Subscribe: Security Now!
http://leoville.tv/podcasts/sn.xml
Added By: Feedage Forager Feedage Grade A rated
Language: English
Tags:
disk maintenance  grc home  grc  home disk  notes  security  show  site grc  steve gibson  steve site  steve  visit steve  written spinrite 
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: Security Now!

Security Now (MP3)



Steve Gibson, the man who coined the term spyware and created the first anti-spyware program, creator of Spinrite and ShieldsUP, discusses the hot topics in security today with Leo Laporte. Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific /



Published: Tue, 17 Oct 2017 22:01:08 PDT

Last Build Date: Tue, 17 Oct 2017 22:01:08 PDT

Copyright: This work is licensed under a Creative Commons License - Attribution-NonCommercial-NoDerivatives 4.0 International - http://creativecommons.org/licenses/by-nc-nd/4.0/
 



SN 633: KRACKing WiFiSN 633: KRACKing WiFi

Tue, 17 Oct 2017 18:01:11 PDT

(image)

This week, we examine ROCA's easily factorable public keys, the surprising prevalence of web-based cryptocurrency mining, some interesting work in iOS password dialog spoofing, Google's Advanced Protection Program, some good "Loopback" comments from our listeners... and then we take a close look at KRACK - the Key Reinstallation AttaCK against ALL unpatched WiFi systems.

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Bandwidth for Security Now is provided by CacheFly.

KRACK and ROCA.


Media Files:
http://www.podtrac.com/pts/redirect.mp3/cdn.twit.tv/audio/sn/sn0633/sn0633.mp3




SN 632: The DNSSEC ChallengeSN 632: The DNSSEC Challenge

Tue, 10 Oct 2017 18:58:57 PDT

(image)

This week we take a look at a well-handled breach-response at Disqus, a rather horrifying mistake Apple made in the implementation of their APFS encryption (and the difficulty to the user of fully cleaning up after it), the famous "robots.txt" file gets a brilliant new companion, somewhat shocking news about Windows XP... or is it? Firefox EOL for Windows XP support coming next summer, the sage security thought for the day, an update on "The Orville", some closing the loop comments, including a recommendation of the best Security Now series we did in the past... and finally, a look at the challenge of DNSSEC.

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Bandwidth for Security Now is provided by CacheFly.

Domain Name System SECurity Extensions


Media Files:
http://www.podtrac.com/pts/redirect.mp3/cdn.twit.tv/audio/sn/sn0632/sn0632.mp3




SN 631: Private Contact DiscoverySN 631: Private Contact Discovery

Tue, 03 Oct 2017 20:03:25 PDT

(image)

This week we discuss some aspects of iOS v11, the emergence of browser hijack cryptocurrency mining, new information about the Equifax hack, Google security research and Gmail improvements, breaking DKIM without breaking it, concerns over many servers in small routers and aging unpatched motherboard EFI firmware, a new privacy leakage bug in IE, a bit of miscellany, some long-awaited closing the loop feedback from our listeners, and a close look at a beautiful piece of work by Moxie & Co on Signal.

We invite you to read our show notes.

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Bandwidth for Security Now is provided by CacheFly.

Moxie Marlinspike and Signal


Media Files:
http://www.podtrac.com/pts/redirect.mp3/cdn.twit.tv/audio/sn/sn0631/sn0631.mp3




SN 630: The Great DOM Fuzz-OffSN 630: The Great DOM Fuzz-Off

Tue, 26 Sep 2017 14:57:31 PDT

(image)

This week, Father Robert and Steve follow more Equifax breach fallout, look at encryption standards blowback from the Edward Snowden revelations, examine more worrisome news of the CCleaner breach, see that ISPs may be deliberately infecting their own customers, warn that turning off iOS radios doesn't, look at the first news of the FTC's suit against D-Link's poor security, examine a forthcoming Broadcom GPS chip features, warn of the hidden dangers of high-density barcodes, discuss Adobe's disclosure of their own private key, close the loop with our listeners, and examine the results of DOM fuzzing at Google's Project Zero.

We invite you to read our show notes.

Hosts: Fr. Robert Ballecer, SJ and Steve Gibson

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Bandwidth for Security Now is provided by CacheFly.

Did China Attack Equifax? CCleaner breach, DOM fuzzing at Google's Project Zero.


Media Files:
http://www.podtrac.com/pts/redirect.mp3/cdn.twit.tv/audio/sn/sn0630/sn0630.mp3




SN 629: Apple Bakes CookiesSN 629: Apple Bakes Cookies

Tue, 19 Sep 2017 16:57:23 PDT

(image)

This week Padre and Steve discuss what was up with Security Now's recent audio troubles, more on the Equifax Fiasco, the EFF & Cory Doctorow weigh in on forthcoming browser encrypted media extensions (EME), an emerging browser-based payment standard, when 2-factor is not 2-factor, the CCleaner breach and what it means, a new Bluetooth-based attack, an incredibly welcome and brilliant cookie privacy feature in iOS 11, and a heads-up caution about the volatility of Google's Android smartphone cloud backups.

We invite you to read our show notes.

Hosts: Steve Gibson and Fr. Robert Ballecer, SJ

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Bandwidth for Security Now is provided by CacheFly.

Equifax, EFF vs WC3, CCleaner.


Media Files:
http://www.podtrac.com/pts/redirect.mp3/cdn.twit.tv/audio/sn/sn0629/sn0629.mp3




SN 628: Equifax FiascoSN 628: Equifax Fiasco

Tue, 12 Sep 2017 21:09:17 PDT

(image)

This week we discuss last Friday's passing of our dear friend and colleague Jerry Pournelle, when AI is turned to evil purpose, whether and when Google's Chrome browser will warn of man in the middle attacks, why Google is apparently attempting to patent pieces of a compression technology they did not invent, another horrifying router vulnerability disclosure -- including ten 0-day vulnerabilities, an update on the sunsetting of Symantec's CA business unit, another worrying failure at Comodo, a few quick bits, an update on my one commercial product SpinRite, answering a closing the loop question from a listener, and a look at the Equifax fiasco.

We invite you to read our show notes.

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Bandwidth for Security Now is provided by CacheFly.

Biggest. Security Leak. Ever.


Media Files:
http://www.podtrac.com/pts/redirect.mp3/cdn.twit.tv/audio/sn/sn0628/sn0628.mp3




SN 627: SharknadoSN 627: Sharknado

Tue, 05 Sep 2017 21:12:51 PDT

(image)

(Although there are an unbelievable FIVE Sharknado movies, this will be the first and last time we use that title for a podcast!) This week we have another update on Marcus Hutchins, we discuss the validity of Wikileaks documents, the feasibility of rigorously proving software correctness, nearly half a million people need to get their body's firmware updated, another controversial CIA project exposed by Wikileaks, a careful analysis of the FCC's Title II Net Neutrality public comments comments, a neat two factor auth tracking site, the stupid patent of the month, an example of a vanity top level domain, a bit of errata, where did SpinRite come from?, and ... utterly unconscionable security mistakes made by AT&T in their line of U-Verse routers.

Hosts: Leo Laporte and Steve Gibson

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Bandwidth for Security Now is provided by CacheFly.

SharknAT&To Zero Day Hack.


Media Files:
http://www.podtrac.com/pts/redirect.mp3/cdn.twit.tv/audio/sn/sn0627/sn0627.mp3




SN 626: Shattering TrustSN 626: Shattering Trust

Tue, 29 Aug 2017 15:53:17 PDT

(image)

This week we cover a bit of the ongoing drama surrounding Marcus Hutchins, examine a reported instance of interagency hacking, follow the evolving market for 0-day exploits, examine trouble arising from the continued use of a deprecated Apple security API, discover that Intel's controversial platform management engine can , after all, be disabled, look into another SMS attack, bring note to a nice looking TOTP authenticator, recommend an alternative to the shutting-down CrashPlan, deal with a bit of errata and miscellany, then we look into an interesting bit of research which invokes "The Wrath of Kahn".

We invite you to read our show notes.

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Bandwidth for Security Now is provided by CacheFly.

CIA Hacks FBI & NSA


Media Files:
http://www.podtrac.com/pts/redirect.mp3/cdn.twit.tv/audio/sn/sn0626/sn0626.mp3




SN 625: Security PoliticsSN 625: Security Politics

Tue, 22 Aug 2017 15:35:18 PDT

(image)

This week we discuss the continuing Marcus Hutchins drama, the disclosure of a potentially important Apple secret, a super-cool website and browser extension our listeners are going to appreciate, trouble with extension developers being targeted, a problem with the communication bus standard in every car, an important correction from Elcomsoft, two 0-days in Foxit's PDF products, Lava lamps for entropy, the forthcoming iOS 11 TouchID kill switch, very welcome Libsodium audit results, a mistake in AWS permissions, a refreshingly forthright security statement, a bit of errata, miscellany, and a few closing the loop bits from our terrific listeners!

We invite you to read our show notes.

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Bandwidth for Security Now is provided by CacheFly.

Marcus Hutchins drama update, Apple's Secure Enclave decryption key, rating "Terms of Service".


Media Files:
http://www.podtrac.com/pts/redirect.mp3/cdn.twit.tv/audio/sn/sn0625/sn0625.mp3




SN 624: Twelve and CountingSN 624: Twelve and Counting

Tue, 15 Aug 2017 21:07:30 PDT

(image)

This week we have a Marcus Hutchins update, the backstory on the NIST's rewrite of their 15-year-old password guidance, can DNA be used to hack a computer? Can stop sign graffiti be used to misdirect autonomous vehicles?, the final nail in the WoSign/StartCom coffin, why we need global Internet policy treaties, this week in "researchers need protection", a VPN provider who is doing everything right, Elcomsoft's password manager cracker, a bit of errata and miscellany... and some closing the loop feedback from this podcast's terrific listeners.

We invite you to read our show notes.

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Bandwidth for Security Now is provided by CacheFly.

Password Rules Changes


Media Files:
http://www.podtrac.com/pts/redirect.mp3/cdn.twit.tv/audio/sn/sn0624/sn0624.mp3