Episode 20 - On December 28th a serious new Windows vulnerability appeared and was immediately exploited by a growing number of malicious web sites to install malware. Many worse viruses and worms are expected soon. We start off discussing this, and our show notes provide a quick necessary workaround until Microsoft provides a patch. Then we spend the next 45 minutes answering and discussing interesting listener questions.

Episode 21 - Leo and I discuss everything known about the first serious Windows security exploits of the New Year, caused by the Windows MetaFile (WMF) vulnerability. In our show's first guest appearance, we are joined by Ilfak Guilfanov, the developer of the wildly popular - and very necessary - temporary patch that was used by millions of users to secure Windows systems while the world waited for Microsoft to respond.

Episode 22 - Leo and I carefully examine the operation of the recently patched Windows MetaFile vulnerability. I describe exactly how it works in an effort to explain why it doesn't have the feeling of another Microsoft “coding error.” It has the feeling of something that Microsoft deliberately designed into Windows. Given the nature of what it is, this would make it a remote code execution “backdoor.” We will likely never know if this was the case, but the forensic evidence appears to be quite compelling.

Episode 23 - Leo and Steve close the backdoor on the controversial Windows WMF MetaFile Image code Execution (MICE) vulnerability. They discuss everything that's known about it, separate the facts from the spin, explain exactly which Windows versions are vulnerable and why, and introduce a new piece of GRC freeware - MouseTrap - which determines whether any Windows or Linux/WINE system has 'MICE'.

Episode 24 - Leo and Steve discuss questions asked by listeners of their previous episodes. They tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world “application notes” for any of the security technologies they have previously discussed.

Episode 25 - During this 49-minute episode, Leo and Steve briefly discuss the “Kama Sutra” virus that will become destructive on February 3rd. We briefly discuss PC World Magazine's recent evaluation and ranking of ten top anti-malware systems. And we begin our long-planned “fundamental technology” series with a two-part close look at the history and detailed operation of the global Internet.

Episode 26 - During Part 2 of “How the Internet Works,” Leo and Steve briefly review last week's discussion of the ICMP protocol, then discuss the operational details of the Internet's two main data-carrying protocols: UDP and TCP.

Episode 27 - Having covered the operation of the Internet's WAN (Wide Area Network) technology over the last two weeks, this week Leo and Steve turn to discussing the way Local Area Networks (LANs) operate and how they interface with the Internet WAN. They address the configuration of subnet masks, default gateways, and DHCP to explain how packets are routed among machines and gateways within a LAN.

Episode 28 - Leo and Steve discuss questions asked by listeners of their previous episodes. They tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world “application notes” for any of the security technologies they have previously discussed.

Episode 29 - Leo and Steve discuss the design, operation, and complete lack of security of Ethernet - the LAN technology that virtually all of the world uses. They explain how this lack of security enables a wide range of serious attacks to be perpetrated by any other machine sharing the same Ethernet - such as in a wireless hotspot, within a corporate network, or even in a wired hotel where the entire hotel is one big exploitable Ethernet LAN. GRC's ARP Cache Poisoning page contains a detailed explanation of these problems with diagrams and links to readily available Ethernet ARP exploitation malware.

Episode 30 - Steve and Leo open their multi-week discussion of the operation and technology of cryptography. This first week they start by examining the social consequences and ethical implications of common citizens being empowered with freely available cryptographic technology that no force on Earth - no government agency, no corporation, no private individual - can crack within their lifetimes.

Episode 31

Episode 32

Episode 33

Episode 34

Episode 35

Episode 36

Episode 37

Episode 38

Episode 39

Episode 40

Episode 41

Episode 42

Episode 43

Episode 44

Episode 45

Episode 46

Episode 47

Episode 48

Episode 49

Episode 50

Episode 51

Episode 52

Episode 53

Episode 54

Episode 55

Episode 56

Episode 57

Episode 58

Episode 59

Episode 60

Episode 61

Episode 62

Episode 63

Episode 64

Episode 65

Episode 66

Episode 67

Episode 68

Episode 69

Episode 70

Episode 71

Episode 72