User Tools

Site Tools


security_now_2013

Security Now! - 2013

Episode 385 - Steve and Leo discuss the week's major security events and discuss questions and comments from listeners of previous episodes. They tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

Episode 386 - After catching up with a very busy week of interesting security news and events, Steve and Leo examine the growing privacy and security problems created by the ever more pervasive social widgets - Facebook's LIKE button, Google's +1, Twitter's Tweet!, and others - and they offer an easy-to-use free solution!

Episode 387 - Steve and Leo discuss the week's major security events and discuss questions and comments from listeners of previous episodes. They tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

Episode 388 - After catching up with a bunch of fun and interesting news of the week, Steve and Leo examine the future of anti-hacking password scrambling and storage with the introduction of “Memory Hard Problems,” which are provably highly resistant to massive hardware acceleration.

Episode 389 - Steve and Leo discuss the week's major security events and discuss questions and comments from listeners of previous episodes. They tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

Episode 390 - After covering “UPnP a week later” and catching up with some interesting security industry happenings, Steve and Leo take a look into the controversy surrounding the security (or lack thereof) of Kim Dotcom's new “Mega” cloud storage offering.

Episode 391 - Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

Episode 392 - We first converse with today's special guest, Brian Krebs, who for many years wrote for the Washington Post and is now publishing his own “Krebs on Security” blog. Our topic is “The Internet Underground.” After that, we catch up with a somewhat busy and interesting week in Internet security.

Episode 393 - Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

Episode 394 - After catching up with this week's Java vulnerabilities and emergency updates, Leo and I examine the recent evolution of the public and free “Tor” Internet anonymizing network. We look at the network's updated operation and its new ability to offer “hidden services” in addition to hiding the identity and location of the services' users.

Episode 395 - Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

Episode 396 - This week was so chockful of things to discuss that we had no time to explore the fascinating technology and operation of Distributed Hash Tables. That discussion will be “tabled” for two weeks. This week, we look more closely into the somewhat troubling issues of SSL/TLS server security as revealed by SSLLabs.com, discuss the SWAT team arriving at Brian Krebs's home, examine the consequences of the revelation that 420 million routers are accepting trivial logins on their Telnet ports, and more!

Episode 397 - Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

Episode 398 - After catching up with a busy week in the security space, Leo and I cover an intriguing topic in fundamental distributed Internet technology, Distributed Hash Tables, which is the somewhat awkward name for distributed database technology.

Episode 399 - Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

Episode 400 - After catching up with a wild week of security events, Leo and I revisit a topic from the earliest episodes of the Security Now podcast: Virtual Private Networks (VPNs). This coincides with the introduction of a new sponsor on the TWIT network, proXPN, a VPN provider that truly looks like the right choice.

Episode 401 - Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

Episode 402 - After catching up with the week's security news, Leo and I examine everything that's currently known about the recently released “BitTorrent Sync” peer-to-peer file sharing and folder synchronizing application. (Everything seen so far looks 100% correct and VERY useful.)

Episode 403 - Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

Episode 404 - After catching up with the past week's updates and security news, Iyaz and I share information presented by the Electronic Frontier Foundation (EFF) which describes how Facebook manages the privacy interactions with their third-party data warehouses and advertisers.

Episode 405 - Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

Episode 406 - After covering the week's security news, Leo and I examine an interesting security protocol known as “Off The Record”(OTR) which has been specifically designed to protect conversational privacy, both as it happens and also in the future.

Episode 407 - Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

Episode 408 - Leo and I remind our listeners that we just had another Microsoft Patch Tuesday. Then I detail and carefully lay down a solid foundation of theory of the operation of the NSA's PRISM program. This explains EVERYTHING about what the NSA is doing, and how. I even explain how and why the program got its name.

Episode 409 - Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

Episode 410 - After catching up with another post-PRISM week of security industry news, Leo and I wind up and release our propeller beanies for a deep dive into the early history of Intel processor memory management - which, it turns out, has direct application to Steve's current work on SpinRite v6.1.

Episode 411 - Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

Episode 412 - After catching up with a bunch of interesting security news of the week and my Sci-Fi and SpinRite development updates, Leo and I explore the already existing SSL/TLS technology known as “Perfect Forward Secrecy,” which becomes useful in a world where encrypted traffic is being captured and archived.

Episode 413 - Though regularly scheduled to be a Q&A episode, Steve and Leo had SO MUCH to cover in the week's news that there was no time left for questions. We'll save those for episode 415 and this week enjoy a great discussion of the week's many events. We'll wrap up with a discussion of the wide range of “tinfoil” solutions available and their convenience versus security tradeoffs.

Episode 414 - This week we mix security news and updates with a discussion and analysis of the security industry's evolving reactions to the NSA/Snowden revelations. Leo and I examine several of the more significant news items and blogs relating to the issues of widespread Internet surveillance. Though it's not super technical, we believe you'll find it worth your time… and thought provoking.

Episode 415 - Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

Episode 416 - With last week's Las Vegas Black Hat 2013 and DEFCON conferences just completed, Leo and I examine the most significant and worrisome revelations to emerge from that annual convocation, and also discuss and dissect the week's top security news.

Episode 417 - Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

Episode 418 - This week, Leo and I continue covering the consequences of the Snowden leaks and, with that in mind, we examine the Pretty Good Privacy (PGP) system for securely encrypting eMail and attachments.

Episode 419 - Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

Episode 420 - After catching up with a lot of interesting security news, Leo and I examine the operation and technology of the new Bitmessage secure and anonymous Internet messaging system.

Episode 421 - After covering this month's Patch Tuesday events and catching up with the past week's security news, Leo & I examine the week's most troubling and controversial revelations: the NSA's reported ability to crack much of the Internet's encrypted traffic. We explain how different the apparent reality is from the headlines, but why, also, this does form “The Perfect Accusation” to significantly strengthen all future cryptographic standards.

Episode 422 - Tom and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

Episode 423 - After catching up with the week's news, and following the news that Apple's new iPhone Touch ID system was spoofed within days of its release, Tom and I take a much closer look at the technology and application of Apple's Touch ID system, examining the reports of its early demise.

Episode 424 - After catching up with the week's minimal security news, Tom and I take the wraps off of “SQRL” (pronounced “squirrel”), Steve's recent brainstorm to propose a truly practical replacement for always-troublesome website login usernames and passwords.

Episode 425 - Following up on last week's “SQRL - Secure QR Login” podcast, this week's Q&A focuses upon the many interesting questions my description of a new approach to secure website login sparked in the minds of the podcast's listeners. And, of course, we also catch up with the week's news.

Episode 426 - After following-up on a week chockful of interesting security news, Steve and Leo continue with their discussion of SQRL, the Secure QR code Login system, to discuss two recent innovations in the system that bring additional valuable features.

Episode 427 - So much happened during the past week that today's podcast will consist of a series of rather deep dives into the many interesting things we have to discuss.

Episode 428 - Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

Episode 429 - The past week was so jam-packed with so much fun and interesting security news that we had a hard time just fitting it all in. So this week's podcast is news, news, news!

Episode 430 - Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world ‘application notes’ for any of the security technologies and issues we have previously discussed.

Episode 431 - After catching up on another whirlwind week of really interesting Internet security news, Leo and I provide a brief overview of “RADIUS” - the 22-year-old pervasive, but often unseen, protocol and system for providing wide area network user authentication and accounting.

Episode 432 - Following another week overfilled with interesting security-related news, Steve and Leo spend an hour and a half diving deeply into an updated (and likely very close to correct) understanding of the COIN payment card, news on the CryptoLocker front, a close look at a patent troll case that has so far done the wrong way, and much more.

Episode 433 - After catching up with the week's more interesting Security News and my Miscellany (such as NASA working on an FTL Warp Drive!) Leo & I take a closer look at “BULLRUN”, the NSA's code name for their encryption cracking initiative, to speculate upon just what the NSA might be doing… and capable of doing.

Episode 434 - Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world ‘application notes’ for any of the security technologies and issues we have previously discussed.

Episode 435 - Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world ‘application notes’ for any of the security technologies and issues we have previously discussed.

security_now_2013.txt · Last modified: 2015/04/12 18:45 by briancarnell