Backpacking Light Magazine Podcasts

033: Thanks For All The (Lack Of) Phish

July 27, 2018 23:42 - 35 minutes - 32.5 MB

Eric successfully fishes, and Jon fixes his QNAP issue. Google says they haven't been phished since deploying U2F keys in 2017. Chrome flags HTTP sites as 'Not Secure' and Troy posts a video for why HTTPS matters even for static 'marketing' sites. Old movie GIFs and water on Mars. QNAP Issue was Plex Can't Phish This (Google) Just Having 2FA isn't Perfect Chrome 68 Arrives Integrity Matters https://www.reddit.com/r/silentmoviegifs/ Water On Mars

032: Don't Sweat, It's Only the Polish Dogs

July 20, 2018 05:55 - 38 minutes - 35.3 MB

Jon returns from camping so Eric can go fishing again. Costco still sells hot dogs, the Polish dogs have just migrated to Sam's Club. A trip through anti-cheat development at Riot Games, and a raft of QNAP vulnerabilities. Chickens are fun! As are javascript games... Sam's Club Pounces DeepFake Deep Dive Aadhaar Grand Challenge AntiCheat==Malware Evasion? QNAP Command Injections Silicon (Chicken) Valley Jelly Mario!

031: That's all the Spanish I can do right now

July 13, 2018 04:40 - 24 minutes - 22.9 MB

Marcelo DaCruz joins to meander through various topics that include a little cryptocurrencies, promoting other podcasts, malicious World Cup apps, 4th of July data breaches, password managers, and wrapping car keys in foil. Oh, and Costco. And what Marcelo's first Amazon purchase was. Whew! IOTA is worth 3 billion? Ethereum's Blockchain is 1TB Hamas Lures Israeli Soldiers Risky Business Podcast Golden Cup Cyber Threat Timehop Data Breach Apple to deploy 1Password Wrap you...

030: I do like me some goats...

July 07, 2018 22:29 - 43 minutes - 39.9 MB

Eric rants about cryptocurrencies, Jon speculates about a billion ten year olds. Eric likes watching zoo animals and Jon appreciates fireworks in another state. Happy Independence Day, America! Oregon State wins the College World Series Gentoo Linux Incident Cryptocurrencies, again... IOTA wut? EOS huh? Ways to think about machine learning Oregon Zoo Fireworks

029: Crypto-mining Docker Images and Insider Threats

June 29, 2018 02:51 - 43 minutes - 39.7 MB

Jon's bees don't cooperate and Eric watches baseball. Docker hub containers that mine Monero for their own benefit and a Kubernetes honeypot; Tesla's malicious insider and insider threats in general. AI assisted slow motion, NES on the playgrounds, and what it costs to run a worldwide data service. Intro - Bees Do Their Own Thing Intro - OSU Survives in College World Series Followup - Yubikey supports more than just Chrome Malicious Docker Images Kubernetes Honeypot Tesla's Mali...

028: A dash of WebUSB and smidge of leaky routers

June 22, 2018 06:25 - 43 minutes - 40 MB

Eric rewatches The Matrix. Jon rewatches an assortment from Studio Ghibli. But enough about movies. Some followup with a bit more followup. Did you know your browser can talk directly to USB devices and that your router knows where you live? Eric finds a "smart lock" that suggests you not look behind the curtain. Jon expresses more love for serverless utilities. Followup from E025 - Selling your location Followup from E026 - Apple's Notarized Apps Followup from E009 - Right to Repa...

027: Cortana is also a Voice Assistant

June 17, 2018 06:30 - 32 minutes - 29.7 MB

Eric goes fishing (with an 'f'), Jon has baby goats, and hacking Windows 10 via Cortana. Treat robots as you would like them to treat you, and an underwater datacenter. Win10/Cortana Vulnerabilities Google Assistant Android Advantage Don't Kick That Robot Microsoft's Underwater Data Center

026: Microsoft, Apple and concrete dreams

June 07, 2018 20:00 - 45 minutes - 41.4 MB

Microsoft buys GitHub and now we'll see what that actually means. Apple WWDC surprises developers with cool stuff. Antoni Gaudí wishes he had a concrete printer. Jon continues to explore his love for open source. GDPR Followup Amazon Alexa ODM Solutions Sonos Beam Microsoft Buys GitHub Microsoft + GitHub + Concerns? Apple WWDC - Notarized Apps Apple WWDC - Parental Control Printing a House Barcelona and the Sagrada Família Open Source Mac Apps

025: Stolen credit cards, emailing secret audio, fun with time and a "yay! oh, wait."

May 31, 2018 18:28 - 41 minutes - 38.9 MB

Eric has to deal with a stolen credit card. Jon checks in again on the telcos who resell your location data. Your Amazon cylinder might email an audio recording to someone. GDPR makes the web much faster. Eric likes time, Jon almost likes Apple. Notes: Krebs follow up on location data tracking Alexa eavesdropping scandal GDPR Fallout All about time by Zach Holman Steam Link! Oh, wait...

024: Comcastic Followup, Real-time Location of any Cell Phone, and Cylinder Security

May 25, 2018 06:13 - 41 minutes - 37.9 MB

Comcast gets two bits of followup; look up the real-time location of nearly any cell phone user in the states; more Google duplex and cylinder security; a Sunday sermon with some Oatmeal. Links: Followup: eFail (nice lego dumpster fire) - https://boingboing.net/2018/05/21/mime-considered-harmful.html Followup: Comcast Mesh - https://www.engadget.com/2018/05/21/comcast-is-now-selling-mesh-wifi-pods-to-its-internet-customer/ Followup: Comcast Leaks - https://www.engadget.com/2018/05/22/...

023: Password rants, eMail client vulnerabilities, and Google I/O

May 19, 2018 00:25 - 43 minutes - 40.1 MB

Eric's password buttons were pushed this week, not-so-secure eMail clients, and a touch of Google I/O. Fake coin offerings and ... a knife? Links: Password Rant - https://twitter.com/ericwuehler/status/996509740673908736 Followup: Eero + Echo - https://daringfireball.net/thetalkshow/2018/05/08/ep-221 Weird Al Hamilton Polka - https://www.youtube.com/watch?v=3v0c6smpHSk eMail Client Vulnerabilities - https://efail.de/ Google I/O - https://www.theverge.com/2018/5/8/17328828/google-i...

022: Death to the Password and some feels for Microsoft

May 11, 2018 15:15 - 40 minutes - 37.1 MB

Logging in with only a physical key, Twitter's oopsie, Facebook fires a stalker and Signal's messages do not "self-destruct". Jon chats about stuff from the Microsoft Build conference. Eric still likes Netflix. Jon likes books. Links: Gigabit Router Followup - Botnet - https://www.zdnet.com/article/botnets-competing-to-attack-vulnerable-gpon-fiber-routers/ Gigabit Router Followup - Fix - https://thehackernews.com/2018/05/protect-router-hacking.html Death to Passwords! - https://www.yu...

021: Flails, Routers, and Electronic Frontiers

May 04, 2018 06:10 - 30 minutes - 28.6 MB

Jon describes farm equipment, while Eric teaches driving lessons. Routers around the world are vulnerable, and a critical battle is won for the open web. A fun book tracking hackers and a crazy project for a VGA adapter. Links: What is a flail? - https://en.wikipedia.org/wiki/Flail_mower Oregon Instructional Permit - http://www.oregon.gov/ODOT/DMV/TEEN/pages/permit.aspx Vulnerable GPON Routers - https://threatpost.com/millions-of-home-fiber-routers-vulnerable-to-complete-takeover/1315...

020: 3200 miles, 58 hours and Unit Testing is awesome...

April 28, 2018 01:15 - 29 minutes - 27.6 MB

Eric is back from the road trip. IoT, the gift that keeps on giving. Eric chats about hotel security cards. Jon channels Harry Potter with Obiliviate DNS. The Grand Canyon is really cool and Jon tries installing a garage door opener. Links: Grand Canyon - https://www.nps.gov/grca/index.htm Ski lift exposed to the internet - https://www.golem.de/news/patscherkofel-gondelbahn-mit-sicherheitsluecken-1804-133930.html Hotel key card security - https://wired.trib.al/RkHWQ0U The Hotel Hack...

019: The Javascript Episode

April 20, 2018 06:00 - 40 minutes - 37.6 MB

Peter Wooley joins Jon to talk javascript while Eric cannot prevent it. NPM gains package signing capabilities; a casino is hacked courtesy of their fish tank; and once DeepFake matures, how do we tell what's real? Peter recommends playing Celeste on the Switch, Jon should have read a couple more books about bees, and clicky keyboards are awesome. Links: Peter Wooley on Twitter - https://twitter.com/peterwooley Javascript won! - https://hackernoon.com/javascript-has-already-won-235b29ed...

018: Gmail, Accountants, and VirusTotal, Oh My.

April 15, 2018 07:15 - 32 minutes - 30.5 MB

Gmail doesn't follow email address standards; having your accountant hacked is Not Good; and confidential data is found in VirusTotal. Eric shares a fun what-if, and Jon is mesmerized watching sorting algorithms. Links: Followup - PF Chang's vs. Panera - https://medium.com/@AkshaySharmaUS/p-f-changs-security-flaw-revealed-following-panera-bread-s-leak-b47fa6a1bba6 Google says: Ignore Those Dots! - https://jameshfisher.com/2018/04/07/the-dots-do-matter-how-to-scam-a-gmail-user.html Whe...

017: Beekeeper Jon and the Half Dead Car... Eric tries hiking and naming colors.

April 06, 2018 15:15 - 41 minutes - 38.2 MB

Jon chats about his car and beekeeping. Cloudflare's Privacy Focused DNS and an ARM v Intel post. Will Apple use its own chips in it Macs? And poor, poor Panera... Eric tries hiking Multnomah Falls and ends up hiking somewhere else. Jon gets a kick out of colors. Links: If you have an iPhone, use Overcast - https://overcast.fm Cloudflare's Privacy Focused DNS - https://1.1.1.1/ Dot-cm Typosquatting sites visited 12M times - https://krebsonsecurity.com/2018/04/dot-cm-typosquatting-site...

016: Boeing, WannaCry, and the Invisible Mask

March 31, 2018 07:00 - 28 minutes - 26.5 MB

Eric sees Ready Player One opening day. Boeing is hit by WannaCry and researchers demonstrate spoofing facial recognition using IR emitters in a ball cap. Someone built a game using HIBP passwords ("My Little Pwnage"). A personal VPN hotspot and a glowing meteorite ring. Links: Ready Player One - http://readyplayeronemovie.com/ Boeing + WannaCry - https://www.seattletimes.com/business/boeing-aerospace/boeing-hit-by-wannacry-virus-fears-it-could-cripple-some-jet-production/ Invisible M...

015: Chicken Dusting, What's in Your Blockchain?, and more!

March 23, 2018 15:15 - 37 minutes - 35.2 MB

What does Zuckerberg mean by dust in the chickens, exactly? If you look at the bitcoin blockchain, more than just bitcoin transactions can be found. AI learns to WIN by cheating. How safe is your bitcoin hardware wallet? Checking out the StackOverflow Developer Survey. Muppets and IKEA. Links: Chicken Dusting? - https://www.theverge.com/2018/3/21/17150270/mark-zuckerberg-facebook-regulated AMD Follow up - https://community.amd.com/community/amd-corporate/blog/2018/03/21/initial-amd-tech...

014: Ethereum, Spyware, and AMD's security flaws

March 17, 2018 01:15 - 35 minutes - 32.9 MB

MemFixed sends flush packets to memcached servers. Security tools start showing up for Ethereum. ISPs insert spyware into downloads from legitimate sites. Carl joins to discuss the recently disclosed AMD vulnerabilities. Links: Followup - MemFixed - https://www.bleepingcomputer.com/news/security/memfixed-tool-helps-mitigate-memcached-based-ddos-attacks/ Ethereum Security Tool - https://blog.trailofbits.com/2018/03/09/echidna-a-smart-fuzzer-for-ethereum/ Government injected spyware - h...

013: Android P and network devices as a critical vector

March 09, 2018 18:15 - 35 minutes - 32.9 MB

Security implications of Google's Android 'P' first developer preview. Newly unclassified documents from 2016 (likely Shadow Broker fallout). Girl Scout cybersecurity badges and drones in Puerto Rico. Links: GitHub DDoS - https://github.com/649/Memcrashed-DDoS-Exploit Android P security features - https://www.theverge.com/2018/3/7/17088394/android-p-developer-preview-notifications-kotlin-microphone Android ecosystem statistics - https://developer.android.com/about/dashboards/index...

012: Emailing 23,000 private keys and GitHub survives a DDoS attack

March 03, 2018 01:00 - 31 minutes - 29.1 MB

Jon is back from Florida. Is it Trust-ICO or Trustico? Anatomy of an Amplification Attack. Visualizing data and watching documentaries. Links: Trustico emails private keys - https://arstechnica.com/information-technology/2018/03/23000-https-certificates-axed-after-ceo-e-mails-private-keys/ GitHub does not <3 open memcached - https://www.wired.com/story/github-ddos-memcached/ LA Times Open S3 == Cryptojacked - https://threatpost.com/cryptojacking-attack-found-on-los-angeles-times-w...

011: Peter Wooley joins to chat UI/UX and Disneyland

February 22, 2018 15:15 - 29 minutes - 27.8 MB

We chat CSS Keyloggers and are not worried. Careful what you put into securityheaders.io. Is your Password in the list of 500 million known passwords? And you can't chat with Peter without a Disney sidetrack. Links: CSS Keyloggers - https://www.bram.us/2018/02/21/css-keylogger-and-why-you-shouldnt-worry-about-it/ securityheaders.io - https://securityheaders.io Pwned Passwords - https://www.troyhunt.com/ive-just-launched-pwned-passwords-version-2/ Avatar Flight of Passage - https://d...

010: Consumer Reports, RTL Unicode, and CPU vs Ads

February 17, 2018 07:15 - 29 minutes - 27.8 MB

iFixit and the iPhone X Teardown, Consumer Reports is now adding Security and Privacy into their electronic device ratings, Telegram has a Zero-day vulnerability due to a Right-to-Left Unicode character and Salon.com wants to mine cryptocurrencies in exchange for viewing their website. Jon talks about building a Raspberry Pi time-lapse video and Eric talks about StackOverflow stats. Links: iFixit and iPhone X Teardown - https://video.vice.com/en_us/video/motherboard-ifixit-worlds-best...

009: Carl Woodward joins the show and talks Meltdown

February 09, 2018 15:15 - 39 minutes - 36.5 MB

Carl talks meltdown/spectre from the trenches. Jon fawns over the Falcon Heavy launch. Eric yaps about Right to Repair and Hacking John Deere tractors. Carl wants an alarm clock, buys an Alexa - its all downhill from there, and it is Cedric's fault. Links: Netflix Repokid - https://medium.com/netflix-techblog/introducing-aardvark-and-repokid-53b081bf3a7e Transaction Synchronization Extension - https://software.intel.com/en-us/node/524022 Falcon Heavy Launch - https://www.space.com...

008: Alphabet's Chronicle, Fixing AWS IAM, and Jackpotting ATMs

February 02, 2018 15:15 - 23 minutes - 21.7 MB

Jon's roof doesn't collapse. Eric talks about a moon and snow caving. Then they actually talk about security stuff. Sorta. Thoughts on Chronicle, Alphabet's now named security company. Then, is there a solution for the AWS IAM permissions? And "Jackpotting" ATMs is the new thing in the US (Yay! WinXP!). Finally, Eric wants to know the first thing you bought on Amazon and Jon is looking to get stung. Links: Alphabet announces Chronicle: https://chronicle.security PolySwarm.io: https://po...

007: Apple, Stripe, Bitcoin, and The Whopper

January 26, 2018 15:15 - 25 minutes - 23.9 MB

Jon and Eric ramble through a few completely random topics. Pointless flaws in Apple Preference Panes, Stripe says goodbye to Bitcoin, Burger King takes on Net Neutrality and Jon almost earns himself a Darwin Award. Links: Flaw in AppStore System Preferences: https://www.macrumors.com/2018/01/10/macos-high-sierra-app-store-password-bug/ Stripe drops support for Bitcoin: https://stripe.com/blog/ending-bitcoin-support 50 Cent is a Bitcoin Millionaire: https://www.theverge.com/2018/1...

006: Crash of the Cryptocurrencies and a Hawaii UX #fail

January 19, 2018 15:15 - 35 minutes - 33.1 MB

Jon and Eric chat about stuff completely unrelated to security, with bonus tangents! Links: Shadows Over Camelot: http://www.theboardgamefamily.com/2010/06/shadows-over-camelot-noble-quest-for/ The Laundroid: https://www.theverge.com/2018/1/10/16865506/laundroid-laundry-folding-machine-foldimate-ces-2018 Crash of the Cryptocurrencies: https://arstechnica.com/information-technology/2018/01/in-the-wild-malware-preys-on-computers-dedicated-to-mining-cryptocurrency/ Tangent! Electricity...

#61 Journey on the Wild Coast - Raising an Adventurer

November 25, 2008 14:53

Erin and Hig's mothers weigh in with childhood anecdotes that give us a glimpse of young explorers in the making.

#60 Journey on the Wild Coast: Maintaining Health and Preventing Injury

November 11, 2008 18:14

Erin and Hig discuss their minimal first aid kit and strategies for staying alive and well throughout a year of wilderness trekking.

#59: Journey on the Wild Coast - Vacation Spots

October 28, 2008 19:22

Carol Crooker chats with Erin and Hig about their favorite spots to visit along the Pacific coast no matter what the season.

#58: Journey on the Wild Coast - The Newlywed Game

October 22, 2008 05:42

Carol Crooker puts Erin and Hig through Backpacking LIght Magazine's own version of the Newlywed Game. Secrets and insights abound.

#57 ORSM 2008 Demo Days Short

August 09, 2008 20:53

ORSM 2008 Demo Days beach shot, showing the lake, the booths, and the hot hot sun.

#56 Roman Dial's Packrafting! Interview

July 29, 2008 21:11

Ron Craighead interviews Roman Dial on the release of his new book, Packrafting!

#55 Light in the Wild with Monte Dolack

July 23, 2008 04:31

Ron Craighead interviews Montana artist Monte Dolack on growing up in the Big Sky State and on the Backpacking Light-commissioned fine art poster print, "Light in the Wild."

#54: The NOLS 40-Pound Initiative

May 09, 2008 21:06

NOLS Rocky Mountain discusses the process and progress of the 40-Pound Initiative, a branch effort to reduce student pack weights to 40 pounds or less for all Wind River courses.

#53: Journey on the Wild Coast – Handling Frightful Weather

April 28, 2008 22:29

Carol Crooker exposes the insanity of Bretwood Higman and Erin McKittrick. Three pounds of shared sleeping quilt for minus 30 degree weather?!

#52: Making Unconventional Choices for a Better Life

April 09, 2008 06:54

John Coffer is out of step with modern life – and that’s just the way he likes it. Carol Crooker talks with John about his journey to contentment. John Coffer declared his independence from conventional choices when he was 26. Three decades later he lives in a self-built cabin without AC electricity or indoor plumbing, yet has visitors from around the world. A New York art gallery has the tintype photographs he is famous for on display. He is content. Lightweight backpackers are accustomed t...

#51: The Fight to Permit Packrafting in the Grand Canyon

March 07, 2008 07:06

Roman Dial makes history by securing the first permit for a packraft/backpack trip in the Grand Canyon and on the Colorado River.

#50: Cameron McNeish, the Emotional Value of Wilderness

March 04, 2008 06:24

Ron Craighead explores the emotive value of wilderness with author, adventurer, and magazine editor Cameron McNeish of Scotland.

#49: Little Alpacka Packraft can Play with the Big Kids

February 27, 2008 05:46

Carol Crooker talks with veteran packrafter Elaine Mayer about the joys of packrafting. Packraft can more than hold their own in group trips that include more traditional boats.

#48: Journey on the Wild Coast - Long Boat and Gear Repair

February 12, 2008 21:40

Ken Knight concludes his interview with Erin and Hig as they spend a few days in Valdez, Alaska. Delving further into the longboat, gear repair, keeping feet healthy, and what they expect next, are the main topics of discussion.

#48 REPOST: Primus ETA Express Integrated Stove - ORWM 2008

January 31, 2008 22:42

The Primus Eta Express integrated canister stove seen at the Outdoor Retailer Winter Market 2008.

#47: Journey on the Wild Coast- Hot Beds and Journalism

January 30, 2008 06:01

Part 1 of 2. Erin and Hig discuss their travels from Cordova to Valdz. Topics include: making hot gravel beds with fire, use the the packrafts as a longboat, how they capture some of the splendid video and photo imagery it has been our pleasure to view, and much more.

#46: Lightweight Backcountry Ski Touring Gear

January 26, 2008 14:53

On January 22, 2008, Backpacking Light staff left the Outdoor Retailer Winter Market Backcountry Basecamp in Snowbasin, to explore the Utah backcountry and compare three approaches to backcountry ski touring that might be considered by winter backpackers interested in mountain travel.

Backpacking Light Magazine Podcasts

Episodes

Twitter Mentions