Open Source Security

Listen, download, subscribe

Apple Podcasts

Spotify

Curl vs AI with Daniel Stenberg

Daniel Stenberg, the maintainer of Curl, discusses the increase in AI security reports that are wasting the time of maintainers. We discuss Curl's new policy of banning the bad actors while establishing some pretty sane AI usage guidelines. We chat about how this low-effort, high-impact abuse pattern is a denial-of-service attack on the curl project (and other open source projects too). The show notes and blog post for this episode can be found at https://opensourcesecurity.io/2025/2025-05-curl_vs_ai_with_daniel_stenberg/

• 

  How to actually test a disaster plan with David Bernstein

• 

  Open Source Pledge with Vlad-Stefan Harbuz

• 

  Building a plan for disaster with David Bernstein

• 

  Open Source Malware with Paul McCarty

• 

  Package management challenges with Andrew Nesbitt

• 

  Open Source Security at scale with Michael Winser

• 

  2026 State of the Software Supply Chain with Brian Fox

• 

  MCP and Agent security with Luke Hinds

• 

  The State of OpenSSL for pyca/cryptography with Alex Gaynor and Paul Kehrer

• 

  Rust coreutils with Sylvestre Ledru

• 

  Goose and the Agentic AI Foundation with Brad Axen

• 

  The Global Vulnerability Intelligence Platform with Olle E. Johansson

• 

  Digital Sovereignty and Nextcloud with Frank Karlitschek

• 

  The Art of Crisis Management with David Bernstein

• 

  WTF is a passkey with William Brown

• 

  All about Suricata with Victor Julien