More Open Source Security episodes
Published 9 Feb 2026
Duration: 32:26
The Nextcloud podcast explores its evolution as an open-source collaboration platform that promotes digital sovereignty, offering users self-hosted data and software, avoiding vendor lock-in and empowering data portability and transparency.
Josh talk to the founder and CEO of Nextcloud, Frank Karlitschek about digital sovereignty. There's a lot of attention lately around digital sovereign...
The podcast explores the evolution of Nextcloud, which began as a hobby project called ownCloud and was revitalized a decade ago to become an open source collaboration platform. It emphasizes Nextcloud's mission to provide users with control over their data through self-hosting capabilities, enabling digital sovereignty. The platform offers a range of tools for file synchronization, email, calendar, chat, and office work, all designed to be open and free from vendor lock-in, ensuring data portability and transparency.
The discussion also addresses the growing importance of data sovereignty in the face of differing privacy regulations across regions, such as European laws and U.S. legal frameworks. Nextcloud is highlighted for its scalable architecture and ease of setup, including options like Docker, making it accessible for both individuals and organizations. The platform is driven by a community-focused development model, prioritizing ethical practices and user freedom. Looking ahead, the project aims to enhance performance, security, and overall user experience to better serve its growing user base.
30 Mar 2026 Open Source Security at scale with Michael Wisner
The Alpha Omega Project addresses open-source security by targeting leverage points like Node.js and Python ecosystems, advocating for systemic solutions, dedicated security roles, sustainable funding, and registry infrastructure improvements to counter fragmented practices and downstream risks.
23 Mar 2026 2026 State of the Software Supply Chain with Brian Fox
The State of the Software Supply Chain Report underscores explosive open source growth (10T annual downloads) paired with critical challenges like malware proliferation (1.2M malicious packages), unresolved vulnerabilities (65% unaddressed), infrastructure strain, AI's dual role in risk (hallucinations) and potential (MCP systems), and urgent needs for improved tools, policies, and cost management amid regulatory and scalability pressures.
16 Mar 2026 MCP and Agent security with Luke Hinds
The text explores AI agent security risks like prompt injection and open-source vulnerabilities, emphasizing the No-NO project's kernel-based sandboxing with a deny-by-default model, hardware enclaves, and Rust-driven efficiency, alongside layered defenses, restricted commands, and collaborative efforts to tackle evolving threats like social engineering and insecure coding practices.
9 Mar 2026 The State of OpenSSL for pyca/cryptography with Alex Gaynor and Paul Kehrer
OpenSSL 3.0 is criticized for increased complexity, performance issues, and insufficient progress in testing and memory safety, sparking debate over its adoption and the need for alternative cryptographic libraries.
2 Mar 2026 Rust coreutils with Sylvestre Ledru
A modern rewrite of Unix command-line tools using Rust aims for memory safety, performance, and maintainability while achieving high compatibility.