman) and HPCDude (@bengui122) for cleaning up the audio and removing most of the clicks and background noise!