#security
21 episodes
#3764: Rooting's Last Stand: Play Integrity vs. Power Users
Google’s Play Integrity API is making rooted phones useless for banking. Is rooting dead?
#3420: How Airports Handle Planespotters: 4 Global Approaches
From designated viewing platforms to espionage charges — how airports worldwide treat people with binoculars and logbooks.
#2835: Why Can't I Trust My Own Computer?
Why services keep asking you to sign in—and what it would take to fix it.
#2699: Inside Android's Binder: No HTTP Here
Android's internal APIs don't use HTTP. They use Binder — a kernel-level IPC mechanism that's faster, tighter, and completely opaque.
#2679: Can a VPN Protect You from SS7 Phone Spying?
SS7 is the hidden backbone of global phone networks—and it's wide open to spies. Here's what a VPN does and doesn't fix.
#2678: How IMSI Catchers Actually Track Your Phone
How fake cell towers intercept your phone, from GSM flaws to 5G fixes. Separating spy-thriller hype from real engineering.
#2594: The Hierarchy of Immutable Code
From mask ROM to e-fuses: how hardware enforces a hierarchy of mutability in every computing device.
#2508: Why CORS Doesn't Protect Your Server
Why browsers block cross-origin requests, how CORS actually works, and the common pitfalls that trip up developers.
#2496: Are Hidden API Endpoints Leaks or Just Plumbing?
When LLM agents discover unauthenticated JSON endpoints in browser DevTools, is it a security breach or just reading the page?
#2324: The Three Layers of Filming in a Security-Conscious Country
Navigating the legal and social challenges of filming in Israel—what’s allowed, what’s not, and how creators can stay safe.
#2251: Agent-to-Agent Protocols: What Actually Needs Standardizing
When autonomous agents call other agents, what does a working protocol actually require? Exploring session handling, state management, security, an...
#1797: Why the Cloud Runs on Cassette Tapes
The cloud isn't just hard drives—it's millions of robotic cassette tapes holding petabytes of data for Google and NASA.
#1780: The Danger Zone: Your Browser Extensions
Your encrypted data is safe until it hits your browser. Here's how extensions turn your "secure" browsing into a data leak.
#1773: AI's "Hacky" Command-Line Fixes Are a Security Nightmare
Giving AI agents terminal access speeds up fixes but creates invisible security holes and configuration drift.
#1714: The Hidden Cost of Rolling Your Own
Why do companies pour millions into SDKs? We explore the hidden costs of raw APIs and the strategic advantages of using software kits.
#1697: Automated Security for Solo Developers
Stop shipping secrets and PII to GitHub. Here's how pre-commit hooks automate security for solo developers.
#1075: The Great Kernel Shift: Why Linux is Embracing Rust
Discover why the Linux kernel is adopting Rust and how this shift aims to eliminate 70% of the digital world's security vulnerabilities.
#994: The Sideloading Tax: Why Android Fights Your Freedom
Stop letting Google gaslight you. Learn how to safely install apps outside the Play Store while keeping your data secure from poisoned packages.
#893: The Art of Red Teaming: Why You Must Break Your Own Plans
Learn why the most resilient organizations pay people to prove them wrong and how red teaming techniques can prevent catastrophic failures.
#73: VPNs: Privacy Myth vs. Reality
VPNs: privacy savior or marketing hype? We expose the truth behind the grand claims and technical realities.
#65: Security Habits for Casual Developers
Security vs. usability: a tightrope walk. Discover practical strategies to protect casual users without sacrificing ease.