Application Security Weekly (Audio)

Secure By Design Is Better Than Secure By Myth - Bob Lord - ASW #365

Jan 13, 2026

53:33

forum

Ask episode

view_agenda

Chapters

auto_awesome

Transcript

info_circle

Episode notes

Not all infosec advice is helpful. Bad advice wastes time, makes people less secure, and takes focus away from making software more secure. Bob Lord talks about his efforts to tamp down hacklore -- the security myths and mistakes that crop up in news stories and advice to users. He talks about how these myths come about, why they're harmful, and how they're related to the necessity of building software that's secure by design.

Segment Resources:

https://www.hacklore.org/
https://medium.com/@boblord/lets-stop-hacklore-d5c86a0fdad8
https://www.cisa.gov/securebydesign
https://medium.com/@boblord/recurring-classes-of-software-weaknesses-2007-vs-2025-c2cd56125e1a
https://www.ncsc.gov.uk/report/a-method-to-assess-forgivable-vs-unforgivable-vulnerabilities
https://99percentinvisible.org/episode/nut-behind-wheel/
https://timharford.com/2022/05/cautionary-tales-short-a-screw-loose-at-17000ft/

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://securityweekly.com/asw-365

Home Top podcasts Popular guests Top books