Episode 437 - This first podcast of 2014 catches us up on all of the news that transpired over the Christmas and New Years holidays… and there was a LOT of it! (Like it or not, the NSA news just keeps on coming!)

Episode 438 - As promised last week, after catching up with another crazily-busy week of interesting and fun security news, we take a deep dive into the amazing NSA ANT documentation to learn what we can of the NSA's field capabilities. What we learn is chilling and interesting, though not entirely surprising.

Episode 439 - Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world ‘application notes’ for any of the security technologies and issues we have previously discussed.

Episode 440 - Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world ‘application notes’ for any of the security technologies and issues we have previously discussed.

Episode 441 - After catching up with a bunch of interesting news, Leo and I examine a terrific piece of research performed by Dashlane, makers of a password manager. They have researched and presented the current state of the top 100 web retailers' password policies. Fascinating!

Episode 442 - Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world ‘application notes’ for any of the security technologies and issues we have previously discussed.

Episode 443 - My original plan to explain Google's terrific innovations in web performance, known as “QUIC” were derailed by the week's overwhelmingly worrisome security news, with significant new problems from Linksys, Belkin, Asus and others. So this week's podcast is pure, and rather sobering, news of the week. We'll cover Google's “QUIC” as soon as time permits!

Episode 444 - The week delivered so much amazing news, much of it requiring some detailed and careful discussion, that we have a pure news podcast. It's titled from the errant line of code that was responsible for this week's highest-profile fumble of the week: Apple's complete lack of SSL/TLS certificate checking in both iOS and MAC OS X. (Both since fixed.)

Episode 445 - Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world ‘application notes’ for any of the security technologies and issues we have previously discussed.

Episode 446 - On the heels of Apple's major update to their iOS Security whitepaper, Leo and I catch up with the week's top security news, including coverage of Edward Snowden's live appearance during the recent SXSW conference. Then we take a deep dive into everything we have learned about the inner workings of iOS. Most is good news, but there's one bit that's VERY troubling!

Episode 447 - On the heels of Apple's major update to their iOS Security whitepaper, Leo and I catch up with the week's top security news, including coverage of the interesting discoveries from the past week's 14th annual CanSecWest and Pwn2Own hacking competitions. Then, having come up for breath after last week's Part 1 episode, we take a second deep dive into everything we have learned about the inner workings of iOS. Most is good news, but there's one bit that's VERY troubling.

Episode 448 - On the heels of Apple’s major update to their iOS Security whitepaper, Steve and Leo catch up with the week’s top security news – one IMPORTANT Microsoft Zero-Day Fixit, but otherwise largely debunking a bunch of hysterical headlines and “news” stories. Then they FINALLY conclude what has become the three-part series describing the security of iOS v7. Unfortunately, this week the news is less good.

Episode 449 - Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world ‘application notes’ for any of the security technologies and issues we have previously discussed.

Episode 450 - Leo and I discuss this long-anticipated, final “Second Tuesday of the Month” patch update for Windows XP - which has finally arrived. We share a bunch of interesting miscellany, then take a very deep dive to examine and understand the technology, events and implications of yesterday's (April 7, 2014) discovery of a two-year-old critical buffer overrun bug in the open source industry's OpenSSL protocol package. It's been named “Heartbleed” because it abuses the new TLS “heartbeat” extension to bleed the server of critical security information.

Episode 451

Episode 452

Episode 453

Episode 454

Episode 455

Episode 456

Episode 457

Episode 458

Episode 459

Episode 460

Episode 461

Episode 462

Episode 463

Episode 464

Episode 465

Episode 466

Episode 467

Episode 468

Episode 469

Episode 470

Episode 471

Episode 472

Episode 473

Episode 474

Episode 475

Episode 476

Episode 477

Episode 478

Episode 479

Episode 480

Episode 481

Episode 482

Episode 483

Episode 484

Episode 485

Episode 486

Episode 487

Episode 488