I am Elecia White alongside Christopher White. We're here to chat about the interests, careers, and lives of engineers, artists, educators and makers. Our diverse guest list includes names you may have heard and engineers working quietly in the trenches. Either way, they are knowledgeable, enthusiastic, and inspiring.
We'd love to share our enthusiasm for science, technology, engineering, art, and math (STEAM).
このポッドキャストは未認証のため、最新エピソードのみ表示されます。
519: The Password Is All Zeros
Mark Omo and James Rowley spoke with us about safecracking, security, and the ethics of doing a bad job. Mark and James gave an excellent talk on the development of their safecracking tools at DEF CON 33: Cash, Drugs, and Guns: Why Your Safes Aren't Safe. It included a section of interaction involving the lock maker's lawyers bullying them and how the Electronic Frontier Foundation (EFF) has a Coders' Rights Project to support security research. As mentioned in the show, the US Cyber Trust Mark baseline has a very straightforward checklist; NISTIR 8259 is the overall standard, NISTIR 8259A is the technical checklist, NISTIR 8259B is the non-technical (process/maintenance) checklist. Roughly the process is NISTIR 8259 -> Plan/Guidance; NISTIR 8259A -> Build; NISTIR 8259B -> Support. We discussed ETSI EN 303 645 V3.1.3 (2024-09) Cyber Security for Consumer Internet of Things: Baseline Requirement and the EU's CRA: Cyber Resilience Act which requires manufacturers to implement security by design, have security by default, provide free security updates, and protect confidentiality. See more here: How to prepare for the Cyber Resilience Act (CRA): A guide for manufacturers. We didn't mention Ghidra in the show specifically, but it is a tool for reverse engineering software: given a binary image, what was the code? Some of the safecracking was helped by the lock maker using the same processor in the PS4 which has many people looking to crack it. See fail0verflow :: PS4 Aux Hax 1: Intro & Aeolia for an introduction. Mark and James have presented multiple times at Hardwear.io, a series of conferences and webinars about security (not wearables). Some related highlights: 2024: Breaking Into Chips By Reading The Datasheet is about the exploit developed for the older lock version on the safes discussed in the show. USA 2025: Extracting Protected Flash With STM32-TraceRip is about STM32 exploits.
518: Nothing We Can Do About Frogs
James Cameron spoke with us about programming for and operating a large telescope. The show is a blend of astronomy, engineering on the fly, and weird lady bug habitats. The Anglo-Australian Telescope (AAT) is part of the Australian National University's Siding Spring Observatory in Coonabarabran, New South Wales, Australia. The AAT has an all sky camera where you can check in on a very dark sky. James was on Embedded Episode 172: Tell Forth You Me Please where we talked about the Forth programming language and his experiences with One Laptop Per Child. Transcript Unrelated to the AAT, Chris took this image of the Andromeda Galaxy (M31) from his Zwo Seestar 50 over 9 hours (multiple days), stacking the images and processing the data.
517: A Direct, Sensible Podcast
Nathan Jones and Chris Svec give Chris and Elecia their 2025 performance review. Donations went to Elevate Tutoring, an organization that provides funding and support to low-income and first-generation college students as well as free STEM tutoring for underserved schools. Embedded has already sent in the match to the donations for a total of over $5000. Here is a list of all Embedded.fm episodes. We mentioned the Foldscope, a small but mighty microscope. Also, mentioned was the book If I Only Changed the Software, Why is the Phone on Fire? The show this week is sponsored by us. And you. Please consider supporting Embedded.fm on Ko-fi or Patreon. Or tell a friend about the show. Transcript
516: Voices From the Cataclysms of the Universe
Sophi Kravitz joined us to talk about art, science, and engineering. You can see Messages from Space on Sophi's website /sophikravitz.com). A subset of the artwork had a short stay for a demo at Chabot Space & Science Center. The completed work will be shown in 2026. Sophi mentioned collaborating with two sonic environment artists Sofy Yuditskaya and Ria Rajan. Geiger–Müller tube is an ionizing radiation detector. Cosmic rays move through space at nearly the speed of light, generally originating far away and long ago. You can also see them in a cloud chamber, like the one at San Francisco's Exploratorium. We also talked about using sculpting in Blender (there are many online video introductions). Sophi does EE consulting and system quality checking at her company Greenlight. The show this week is sponsored by us. And you. Please consider supporting Embedded.fm on Ko-fi or Patreon. Or tell a friend about the show. Transcript
515: Script Boomers
Nick Kartsioukas joined us to talk about security in embedded systems. Common Vulnerabilities and Exposures (CVE) is the primary database to check your software libraries, tools, and OSs: cve.org. Open Worldwide Application Security Project (OWASP, owasp.org) has information on how to improve security in all kinds of applications, including embedded application security. There are also cheatsheets, Nick particularly recommends Software Supply Chain Security - OWASP Cheat Sheet. Wait, what is supply chain security? Nick suggested a nice article on github.com: it is about your code and tools including firmware update, a common weak point in embedded device security. Want to try out some security work? There are capture the flag (CTF) challenges including the Microcorruption CTF (microcorruption.com) which is embedded security related. We also talked about the SANS Holiday Hack Challenge (also see Prior SANS Holiday Hack Challenges). This episode is brought to you by RunSafe Security. Working with C or C++ in your embedded projects? RunSafe Security helps you build safer, more resilient devices with build-time SBOM generation, vulnerability identification, and patented code hardening. Their Load-time Function Randomization stops the exploit of memory-based attacks, something we all know is much needed. Learn more at RunSafeSecurity.com/embeddedfm. Some other sites that have good information embedded security: This World Of Ours by James Mickens is an easy read about threat modelling Cybersecurity and Infrastructure Security Agency (CISA) is at cisa.gov and, among other things, they describe SBOMs in great detail National Institute of Standards and Technology (NIST) also provides guidance: Internet of Things (IoT) | NIST NIST Cybersecurity for IoT Program NIST SP800-213 IoT Device Cybersecurity Guidance for the Federal Government: Establishing IoT Device Cybersecurity Requirements There is a group of universities and organizations doing research into embedded security: National Science Foundation Center for Hardware and Embedded Systems Security and Trust (CHEST). Descriptive overview and the site is nsfchest.org European Telecommunications Standards Institute (ETSI) - Consumer IoT Security Camera Ubiquiti configuration issue (what not to do) Finally, Nick mentioned Stop The Bleed which provides training on how you can control bleeding, a leading cause of death. They even have a podcast (and we know you like those). Elecia followed up with Community Emergency Response Teams (CERT). Call your local fire department and ask about training near you! Transcript
こちらもおすすめ
近藤淳也のアンノウンラジオ
株式会社はてな創業者であり現在もITの第一線で働く近藤淳也が、京都の宿UNKNOWN KYOTOにやって来る「好きなことを仕事にしている人」を深堀りすることで、世の中の多様な仕事やキャリア、生き方・働き方を「リアルな実例」として紐解いていきます。 . 【ホスト:近藤淳也】 株式会社OND代表取締役社長、株式会社はてな取締役、UNKNOWN KYOTO支配人、NPO法人滋賀一周トレイル代表理事、トレイルランナー。 2001年に「はてなブログ」「はてなブックマーク」などを運営する株式会社はてなを創業、2011年にマザーズにて上場。その後2017年に株式会社ONDを設立し、現在もITの第一線で働く。 株式会社OND: https://ond-inc.com/ . 【UNKNOWN KYOTO】 築100年を超える元遊郭建築を改装し、仕事もできて暮らせる宿に。コワーキングやオフィスを併設することで、宿泊として来られる方と京都を拠点に働く方が交わる場所になっています。 1泊の観光目的の利用だけではなく、中長期滞在される方にも好評いただいています。 web: https://unknown.kyoto/ . こちらから本文を読んだりコメントが書けます! https://listen.style/p/unknownradio
IBUKI STATION
ここはアウトドア向けGPSトラッキング「IBUKI」にまつわる人々が集まる場所。 トレイルラン、登山、冒険、ランニング、自転車、ロゲイニング、、 スタイルは数あれど、共通しているのは自然を楽しみ、そして人とのつながりも楽しむ姿勢。 自然を目一杯楽しみ、苦しみながら、人と接する喜びにも気付く。 アウトドアを満喫するみなさんが、ほっとできるIBUKI STATIONです。 IBUKI https://ibuki.run/ 近藤淳也 IBUKIを提供する株式会社OND代表。ポッドキャストプラットフォーム「LISTEN」も展開 桑原佑輔 OND所属。IBUKI事業担当営業・テクニカルディレクター
@narumi のつぶやき
声低おじさんの独り言です。 たまにゲストも呼んだりします。
LISTEN NEWS
LISTENは、AI文字起こしとコミュニティで、ポッドキャストを「聴く・配信する・つながる」ためのプラットフォームです。 公式番組「LISTEN NEWS」では、開発の裏話や近況も交えつつ、最新情報をお届けします。 LISTENはこちら→ https://listen.style/
一日一配
声の日記。自分の声で日記を書く、LISTENならではのポッドキャスト。
桃山商事
コミュニケーション、男性性、恋愛、人間関係、ジェンダー、ケア、孤独、性欲、会社、友情、老い……メンバーがその時々で気になったテーマを1つ設定して、モヤモヤを言語化していくNEOな座談Podcastです。2011〜2016年「二軍ラジオ」(ApplePodcast)、2017〜2024年「恋愛よももやまばなし」(ニコ生→Podcast)を配信していました。清田隆之(文筆業)、森田(会社員)、ワッコ(会社員)、さとう(会社員)の4人でお届けします。