#48 Peter Waegemann, Security in the Medical Industry

Peter Waegemann author of Knowledge Capital in the Digital Society and I discuss security in the medical industry and why he advocates for less privacy.

Who he is; Peter's background; overview of security in the medical field, more secure than the media suggests, less secure than it should be; Peter's views on privacy/security have changed over the years; why he was booed off stage; fear of breaches vs reality of damage done; the importance of data integrity; how privacy adversely affects outcomes; what the laws or regulations should look like; wrap up.

Download mp3 of podcast

#37 Andrei Simionescu, Lavaboom

Andrei Simionescu of the now closed Lavaboom talks to me about the encrypted email service they wanted to make.

Who he is; a little about Lavaboom; PGP is unfriendly, why did they make it, connection to Lavabit; "but I've got nothing to hide", do I make myself a target by using it; other PGP email initiatives; lawful legal requests; open source for core features, verifying the builds are from the source; how Lavaboom works; is there any clear text ever; losing a password; what kind of encryption is in use; open source problems; hosting; scaling; making money; raising money.

#31 Jason MacInnes, Draft Kings

Jason MacInnes, CTO of Draft Kings tells me about their architecture and scaling demands.

A little about Jason; what Draft Kings is, why it's not gambling, how Draft Kings started; controlling growth, SDLC, Agile growing pains, aligning skills; software stack (MySql, RabbitMq, MassTransit), choice of ASP.NET; scaling the system; transitioning to micro-services, dev ops; service level agreements, dealing with unpredictable events; where the statistics and data come from, customer privacy, future work.

#20 Gus Warren, Disconnect.me

Gus Warren of Disconnect discusses their tools, privacy, tracking and acceptable advertising.

Gus’ background, what is Disconnect; how ads track us, cookies, fingerprinting; why is the information gathered, tying online behavior to offline identities; privacy matters even if you have nothing to hide, incognito/private browser mode is not enough; what Disconnect does, blocking, search, ratings, not an ad blocker, differences from Ghostery, targeted, but private advertising; getting people to opt-in to advertising; how the tech works, data usage reduction, faster page loads, private searching; Google pulling Disconnect mobile from app store, side loading; free and premium editions; advertising industry response to blocking tools, future of tracking, EFF Do Not Track policy; spreading word about Disconnect; partnerships, Black Phone; building a browser; future work.

Book Recommendations

Ben & Jerry’s: The Inside Scoop: How Two Real Guys Built a Business with a Social Conscience and a Sense of Humor

The Cluetrain Manifesto

Contagious: Why Things Catch On

#17 Robert Hurlbut, Software security

Robert Hurlbut and I discuss various aspects of software security

Background, why security isn’t thought about enough, out of the box security with MVC, XSS, CSRF, model binding and parameter tampering; https everything or just on parts of a site; Microsoft improving security, open source issues, inclusion of open source in hardware security devices; unmanaged code in web apps; typical weaknesses in software, password security; software review process, threat models, code reviews, fuzz testing; healthcare security, medical devices, attack vectors, Barnaby Jack, how to build secure devices; finding good security professionals, conferences and tradeshows; books; dont roll your own security; Robert’s presentation at Boston Code Camp.

Book Recommendations
Iron-Clad Java: Building Secure Web Applications

Writing Secure Code (2nd Edition) (Developer Best Practices)

Software Security: Building Security In

#15 Linus Olsson, Hemlis project

Linus Olsson of the Hemlis project discusses what Hemlis is, why they are building it and how it works.

Linus I and discuss his background, what is Hemlis, why build it; open source; need for security and privacy, does encryption make you a target, good encryption vs bad encryption; why trust Hemlis, legal requests for data, would he go to jail to protect users; how it works, public key encryption, easier than PGP, type of encryption, back door on phone, base band hacking; open source vulnerabilities; servers, just for relaying, graphs, peer-to-peer not viable; scaling; release date, usability; how to promote your software; pricing, premium features, enterprise solution.

Book Recommendations
The Mom Test: How to talk to customers & learn if your business is a good idea when everyone is lying to you

The Lean Startup: How Today’s Entrepreneurs Use Continuous Innovation to Create Radically Successful Businesses

#12 Sean Blanchfield, Page Fair part 2

This is part two of an interview with Sean Blanchfield of Page Fair. Part one can be found here. This part looks at the technology behind Page Fair.

Sean and I discuss how adblockers work, easylist block list, how Page Fair works, cooperation with easy list, using Page Fair on a site; backend technology, python, Redis, twisted, Linux, Amazon Web Services, server load and traffic patterns; serving ads, bids, speed, Page Fair auction, no tracking of users, panopticlick and fingerprinting, tracking across devices and locations, data management platforms; noscript and Page Fair; Youtube and ads; not always showing an ad; ad block walls; book choices, The Innovator’s Dilemma, The Elements of Style, Getting Things Done: The Art of Stress-Free Productivity, Thinking, Fast and Slow; social networking and playing on expectations, trust in relationships, meeting customers.

Page Fair report – Adblocking goes mainstream

Book Recommendations
The Innovator’s Dilemma

The Elements of Style

Getting Things Done: The Art of Stress-Free Productivity

Thinking, Fast and Slow

#11 Sean Blanchfield, Page Fair part 1

This is part one of a two part interview with Sean Blanchfield, part two will be published on October 27th.

Discussion with Sean Blanchfield of Page Fair; Demonware, multiplayer networking layer; Scalefront startup incubator, cycling through startup ideas; Page Fair beginnings; innovation life cycle, finding the good idea, determining the size of the market, Sean and I are old!; Destructoid and going viral during a bachelor party(!), popularity of adblockers, popularity by site type, by age; YouTube preroll ads and the spread of blocking, Google ads white listed; non intrusive ads, Page Fair ads can be turned off, click through rates, discrete ads; better ads from Page Fair, competition; The Innovator’s Dilemma, disruptive technology, big companies can’t change, culture in companies; ad blocking on mobile, FireFox on Android supports adblock, adblock browsers are on the way, Adblock Plus app removed from App Store, Disconnect tracker and ad blocking for mobile and desktop; supporting free content through ads, publishers reaction to ad blockers.

Part two goes into the technical workings of Page Fair.

I’ll include Sean’s book recommendations in the post for part two.

#6 Nicolas Dorier, Part 2 – NBitcoin

Part 2 of my discussion with Nicolas Dorier in which we discuss NBitcoin, what it is and why Nicolas wrote it, features of NBitcoin, how to contribute; other development work, bitcoin as a payment mechanism for consultants;
colored coins as a way of replacing shares for funding companies, dividends and distribution of profit, dilution of investment; regulation, taxation, legal backlash, fiat money.
Nicolas’ Codeproject contributions, .NET Micro Framework for use in a car, Gadgeteer project, Gadgeteer vs Netduino; 11 Useful Classes; Nicolas’ book choice.