====== Security Now! - 2010 ====== [[Security Now Episode 230|Episode 230]] - Steve and Leo discuss the week's major security events and discuss questions and comments from listeners of previous episodes. They tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. [[Security Now Episode 231|Episode 231]] - Leo and Steve catch up on two busy weeks of security news with a “mega security news update” … and Steve, who watched Leo's streaming video coverage of CES, weighs in with his own discoveries and findings from the big annual consumer electronics fest. [[Security Now Episode 232|Episode 232]] - Steve and Leo discuss the week's major security events and discuss questions and comments from listeners of previous episodes. They tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. [[Security Now Episode 233|Episode 233]] - To understand the advances made during 50 years of computer evolution, we need to understand computers 50 years ago. In this first installment of a new Security Now! series, we design a 50-year-old computer. In future weeks, we will trace the factors that shaped their design during the four decades that followed. [[Security Now Episode 234|Episode 234]] - Steve and Leo discuss the week's major security events and discuss questions and comments from listeners of previous episodes. They tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. [[Security Now Episode 235|Episode 235]] - After starting at the very beginning two weeks ago by looking at how resistors and transistors can be used to assemble logical functions, this week Steve and Leo use those functions to build a working digital computer that understands a simple but entirely useful and workable machine language. [[Security Now Episode 236|Episode 236]] - Steve and Leo discuss the week's major security events and discuss questions and comments from listeners of previous episodes. They tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. [[Security Now Episode 237|Episode 237]] - A feature present in the earliest commercial computers, known as “indirection,” has proven to be necessary, powerful, beneficial - and amazingly dangerous and difficult for programmers to “get right.” This week, Steve and Leo examine the Power of Pointers and why, even after all these years, they continue to bedevil programmers of all ages. [[Security Now Episode 238|Episode 238]] - Steve and Leo discuss the week's major security events and discuss questions and comments from listeners of previous episodes. They tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. [[Security Now Episode 239|Episode 239]] - After a significant security news update, Steve and Leo continue their description of the operation of computers at the raw hardware level. This week Steve explains why and how computers have multiple accumulators, and also how a computer's “stack” operates and why stacks have become a crucial component of all modern computers. [[Security Now Episode 240|Episode 240]] - Steve and Leo discuss the week's major security events and discuss questions and comments from listeners of previous episodes. They tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. [[Security Now Episode 241|Episode 241]] - In this fourth installment of Steve's “How Computers Work” series, Steve explains the operation of “hardware interrupts” which, by instantly interrupting the normal flow of instructions, allow computers to attend to the needs of the hardware that interacts with the outside world while they are in the middle of doing other things. [[Security Now Episode 242|Episode 242]] - Steve and Leo discuss the week's major security events and discuss questions and comments from listeners of previous episodes. They tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. [[Security Now Episode 243|Episode 243]] - Steve and Leo catch up with the weekly security news, and Steve shares his very positive impressions of his Apple iPad. Then Steve explains why and how world governments are able to legally compel their national SSL Certificate Authorities to issue Intermediate CA certificates which allow agencies of those governments to surreptitiously intercept, decrypt, and monitor secured SSL connections of any and all kinds. [[Security Now Episode 244|Episode 244]] - Steve and Leo discuss the week's major security events and discuss questions and comments from listeners of previous episodes. They tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. [[Security Now Episode 245|Episode 245]] - After catching up on many interesting recent security events, Steve and Leo seriously examine the proven comparative security of open versus closed source and development software, and open versus closed execution platforms. What's really more secure? [[Security Now Episode 246|Episode 246]] - Steve and Leo discuss the week's major security events and discuss questions and comments from listeners of previous episodes. They tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. [[Security Now Episode 247|Episode 247]] - Steve and Leo continue with their “fundamentals of computing” series this week, building upon all previous installments, to explain the details of multi-threading, multi-tasking, multi-processing, multi-core … the “multi”-verse of modern computing. [[Security Now Episode 248|Episode 248]] - In commemoration of the 50th anniversary of the invention of the LASER, this week Steve is going to relate a story from his own past, 39 years ago, containing a strong moral about the importance of getting out from behind the video game screen and actually building something. [[Security Now Episode 249|Episode 249]] - Steve and Leo discuss the week's major security events and discuss questions and comments from listeners of previous episodes. They tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. [[Security Now Episode 250|Episode 250]] - After catching up on the week's important security news, Steve and Leo continue their tour of the fundamentals of computer technology by looking at the history and present day features of modern operating systems. [[Security Now Episode 251|Episode 251]] - Steve and Leo discuss the week's major security events and discuss questions and comments from listeners of previous episodes. They tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. [[Security Now Episode 252|Episode 252]] - After catching up from a very busy week of security news, Steve recounts the history of the development of complex instruction set (CISC) computers following their evolution into reduced instruction set (RISC) computers. [[Security Now Episode 253|Episode 253]] - Steve and Leo discuss the week's major security events and discuss questions and comments from listeners of previous episodes. They tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. [[Security Now Episode 254|Episode 254]] - This week Steve and Leo examine the amazing evolution of microprocessor internals. They trace the development of the unbelievably complex technologies that have been developed over the past 25 years to wring every last possible cycle of performance from an innocent slice of silicon. [[Security Now Episode 255|Episode 255]] - Steve and Leo discuss the week's major security events and discuss questions and comments from listeners of previous episodes. They tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. [[Security Now Episode 256|Episode 256]] - Steve and Leo cover the week's Internet-related security news, then Steve delivers his long-awaited, in-depth review and evaluation of LastPass. Steve explains the nature of the need for high-security passwords, the problem that need creates, and the way the design of LastPass completely and in every way securely answers that need. [[Security Now Episode 257|Episode 257]] - Steve and Leo discuss the week's major security events and discuss questions and comments from listeners of previous episodes. They tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. [[Security Now Episode 258|Episode 258]] - This week Steve and Leo discuss a disturbing new Windows 0-day vulnerability present in all versions of Windows. They cover a very busy week of security news, then discuss the recently released report from Secunia which analyzes the past five years of Windows software vulnerabilities. [[Security Now Episode 259|Episode 259]] - Steve and Leo discuss the week's major security events and discuss questions and comments from listeners of previous episodes. They tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. [[Security Now Episode 260|Episode 260]] - This week, after catching up on all of the post-Black Hat and DefCon conference news, Steve and Leo plow into the detailed depths of “DNS Rebinding.” Together they thoroughly explore this significant and fundamental weakness of the Internet's security. [[Security Now Episode 261|Episode 261]] - Steve and Leo discuss the week's major security events and discuss questions and comments from listeners of previous episodes. They tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. [[Security Now Episode 262|Episode 262]] - This week, after catching up with the week's security news, Steve describes the exciting emerging web standard known as “STS” or “Strict Transport Security” which, when supported by browser and website, allows a website to dramatically increase its access security by telling the browser to only connect securely and disallow any security exceptions. [[Security Now Episode 263|Episode 263]] - Steve and Leo discuss the week's major security events and discuss questions and comments from listeners of previous episodes. They tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. [[Security Now Episode 264|Episode 264]] - This week Steve and Leo examine the many tiny bits of individually non-unique information that inherently leak from a user's web browser out on the Internet. What's surprising is that when all of these individual non-unique bits are gathered together and assembled into a single “fingerprint,” the result IS often unique and can thereby be used as a tracking fingerprint to identify individual users' movements as they surf. [[Security Now Episode 265|Episode 265]] - Steve and Leo discuss the week's major security events and discuss questions and comments from listeners of previous episodes. They tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. [[Security Now Episode 266|Episode 266]] - This week, after covering some rather significant security updates and news, Steve and Leo plow into the still-evolving Internet OAuth protocol. OAuth is used for managing the controlled delegation of access authorization to third-party websites and services. It sounds more confusing than it is. Well, maybe not. [[Security Now Episode 267|Episode 267]] - Steve and Leo discuss the week's major security events and discuss questions and comments from listeners of previous episodes. They tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. [[Security Now Episode 268|Episode 268]] - Steve and Leo discuss the deeply troubling recent news of possible legislation that would require all encrypted Internet communications, of any kind, to provide a means for U.S. law enforcement “wiretap” style monitoring. [[Security Now Episode 269|Episode 269]] - Steve and Leo discuss the week's major security events and discuss questions and comments from listeners of previous episodes. They tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. [[Security Now Episode 270|Episode 270]] - After reviewing the past week's security updates and news, Steve and Leo examine Samy Kamkar's (http://samy.pl/evercookie/) clever suite of JavaScript Hacks, collectively used to create an “Evercookie” for tagging web browsers in a fashion that's extremely difficult to shake off. [[Security Now Episode 271|Episode 271]] - Steve and Leo discuss the week's major security events and discuss questions and comments from listeners of previous episodes. They tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. [[Security Now Episode 272|Episode 272]] - After catching up with a very busy week of security-related news and events, Steve and Leo celebrate the game-changing creation and release of “Firesheep,” an add-on for the Firefox web browser which makes online web session hijacking as easy as it could possibly be. This WILL change the world for the better. [[Security Now Episode 273|Episode 273]] - Steve and Leo discuss the week's major security events and discuss questions and comments from listeners of previous episodes. They tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. [[Security Now Episode 274|Episode 274]] - After catching up with the week's security updates and news, Steve formally unveils GRC's latest freeware, the DNS Benchmark. Steve explains the value of the program's many features and discusses the operation of this “long time in coming” freeware offering. [[Security Now Episode 275|Episode 275]] - Steve and Leo discuss the week's major security events and discuss questions and comments from listeners of previous episodes. They tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. [[Security Now Episode 276|Episode 276]] - After catching up with the week's security updates and news, Steve and Leo revisit the continuing concern over DNS Spoofing by examining the technology behind Steve's quite comprehensive, free, online DNS Spoofability Testing system at GRC.com. [[Security Now Episode 277|Episode 277]] - Before plowing into this week's Q&A content, Steve and Leo catch up with the industry's security and privacy related news. Steve shares a vitamin D researcher's reaction to a troubling new report about vitamin D, and shares his recent science fiction reading discoveries and opinions. [[Security Now Episode 278|Episode 278]] - After catching up on the week's security news, Steve and this week's co-host Tom Merritt discuss the interesting security, privacy, management and technology issues surrounding the implantation of a remotely readable RFID (radio frequency identification) tag into one's own body for the purpose of being authenticated by devices and systems in one's own environment, such as laptop, car, garage door, house front door, etc. [[Security Now Episode 279|Episode 279]] - Steve and Leo discuss the week's major security events and discuss questions and comments from listeners of previous episodes. They tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. [[Security Now Episode 280|Episode 280]] - After first catching up with a bunch of fun and interesting security and privacy news, Leo and I plow into a meaty and detailed description of the technology of Bluetooth device interconnection and its cryptographic security. A follow-on episode will cover the past hacking attacks against Bluetooth. [[Security Now Episode 281|Episode 281]] - In commemoration of the 50th anniversary of the invention of the LASER, this week Steve is going to relate a story from his own past, 39 years ago, containing a strong moral about the importance of getting out from behind the video game screen and actually building something.