User Tools

Site Tools


security_now_2010

Security Now! - 2010

Episode 230 - Steve and Leo discuss the week's major security events and discuss questions and comments from listeners of previous episodes. They tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

Episode 231 - Leo and Steve catch up on two busy weeks of security news with a “mega security news update” … and Steve, who watched Leo's streaming video coverage of CES, weighs in with his own discoveries and findings from the big annual consumer electronics fest.

Episode 232 - Steve and Leo discuss the week's major security events and discuss questions and comments from listeners of previous episodes. They tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

Episode 233 - To understand the advances made during 50 years of computer evolution, we need to understand computers 50 years ago. In this first installment of a new Security Now! series, we design a 50-year-old computer. In future weeks, we will trace the factors that shaped their design during the four decades that followed.

Episode 234 - Steve and Leo discuss the week's major security events and discuss questions and comments from listeners of previous episodes. They tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

Episode 235 - After starting at the very beginning two weeks ago by looking at how resistors and transistors can be used to assemble logical functions, this week Steve and Leo use those functions to build a working digital computer that understands a simple but entirely useful and workable machine language.

Episode 236 - Steve and Leo discuss the week's major security events and discuss questions and comments from listeners of previous episodes. They tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

Episode 237 - A feature present in the earliest commercial computers, known as “indirection,” has proven to be necessary, powerful, beneficial - and amazingly dangerous and difficult for programmers to “get right.” This week, Steve and Leo examine the Power of Pointers and why, even after all these years, they continue to bedevil programmers of all ages.

Episode 238 - Steve and Leo discuss the week's major security events and discuss questions and comments from listeners of previous episodes. They tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

Episode 239 - After a significant security news update, Steve and Leo continue their description of the operation of computers at the raw hardware level. This week Steve explains why and how computers have multiple accumulators, and also how a computer's “stack” operates and why stacks have become a crucial component of all modern computers.

Episode 240 - Steve and Leo discuss the week's major security events and discuss questions and comments from listeners of previous episodes. They tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

Episode 241 - In this fourth installment of Steve's “How Computers Work” series, Steve explains the operation of “hardware interrupts” which, by instantly interrupting the normal flow of instructions, allow computers to attend to the needs of the hardware that interacts with the outside world while they are in the middle of doing other things.

Episode 242 - Steve and Leo discuss the week's major security events and discuss questions and comments from listeners of previous episodes. They tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

Episode 243 - Steve and Leo catch up with the weekly security news, and Steve shares his very positive impressions of his Apple iPad. Then Steve explains why and how world governments are able to legally compel their national SSL Certificate Authorities to issue Intermediate CA certificates which allow agencies of those governments to surreptitiously intercept, decrypt, and monitor secured SSL connections of any and all kinds.

Episode 244 - Steve and Leo discuss the week's major security events and discuss questions and comments from listeners of previous episodes. They tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

Episode 245 - After catching up on many interesting recent security events, Steve and Leo seriously examine the proven comparative security of open versus closed source and development software, and open versus closed execution platforms. What's really more secure?

Episode 246 - Steve and Leo discuss the week's major security events and discuss questions and comments from listeners of previous episodes. They tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

Episode 247 - Steve and Leo continue with their “fundamentals of computing” series this week, building upon all previous installments, to explain the details of multi-threading, multi-tasking, multi-processing, multi-core … the “multi”-verse of modern computing.

Episode 248 - In commemoration of the 50th anniversary of the invention of the LASER, this week Steve is going to relate a story from his own past, 39 years ago, containing a strong moral about the importance of getting out from behind the video game screen and actually building something.

Episode 249 - Steve and Leo discuss the week's major security events and discuss questions and comments from listeners of previous episodes. They tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

Episode 250 - After catching up on the week's important security news, Steve and Leo continue their tour of the fundamentals of computer technology by looking at the history and present day features of modern operating systems.

Episode 251 - Steve and Leo discuss the week's major security events and discuss questions and comments from listeners of previous episodes. They tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

Episode 252 - After catching up from a very busy week of security news, Steve recounts the history of the development of complex instruction set (CISC) computers following their evolution into reduced instruction set (RISC) computers.

Episode 253 - Steve and Leo discuss the week's major security events and discuss questions and comments from listeners of previous episodes. They tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

Episode 254 - This week Steve and Leo examine the amazing evolution of microprocessor internals. They trace the development of the unbelievably complex technologies that have been developed over the past 25 years to wring every last possible cycle of performance from an innocent slice of silicon.

Episode 255 - Steve and Leo discuss the week's major security events and discuss questions and comments from listeners of previous episodes. They tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

Episode 256 - Steve and Leo cover the week's Internet-related security news, then Steve delivers his long-awaited, in-depth review and evaluation of LastPass. Steve explains the nature of the need for high-security passwords, the problem that need creates, and the way the design of LastPass completely and in every way securely answers that need.

Episode 257 - Steve and Leo discuss the week's major security events and discuss questions and comments from listeners of previous episodes. They tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

Episode 258 - This week Steve and Leo discuss a disturbing new Windows 0-day vulnerability present in all versions of Windows. They cover a very busy week of security news, then discuss the recently released report from Secunia which analyzes the past five years of Windows software vulnerabilities.

Episode 259 - Steve and Leo discuss the week's major security events and discuss questions and comments from listeners of previous episodes. They tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

Episode 260 - This week, after catching up on all of the post-Black Hat and DefCon conference news, Steve and Leo plow into the detailed depths of “DNS Rebinding.” Together they thoroughly explore this significant and fundamental weakness of the Internet's security.

Episode 261 - Steve and Leo discuss the week's major security events and discuss questions and comments from listeners of previous episodes. They tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

Episode 262 - This week, after catching up with the week's security news, Steve describes the exciting emerging web standard known as “STS” or “Strict Transport Security” which, when supported by browser and website, allows a website to dramatically increase its access security by telling the browser to only connect securely and disallow any security exceptions.

Episode 263 - Steve and Leo discuss the week's major security events and discuss questions and comments from listeners of previous episodes. They tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

Episode 264 - This week Steve and Leo examine the many tiny bits of individually non-unique information that inherently leak from a user's web browser out on the Internet. What's surprising is that when all of these individual non-unique bits are gathered together and assembled into a single “fingerprint,” the result IS often unique and can thereby be used as a tracking fingerprint to identify individual users' movements as they surf.

Episode 265 - Steve and Leo discuss the week's major security events and discuss questions and comments from listeners of previous episodes. They tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

Episode 266 - This week, after covering some rather significant security updates and news, Steve and Leo plow into the still-evolving Internet OAuth protocol. OAuth is used for managing the controlled delegation of access authorization to third-party websites and services. It sounds more confusing than it is. Well, maybe not.

Episode 267 - Steve and Leo discuss the week's major security events and discuss questions and comments from listeners of previous episodes. They tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

Episode 268 - Steve and Leo discuss the deeply troubling recent news of possible legislation that would require all encrypted Internet communications, of any kind, to provide a means for U.S. law enforcement “wiretap” style monitoring.

Episode 269 - Steve and Leo discuss the week's major security events and discuss questions and comments from listeners of previous episodes. They tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

Episode 270 - After reviewing the past week's security updates and news, Steve and Leo examine Samy Kamkar's (<a href=“http://samy.pl/evercookie/”>http://samy.pl/evercookie/</a>) clever suite of JavaScript Hacks, collectively used to create an “Evercookie” for tagging web browsers in a fashion that's extremely difficult to shake off.

Episode 271 - Steve and Leo discuss the week's major security events and discuss questions and comments from listeners of previous episodes. They tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

Episode 272 - After catching up with a very busy week of security-related news and events, Steve and Leo celebrate the game-changing creation and release of “Firesheep,” an add-on for the Firefox web browser which makes online web session hijacking as easy as it could possibly be. This WILL change the world for the better.

Episode 273 - Steve and Leo discuss the week's major security events and discuss questions and comments from listeners of previous episodes. They tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

Episode 274 - After catching up with the week's security updates and news, Steve formally unveils GRC's latest freeware, the DNS Benchmark. Steve explains the value of the program's many features and discusses the operation of this “long time in coming” freeware offering.

Episode 275 - Steve and Leo discuss the week's major security events and discuss questions and comments from listeners of previous episodes. They tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

Episode 276 - After catching up with the week's security updates and news, Steve and Leo revisit the continuing concern over DNS Spoofing by examining the technology behind Steve's quite comprehensive, free, online DNS Spoofability Testing system at GRC.com.

Episode 277 - Before plowing into this week's Q&A content, Steve and Leo catch up with the industry's security and privacy related news. Steve shares a vitamin D researcher's reaction to a troubling new report about vitamin D, and shares his recent science fiction reading discoveries and opinions.

Episode 278 - After catching up on the week's security news, Steve and this week's co-host Tom Merritt discuss the interesting security, privacy, management and technology issues surrounding the implantation of a remotely readable RFID (radio frequency identification) tag into one's own body for the purpose of being authenticated by devices and systems in one's own environment, such as laptop, car, garage door, house front door, etc.

Episode 279 - Steve and Leo discuss the week's major security events and discuss questions and comments from listeners of previous episodes. They tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

Episode 280 - After first catching up with a bunch of fun and interesting security and privacy news, Leo and I plow into a meaty and detailed description of the technology of Bluetooth device interconnection and its cryptographic security. A follow-on episode will cover the past hacking attacks against Bluetooth.

Episode 281 - In commemoration of the 50th anniversary of the invention of the LASER, this week Steve is going to relate a story from his own past, 39 years ago, containing a strong moral about the importance of getting out from behind the video game screen and actually building something.

security_now_2010.txt · Last modified: 2014/12/04 14:02 (external edit)