Nerding Out With Viktor (audio only)

Viktor Petersson
  • 0.0 (0)
  • TECHNOLOGY
  • UPDATED FORTNIGHTLY
Nerding Out With Viktor (audio only)

Welcome to Nerding Out With Viktor, a podcast at the intersection of tech innovation and entrepreneurial expertise! Hosted by Viktor, a proud nerd and seasoned entrepreneur, this show is a deep dive into the exciting world of technology. Viktor started his entrepreneurial journey during his time in Silicon Valley with YippieMove, a groundbreaking email migration service, and continued with the creation of Blotter, a highly successful macOS productivity app. A vanguard in remote work, Viktor has been skillfully managing remote teams for over a decade, demonstrating visionary leadership ahead of its wider adoption. His career is marked by a consistent knack for identifying and leveraging untapped tech opportunities. Screenly, a venture Viktor bootstrapped, stands at the pinnacle of his achievements. It's the world's first developer-friendly digital signage solution, and its flagship product now powers over 10,000 screens globally. In addition, Viktor's innovative streak led to the development of Anthias, a leading open-source digital signage solution, underscoring his role as an industry innovator. In Nerding Out With Viktor, listeners are treated to rich discussions with tech experts in areas such as AI, software development, cybersecurity, and hardware advancements. Viktor's unique experiences, honed in Silicon Valley and through his entrepreneurial ventures, provide a compelling backdrop for these insightful conversations, making complex tech topics accessible and engaging. Perfect for tech enthusiasts, budding entrepreneurs, or anyone curious about the tech landscape's future, "Nerding Out with Viktor" is the ultimate podcast for insightful, thought-provoking discussions. Join Viktor as he delves into conversations with the minds shaping our technological world. Subscribe to Nerding Out With Viktor and join a community where deep nerdiness and entrepreneurial insight blend in exciting dialogues.

  1. 3 DAYS AGO

    Hacking airplanes, ships and IoT devices with Ken Munro

    In this thrilling episode of Nerding Out with Viktor, host Viktor Petersson is joined by Ken Munro, a leading figure in cybersecurity and an expert in penetration testing. Together, they dive into the hidden world of aviation cybersecurity, shedding light on the challenges, discoveries, and unexpected vulnerabilities that exist within modern aircraft systems. With decades of experience and a passion for making aviation safer, Ken guides listeners through some of the most fascinating aspects of airplane hacking, responsible disclosures, and how his team tests aircraft security to uncover vulnerabilities. The conversation kicks off with an exploration of how Ken entered the field of aviation cybersecurity, sharing tales of hacking decommissioned planes in a scrapyard—a unique method that allowed his team to practice without endangering passengers or active fleets. Ken provides insight into his early career in the antivirus industry, his background as a general aviation pilot, and how these experiences culminated in his journey into the world of aviation security. He talks about the infamous time he hacked airplane entertainment systems and even how, with the right setups, it’s possible to rickroll an entire flight! Ken and Viktor then turn their attention to one of aviation’s most pressing security concerns: the electronic flight bag (EFB). EFBs, now commonly used in commercial cockpits, have replaced the hefty stacks of maps and manuals pilots once carried. Yet, while EFBs improve efficiency, Ken highlights the vulnerabilities in their design. For instance, by manipulating data within the EFB's performance calculators, attackers could mislead pilots about crucial factors like runway length or engine thrust. Ken explains the dire implications of these weaknesses and the sophisticated tactics used to secure these systems. The episode also covers GPS spoofing, a technique used by some adversaries to mislead or disrupt an aircraft's navigation system. Ken describes the complexities of GPS spoofing and jamming, explaining how such attacks can confuse onboard navigation and leave pilots relying on outdated or incorrect data until they’re able to safely land. Ken’s research into GPS vulnerabilities has revealed the scope of these threats, particularly in areas of high political tension. The discussion moves into the intricacies of responsible disclosure in the aviation industry, as Ken explains the delicate balance between informing manufacturers about security issues while respecting the time-consuming processes they require for safety certification. He shares examples of working with Boeing and Airbus, noting how long it can take to fix even minor vulnerabilities due to the rigorous testing needed to maintain passenger safety. Ken even praises Boeing for their commitment to addressing issues, despite the inevitable delay between discovery and patching. Viktor and Ken wrap up by discussing the industry’s gradual shift towards transparency in handling disclosures and threats. They talk about the importance of collaboration between cybersecurity professionals, manufacturers, and government regulators to enhance aviation security continuously. Ken emphasizes that, while security is critical, safety remains paramount in aviation, which often means extended timelines for vulnerability patches. For anyone fascinated by cybersecurity, aviation, or the hidden challenges of keeping the skies secure, this episode of Nerding Out with Viktor is an eye-opening deep dive into a world that affects millions of passengers daily. Ken Munro’s expertise, combined with Viktor’s curiosity and insights, makes for a compelling and informative conversation that reveals both the resilience and the risks of modern aviation systems. Don’t miss this must-listen episode on the cutting edge of cybersecurity and aviation. ]]>

    1h 6m

  2. 4 NOV

    From Passwords to Passkeys: Exploring the Future of Authentication with Massi Gori

    In this enlightening episode of Nerding Out with Viktor, Viktor Petersson welcomes authentication expert Massi Gori to delve deep into the ever-evolving world of digital identity and security. Massi, a seasoned product manager at Canonical, brings over 17 years of experience in identity management, from foundational protocols like LDAP and Kerberos to the latest advancements in passkeys and zero-trust models. The conversation begins with a historical journey through the evolution of authentication technologies, highlighting the pivotal roles of LDAP and Kerberos, which laid the groundwork for modern identity verification. Massi reflects on the shift from SAML to OAuth and OpenID, underscoring how these standards set the stage for today's Single Sign-On (SSO) systems and federated identity management. Viktor and Massi explore the crucial distinction between authentication (verifying who you are) and authorization (determining what you can access), unraveling the often-complex concepts behind identity management. Massi emphasizes the importance of user management and identity governance, illustrating how each plays a vital role in securing enterprise environments. They also cover the rising significance of Multi-Factor Authentication (MFA) and the progression from hardware tokens to modern soft tokens, which have simplified yet bolstered the security framework for millions. The discussion transitions to FIDO2 and WebAuthn standards, a major leap toward a passwordless future. Massi shares insights into the mechanics behind these protocols and how FIDO2’s architecture enhances security against adversaries-in-the-middle and other sophisticated attacks. He also addresses the role of biometrics, behavioral metrics, and device-based security as essential components of the zero-trust framework, shedding light on why continuous verification is more important than ever in the digital age. Towards the end, Viktor and Massi discuss passkeys—the new generation of passwordless authentication. Massi explains how passkeys combine the security of FIDO2 with the convenience of cloud sync, making it easier for users to recover credentials without sacrificing security. The duo addresses the trade-offs between using traditional hardware tokens like YubiKeys and the cloud-based flexibility of passkeys, giving listeners a comprehensive look at the future of authentication. This episode is a must-listen for tech enthusiasts and professionals alike, offering a thorough understanding of where digital identity is headed and what companies can do to stay ahead in securing user access. ]]>

    1h 4m

  3. 21 OCT

    SBOMs, CycloneDX, and Software Security with Steve Springett

    In this episode of Nerding Out With Viktor, host Viktor Petersson sits down with Steve Springett, a leading figure in the world of Software Bill of Materials (SBOMs) and the primary maintainer of CycloneDX, to explore the evolving landscape of software security and SBOMs. Steve shares his journey into the SBOM space, starting with his early experiences in supply chain management and the creation of OWASP Dependency-Track, a project that began out of necessity to manage full-stack inventories of hardware and software. Steve discusses the challenges faced during the early days, the limitations of existing tools, and how these experiences informed his later contributions to CycloneDX. The conversation dives deep into the technical nuances of SBOMs, including the differences between CycloneDX and SPDX, two of the most prominent SBOM standards. Steve and Viktor debate the pros and cons of each, with Steve emphasizing CycloneDX's pragmatic and automatable design philosophy. The discussion also touches on the complexities of supply chain security, including the importance of provenance, the challenges of dependency tracking, and the potential risks posed by nation-state adversaries. Steve provides insights into the future of SBOMs and how they will likely become as standard in software development as unit testing is today. He also introduces the concept of OBOMs (Operational Bill of Materials), explaining how SBOMs can extend to cover runtime environments and services, ensuring a more comprehensive approach to managing and securing software stacks. Key topics covered: - Steve Springett’s journey into SBOM and CycloneDX - Differences between CycloneDX and SPDX - The role of provenance in software supply chains - The future of SBOMs and their importance in cybersecurity compliance - Introduction to OBOMs and how they expand the SBOM concept If you're working in software development, DevOps, or cybersecurity, this episode is packed with practical advice and forward-thinking insights on how SBOMs are reshaping the industry. Tune in to learn from one of the leading voices in the SBOM world and stay ahead in securing your software supply chain. Check out sbomify at sbomify.com for a tool that simplifies SBOM generation and management! ]]>

    1h 12m

  4. 7 OCT

    RFID Hacking with Iceman: Exploring the Intricacies RFID Security

    In this episode of Nerding Out with Viktor, I sit down with Iceman, a well-known figure in the RFID hacking community. You might have caught one of his DEFCON talks, where he's done some groundbreaking work in RFID security. Today, we’re diving deep into RFID technology, hacking techniques, and security vulnerabilities that many of us take for granted in everyday systems. RFID (Radio-Frequency Identification) is all around us—from access control systems in buildings to payment cards, car immobilizers, and even alarm systems. While it's widely used, few people realize how vulnerable this technology can be. Iceman is here to break it all down, helping us understand the difference between RF and RFID, and explaining the various frequency ranges, from low frequency (125 kHz) to high frequency (13.56 MHz) and ultra-high frequency (800-900 MHz). Whether you’re a seasoned RF enthusiast, a hacker, or just curious about the technology behind the systems we rely on, this episode offers a deep dive into the world of RFID hacking. Iceman walks us through the basics, discussing different types of key fobs, cards, and readers. He also explains how people often buy RFID cloners only to realize they can’t clone certain cards due to the specific technology used. I learned this the hard way when I stumbled upon an RFID cloner at DEFCON—where I’d gone for my general interest in security—and it opened my eyes to the whole world of RFID hacking. Iceman reveals the essential tools of the trade, from the Proxmark to the Blue Gun Cloner, to more advanced gear like the iCopyX. We talk about the different tools available at all levels, from hobbyist to professional pentesters. But we don't stop at the tools—he breaks down how RFID authentication and encryption work, and how vulnerabilities like static and dynamic nonces leave even “secure” systems exposed. One of the most exciting parts of the conversation is learning that RFID hacking isn’t just about cloning a fob or breaking into a building. Iceman talks about how the hacking community is really about exploring, learning, and pushing the boundaries of technology. His story about creating the Iceman Fork of the Proxmark repository is a great example of how hackers collaborate to improve tools and share knowledge. We also get into more advanced RFID attacks like downgrade attacks, where hackers exploit systems that still support older, less secure versions of card technology. Iceman shares some real-world examples of how these vulnerabilities play out, giving us a peek behind the curtain at how hackers find and exploit these security gaps. We explore the security (or lack thereof) in systems we encounter every day—like hotel room key cards and smart locks. Iceman breaks down how even high-end systems can be vulnerable to simple cloning or more sophisticated downgrade and replay attacks. We also touch on newer technologies like NFC and mobile credentials, discussing how they compare to older RFID systems. For those of you looking to get started with RFID hacking or to deepen your knowledge, Iceman has some great advice on tools to buy, where to start, and how to get involved in the community. He also shares where you can pick up a Proxmark device and how to join the Proxmark Discord community, which is full of discussions, support, and new insights. So, whether you're here to learn about RFID technology, interested in ethical hacking, or just love getting nerdy about tech, this episode is packed with great information and stories from one of the top minds in RFID hacking. ]]>

    1h 7m

  5. 23 SEPT

    Uncovering Firmware Security: A Deep Dive with Binarly's Philipp Deppenwiese

    In this episode of Nerding Out with Viktor, host Viktor Petersson sits down with Philipp Deppenwiese, Head of Solution Engineering at Binarly, to delve into the critical yet often overlooked world of firmware security. As they explore the unique challenges of firmware and BIOS, Viktor and Philipp shed light on the importance of transparency in the development process. The conversation takes a fascinating turn as they dive into Binarly's groundbreaking discoveries, including the infamous "Logo Fail" vulnerability that exposed critical flaws in BIOS boot logos. Philipp shares his extensive expertise in cybersecurity, discussing the intricacies of Binarly's tooling, such as FW Hunt and the newly launched RISK Binarly service. This innovative approach allows users to scan firmware for vulnerabilities and generate SBOMs directly from binary code, making it a game-changer in the industry. As they touch on responsible disclosure with hardware vendors, PKI management, and attestation, Viktor and Philipp offer valuable insights into the cultural and technical challenges facing the hardware and firmware industry. Don't miss out on this deep dive into firmware security - hit play now! For more information, check out Binarly's RISK Service at risk.binarly.io, the Open Source Firmware Conference at osfc.io, and the SBCTL Tool for Secure Boot on GitHub. ]]>

    1 hr

  6. 9 SEPT

    Unpacking Docker's Journey: Justin Cormack on DevOps, Containerization, and the Future of Wasm

    In this episode of "Nerding Out with Viktor," Justin shares his unique insights on the evolution of Docker, the containerization pioneer. He reminisces about the early days of the London DevOps scene and its significant role in shaping the global community. The conversation delves into Docker's origins, highlighting the challenges and rapid rise to prominence in the cloud-native ecosystem. Justin expertly debunks the debate surrounding containers versus VMs, providing a nuanced understanding of Docker's success in simplifying application packaging and deployment. He also provides clarity on Docker's pivotal business shift in 2019, where the company split into two entities, focusing on developers and the cloud while selling off Docker Enterprise. The discussion also touches on the controversy surrounding Docker Desktop's pricing changes and the ongoing efforts to optimize Docker Hub's infrastructure. Additionally, Justin explores Docker Scout's role in generating SBOMs (Software Bill of Materials) and its potential for enhancing security through real-time vulnerability alerts. As Docker continues to innovate, this conversation highlights the company's focus on empowering developers while addressing practical challenges in running software at scale. ]]>

    1h 27m

  7. 26 AUG

    Exploring the Future of AI: Luke Marsden Unveils Helix and the Open Source Revolution

    In this episode of "Nerding Out with Viktor," Viktor dives deep into the world of artificial intelligence with Luke Marsden, an AI expert and visionary behind Helix. The conversation explores the rapidly evolving landscape of large language models (LLMs), the impact of OpenAI's ChatGPT, and the rise of open-source AI alternatives. Luke sheds light on the current state of AI, discussing how companies like Meta, Google, and Microsoft are shaping the future. The episode delves into the ongoing debate between open-source AI models and proprietary systems, highlighting the benefits and risks associated with each approach. Viktor and Luke discuss the emergence of Helix, a groundbreaking platform that enables businesses to harness the power of AI while maintaining control over their data. The conversation also touches on AI security and ethics, as well as the potential for Artificial General Intelligence (AGI). Throughout the episode, Luke shares practical insights into how businesses can leverage AI to drive innovation, from automating routine tasks to providing personalized recommendations. With a mix of technical depth and real-world examples, this episode offers a unique perspective on the future of AI, making it a must-listen for tech enthusiasts and industry professionals alike. ]]>

    1h 21m

  8. 12 AUG

    Daniel Stenberg on Curl's Journey: From C64 Demos to Internet Transfers

    On this engaging episode of "Nerding Out with Viktor", Viktor sits down with Daniel Stenberg, founder of the widely adopted command-line tool Curl, to discuss his fascinating journey from early programming days on Commodore 64 and Amiga to creating a tool that has become indispensable for developers worldwide. Daniel shares insights into maintaining an open-source project for over 26 years, including the complexities of supporting various architectures and quirky operating systems like Windows. The conversation highlights Daniel's anecdotes about crazy support requests, the importance of community building, and reducing friction for contributors. He also delves into adopting new standards in Curl, backward compatibility, and security measures to prevent supply chain attacks. Additionally, Daniel shares his thoughts on open-source funding, sponsorships, and the challenges faced by maintainers. Join Viktor for this insightful discussion with a true pioneer in the open-source world, offering valuable takeaways for developers, open-source enthusiasts, and anyone interested in software development. ]]>

    1h 9m
See All (25)

Trailer

About

Welcome to Nerding Out With Viktor, a podcast at the intersection of tech innovation and entrepreneurial expertise! Hosted by Viktor, a proud nerd and seasoned entrepreneur, this show is a deep dive into the exciting world of technology. Viktor started his entrepreneurial journey during his time in Silicon Valley with YippieMove, a groundbreaking email migration service, and continued with the creation of Blotter, a highly successful macOS productivity app. A vanguard in remote work, Viktor has been skillfully managing remote teams for over a decade, demonstrating visionary leadership ahead of its wider adoption. His career is marked by a consistent knack for identifying and leveraging untapped tech opportunities. Screenly, a venture Viktor bootstrapped, stands at the pinnacle of his achievements. It's the world's first developer-friendly digital signage solution, and its flagship product now powers over 10,000 screens globally. In addition, Viktor's innovative streak led to the development of Anthias, a leading open-source digital signage solution, underscoring his role as an industry innovator. In Nerding Out With Viktor, listeners are treated to rich discussions with tech experts in areas such as AI, software development, cybersecurity, and hardware advancements. Viktor's unique experiences, honed in Silicon Valley and through his entrepreneurial ventures, provide a compelling backdrop for these insightful conversations, making complex tech topics accessible and engaging. Perfect for tech enthusiasts, budding entrepreneurs, or anyone curious about the tech landscape's future, "Nerding Out with Viktor" is the ultimate podcast for insightful, thought-provoking discussions. Join Viktor as he delves into conversations with the minds shaping our technological world. Subscribe to Nerding Out With Viktor and join a community where deep nerdiness and entrepreneurial insight blend in exciting dialogues.

Information

To listen to explicit episodes, sign in.

Stay up to date with this show

Sign in or sign up to follow shows, save episodes and get the latest updates.
Select a country or region

Africa, Middle East, and India

Asia Pacific

Europe

Latin America and the Caribbean

The United States and Canada