Subscribe: Security Now!
http://leoville.tv/podcasts/sn.xml
Preview: Security Now!

Security Now (MP3)



Steve Gibson, the man who coined the term spyware and created the first anti-spyware program, creator of Spinrite and ShieldsUP, discusses the hot topics in security today with Leo Laporte. Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific /



Published: Tue, 29 Nov 2016 21:00:49 PST

Last Build Date: Tue, 29 Nov 2016 21:00:49 PST

Copyright: This work is licensed under a Creative Commons License - Attribution-NonCommercial-NoDerivatives 4.0 International - http://creativecommons.org/licenses/by-nc-nd/4.0/
 



SN 588: Your Questions, Steve's Answers 243

Tue, 29 Nov 2016 19:00:16 PST

(image)

A wonderful quote about random numbers, our standard interesting mix of security do's and dont's, new exploits (WordPress dodged a big bullet!), planned changes, tips & tricks, things to patch, a new puzzle/game discovery, some other fun miscellany... and, finally! Ten comments, thoughts and questions from our terrific listeners!

We invite you to read our show notes.

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Bandwidth for Security Now is provided by CacheFly.


Media Files:
http://www.podtrac.com/pts/redirect.mp3/cdn.twit.tv/audio/sn/sn0588/sn0588.mp3




SN 587: Mobile & IoT Nightmares

Tue, 22 Nov 2016 18:49:40 PST

(image)

Samy Kamkar is back with a weaponized $5 RaspberryPI. "El Cheapo" Android phones bring new meaning to "Phoning it in". Watching a webcam getting taken over. Bruce Schneier speaks to Congress about the Internet. A(nother) iPhone Lockscreen Bypass and another iPhone lockup link. Ransomware author asks a security researcher for help fixing their broken crypto. Britain finally passed that very extreme surveillance law. Some more fun miscellany... and more!

We invite you to read our show notes.

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Bandwidth for Security Now is provided by CacheFly.


Media Files:
http://www.podtrac.com/pts/redirect.mp3/cdn.twit.tv/audio/sn/sn0587/sn0587.mp3




SN 586: The BlackNurse Attack

Tue, 15 Nov 2016 19:38:07 PST

(image)

Results from our listener's informal CAIDA spoofing testing. LessPass turned out to be even less than it appeared. Steve's day at Yubico. News from PwnFest & Mobile Pwn2Own. The probable elimination of Dark Matter. A new Wi-Fi field disturbance attack. A wacky Kickstarter "fingerprint" glove. The "BlackNurse" reduced-bandwidth DoS attack.

We invite you to read our show notes.

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Bandwidth for Security Now is provided by CacheFly.


Media Files:
http://www.podtrac.com/pts/redirect.mp3/cdn.twit.tv/audio/sn/sn0586/sn0586.mp3




SN 585: The Windows AtomBomb

Tue, 08 Nov 2016 17:06:29 PST

(image)

Leo and I discuss the answer to last week's security & privacy puzzler, Let's Encrypt Squarespace, the new open source "LessPass" app, LastPass goes mobile-free, many problems with OAuth, popular Internet services' privacy concerns, news from the IP spoofing front, Microsoft clarifies Win10 update settings and winds down EMET, a hacker finds a serious flaw in Gmail, MySQL patches need to be installed now, a tweet from Paul Thurrott, a bit of errata and... and the Windows AtomBomb attack.

We invite you to read our show notes.

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Bandwidth for Security Now is provided by CacheFly.


Media Files:
http://www.podtrac.com/pts/redirect.mp3/cdn.twit.tv/audio/sn/sn0585/sn0585.mp3




SN 584: Your Questions, Steve's Answers 242

Tue, 01 Nov 2016 17:33:18 PST

(image)

Leo and Steve discuss an oh-so-subtle side-channel attack on Intel processors, the quest for verifiable hacker-proof code (which oh-so-subtle side-channel attacks on processors can exploit anyway!), another compiler optimization security gotcha, the challenge of adding new web features without opening routes of exploitation, some good news about the DMCA, Matthew Green and the DMCA, the relentless MPAA and RIAA still pushing the limits and threatening the Internet, the secure ProtonMail service feels the frightening power of skewed search results, regaining control over Windows 10 upgrade insistence, a new 0-day vulnerability Google revealed before Microsoft has patched it, a bit of errata, miscellany and as many listener feedback questions and comments as we have time for.

We invite you to read our show notes.

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Bandwidth for Security Now is provided by CacheFly.


Media Files:
http://www.podtrac.com/pts/redirect.mp3/cdn.twit.tv/audio/sn/sn0584/sn0584.mp3




SN 583: DRAMMER

Tue, 25 Oct 2016 17:47:20 PST

(image)

Leo and Steve discuss last week's major attack on DNS, answering the question of whether the Internet is still working?, we look at Linux's worrisome "Dirty COW" bug rediscovered in the kernel after nine years, we address the worrisome average lifetime of Linux bugs, share a bit of errata and miscellany, and offer an in-depth analysis of DRAMMER, the new, largely unpatachable, Android mobile device Rowhammer 30-second exploit.

We invite you to read our show notes.

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Bandwidth for Security Now is provided by CacheFly.


Media Files:
http://www.podtrac.com/pts/redirect.mp3/cdn.twit.tv/audio/sn/sn0583/sn0583.mp3




SN 582: Your Questions, Steve's Answers 241

Tue, 18 Oct 2016 17:35:13 PST

(image)

Leo and Steve discuss some serious concerns raised over compelled biometric authentication, a detailed dive into the recently completed audit of VeraCrypt (the successor to TrueCrypt), more on web browsers fatiguing system main SSD storage, a bunch of interesting miscellany (including... are we living in a simulated reality?), and eleven questions and observations from our terrific listeners.

We invite you to read our show notes.

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Bandwidth for Security Now is provided by CacheFly.


Media Files:
http://www.podtrac.com/pts/redirect.mp3/cdn.twit.tv/audio/sn/sn0582/sn0582.mp3




SN 581: Yahoo and Primal Worries

Tue, 11 Oct 2016 17:16:55 PST

(image)

Leo and Steve discuss today's Windows update changes for 7 and 8.1, an exploit purchaser offers a $1.5 million bounty for iOS hacks, WhisperSystems encounter first bug, an IEEE study reveals pervasive "Security Fatigue" among users, Firefox and Chrome news, following the WoSign Woes, Samsung Note 7 news, some errata, a bunch of miscellany... and a look into new Yahoo troubles and concerns over the possibility of hidden trapdoors in widely deployed prime numbers.

We invite you to read our show notes.

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Bandwidth for Security Now is provided by CacheFly.


Media Files:
http://www.podtrac.com/pts/redirect.mp3/cdn.twit.tv/audio/sn/sn0581/sn0581.mp3




SN 580: Your Questions, Steve's Answers 240

Tue, 04 Oct 2016 13:18:32 PST

(image)

An "update" on Microsoft's GWX remover, an encouraging direction for the Windows 10 Edge browser, HP's "security update" blocks non-HP ink cartridges, a clarification about how to upgrade a site's password hashing, a really terrific DNS hack, another update on Windows update, our web browsers may be fatiguing our SSD's, and Steve answers your questions!

We invite you to read our show notes.

Hosts: Steve Gibson and Fr. Robert Ballecer, SJ

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Bandwidth for Security Now is provided by CacheFly.


Media Files:
http://www.podtrac.com/pts/redirect.mp3/cdn.twit.tv/audio/sn/sn0580/sn0580.mp3




SN 579: DDoS, Breaches and Other Records To Be Broken

Tue, 27 Sep 2016 17:24:42 PST

(image)

Brian Krebs, Akamai and Google's Project Shield, Yahoo's record-breaking, massive 500 million user data breach, Apple's acknowledged iOS 10 backup PBKDF flaw, well known teen hacker jailbreaks his new iPhone 7 in 24 hours, Microsoft formally allows removal of "Get Windows 10", a new OpenSSL SERVER DoS flaw, more WoSign/StartCom woes (Mozilla prepares to pull the plug), Bittorrent Sync renamed and more deeply documented, and more!

We invite you to read our show notes.

Hosts: Steve Gibson and Fr. Robert Ballecer, SJ

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Bandwidth for Security Now is provided by CacheFly.


Media Files:
http://www.podtrac.com/pts/redirect.mp3/cdn.twit.tv/audio/sn/sn0579/sn0579.mp3