Talks
Over the years I’ve given a few talks, and I figured eventually I should probably organize all of them.
These aren’t all of my talks, or even all of the public talks, but a fair number of them that have slides
2016
- Using Your’e Types More Good: a quick talk on types & security
- On Being an Eeyore in InfoSec: a talk propounding my all the things we have historically done, but haven’t adopted
- Make love! the lojikil way, part 0: Randomness: a quick talk on random number generation (partially given at a client)
- Make love! the lojikil way, part 1: compilers: a quick talk on compiler strategy
- My mobile Heraclitus Seminar: a quick look at the top 5 things I want developers to stop doing
2017
- My Anabasis, or, on being a type-heavy scheme programmer in infosec: living off the land in Scala, and modeling violence with types
- Make love! the lojikil way, part 2: types: type theory & correctness for things we want in infosec
2018
- The lojikil center for kids who don’t blockchain good and want to learn to do other things good too: a quick review of blockchain security and assessments
2019
- Swimming with the kubectl fish: a review of what we found during the CNCF Kubernetes audit
- Symbolically executing a fuzzy tyrant, or, how to fuck literally anything: a rant/discussion about testing tools and how program analysis techniques can be used for infosec
- Return to the hundred acre wood: a review of all the things that have changed in 2016, and what is still broken
2020
- The Kyoto School of Go Nihilism: a talk on Golang security problems (private client)
- Go-ing for an evening stroll: an updated version for GitHub Security monthly
- The Multician of Venice: a history of software composition & security
- The good, the bad, the blockchain: a discussion of what Blockchain does and does not do well
Podcasts
- Absolute AppSec (AA) Episode 183: Information Warfare
- AA Episode 156: SBOM
- AA Episode 144: Fuzzing & Property Testing
- AA Episode 143: HTTP2, BlackHat/Defcon, Kubernetes
- AA Episode CXXXIX
- AA Episode 128: Security Nihilism
- AA Episode 121: Formal Specification
- AA Episode 097: Threat Modeling
- AA Episode 091: More Voatz, Code Reviews, Report Writing, Threat Models, and Risk Assessment
- AA Episode 060: Huawei, Android, and Programming Languages
- AA Episode 055: Loji Ruins InfoSec, Testing Edition
- AA Episode 037: Holiday Gifts, Getting started with Security and Languages, Formal Verification
- AA Episode 034: Security Testing, Blockchain, and you!
- AA Episode 011
- AA Episode 005
- Risky Business Episode 559: Maybe it was the Israelis hacking the Russians to masquerade as Iranians?