515: Script Boomers episode artwork

EPISODE · Nov 27, 2025 · 1H 10M

515: Script Boomers

from Embedded · host Logical Elegance

Nick Kartsioukas joined us to talk about security in embedded systems.  Common Vulnerabilities and Exposures (CVE) is the primary database to check your software libraries, tools, and OSs: cve.org. Open Worldwide Application Security Project (OWASP, owasp.org) has information on how to improve security in all kinds of applications, including embedded application security. There are also cheatsheets, Nick particularly recommends Software Supply Chain Security - OWASP Cheat Sheet.  Wait, what is supply chain security? Nick suggested a nice article on github.com: it is about your code and tools including firmware update, a common weak point in embedded device security. Want to try out some security work? There are capture the flag (CTF) challenges including the Microcorruption CTF (microcorruption.com) which is embedded security related. We also talked about the SANS Holiday Hack Challenge (also see Prior SANS Holiday Hack Challenges). This episode is brought to you by  RunSafe Security. Working with C or C++ in your embedded projects? RunSafe Security helps you build safer, more resilient devices with build-time SBOM generation, vulnerability identification, and patented code hardening. Their Load-time Function Randomization stops the exploit of memory-based attacks, something we all know is much needed. Learn more at RunSafeSecurity.com/embeddedfm. Some other sites that have good information embedded security: This World Of Ours by James Mickens is an easy read about threat modelling Cybersecurity and Infrastructure Security Agency (CISA) is at cisa.gov and, among other things, they describe SBOMs in great detail National Institute of Standards and Technology (NIST) also provides guidance: Internet of Things (IoT) | NIST  NIST Cybersecurity for IoT Program  NIST SP800-213 IoT Device Cybersecurity Guidance for the Federal Government: Establishing IoT Device Cybersecurity Requirements There is a group of universities and organizations doing research into embedded security: National Science Foundation Center for Hardware and Embedded Systems Security and Trust (CHEST). Descriptive overview and the site is nsfchest.org European Telecommunications Standards Institute (ETSI) - Consumer IoT Security Camera Ubiquiti configuration issue (what not to do) Finally, Nick mentioned Stop The Bleed which provides training on how you can control bleeding, a leading cause of death. They even have a podcast (and we know you like those). Elecia followed up with Community Emergency Response Teams (CERT). Call your local fire department and ask about training near you! Transcript

NOW PLAYING

515: Script Boomers

0:00 1:10:23

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

Epic: Silver Wing Realm EPIC is your new HQ for Realm’s exhilarating action and adventure stories, with new episodes dropping every Monday introduced by host Faith McQuinn.Embark on your greatest adventures yet, whether it’s crash landing on a desolate planet with only a cerebrally-embedded AI to guide you, or realizing that your latest game design is the only thing staving off total global annihilation. So unsheath those earbuds, clench that steering wheel, and buckle up because EPIC is about to take off.This month, we are featuring Silver Wing: On a desert planet in the far future, an old dragon hunter embarks on a desperate journey to save her estranged son. For centuries, the dragons have been sleeping. But in their rest, they provide a crucial energy source necessary to keep the planet Toon Flats habitable. Amphet Dahl is a diviner, gifted with the ability to sense the dragons’ dreams and memories and to the disappointment of her son, Afton, she uses this ability to Government Approved Matt Finlay (wavlake) This album was recorded in 432Hz base tuning and each track contains a different embedded solfeggio frequency tone.All songs written by Matt Finlay;except for "Your Government Is Your Enemy" written by Angry North (https://linktr.ee/angrynorth).All songs recorded and performed by Matt Finlay.Additional vocals on "Daddy Government" by Courage Is The Cure.Mixed by Matt Finlay & Number Six at TNP Productions LLC Mastered at TNP Productions LLC - https://anartistcollective.com/creatives-directory/media-arts/tnp-productions-llcISRC AU-OXF-25-00001Copyright Matt Finlay 2025Album artwork by Shelly Omstead at Anartist Collective - https://anartistcollective.com Mastering Embedded Systems Georg Lohrer from EmbeddedSuccess.com This is the podcast for everybody who is interested in having more success in his project work. I'll teach you the know-how and the tools to overcome your challenges. Out of practice into practice. Join my stories, see my own mistakes or successes. Make the best out of my tips and advices.Lift your own results to the next level. CYBER VICE Hacking. Hackers. Disinformation campaigns. Encryption. The Cyber. This stuff gets complicated really fast, but Motherboard spends its time embedded in the infosec world so you don't have to. Host Matthew Gault talks every week to Motherboard reporters about the stories they're breaking and to the industry's most famous hackers and researchers about the biggest news in cybersecurity. Hosted on Acast. See acast.com/privacy for more information.

Frequently Asked Questions

How long is this episode of Embedded?

This episode is 1 hour and 10 minutes long.

When was this Embedded episode published?

This episode was published on November 27, 2025.

What is this episode about?

Nick Kartsioukas joined us to talk about security in embedded systems.  Common Vulnerabilities and Exposures (CVE) is the primary database to check your software libraries, tools, and OSs: cve.org. Open Worldwide Application Security Project (OWASP,...

Can I download this Embedded episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!