Security Now

  • : 2005
  • : 1002
  • : 0
  • TWiT
  • 16
  • News Talk show

:

.

1
1x1
As the Worm Turns — the first Internet worms of 2005
Episode overview
18, 2005
How a never-disclosed Windows vulnerability was quickly reverse-engineered from the patches to fix it and turned into more than 12 potent and damaging Internet worms in three days. What does this mean for the future of Internet security?
1x2
HoneyMonkeys
Episode overview
25, 2005
How Microsoft's "HoneyMonkey" system works, how it finds malicious web sites before they find you, and what Microsoft is doing (and NOT doing) with this valuable security information it is now collecting.
1x3
NAT Routers as Firewalls
Episode overview
01, 2005
Most people don't think of common NAT routers as hardware firewalls, but ANY NAT router inherently provides terrific security and protection against incoming malicious traffic. Learn how .. show full overview
1x4
Personal Password Policy (1)
Episode overview
08, 2005
Everyone who uses web-based services such as eBay, Amazon, and Yahoo, needs to authenticate their identity with passwords. Password quality is important since easily guessable passwords .. show full overview
1x5
Personal Password Policy (2)
Episode overview
15, 2005
Our previous episode (#4), which discussed personal password policies, generated so much great listener feedback, thoughts, ideas, and reminders about things we didn't mention, that we .. show full overview
1x6
Mechanical & Electromagnetic Information Leakage
Episode overview
22, 2005
Triggered by a recent report of three UC Berkeley researchers recovering text typed at a keyboard (any keyboard) after simply listening to ten minutes of typing, Leo and I discuss the .. show full overview
1x7
SPYaWAREness
Episode overview
29, 2005
Any contemporary discussion of threats to Internet security must discuss the history, current situation, and future of spyware. Leo and I spend a little more time than usual covering .. show full overview
1x8
Denial of Service (DoS) Attacks
Episode overview
06, 2005
Distributed Denial of Service (DDoS) attacks are occurring with ever-greater frequency every day. Although these damaging attacks are often used to extort high-profile gaming and .. show full overview
1x9
Rootkits
Episode overview
13, 2005
This week we discuss "rootkit technology". We examine what rootkits are, why they have suddenly become a problem, and how that problem is rapidly growing in severity. We also discuss .. show full overview
1x10
Open Wireless Access Points
Episode overview
20, 2005
Leo and I examine the security and privacy considerations of using non-encrypted (i.e. 'Open') wireless access points at home and in public locations. We discuss the various ways of .. show full overview
1x11
Bad WiFi Security (WEP and MAC address filtering)
Episode overview
27, 2005
Leo and I answer some questions arising from last week's episode, then plow into a detailed discussion of the lack of security value of MAC address filtering, the futility of disabling .. show full overview
1x12
Sony's
Episode overview
03, 2005
Leo and I discuss details and consequences of Sony Corporation's alarming "Rootkit" DRM (digital rights management) copy protection scheme. This poorly written software unnecessarily .. show full overview
1x13
Unbreakable WiFi Security
Episode overview
10, 2005
Leo and I follow-up on last week's discussion of the Sony Rootkit debacle with the distressing news of "phoning home" (spyware) behavior from the Sony DRM software, and the rootkit's .. show full overview
1x14
Virtual Private Networks (VPN): Theory
Episode overview
17, 2005
Leo and I first follow-up on the past two episodes, discussing new developments in the continuing Sony Rootkit DRM drama, and clearing up some confusion over the crackability of WPA .. show full overview
1x15
VPN Secure Tunneling Solutions
Episode overview
24, 2005
Leo and I discuss the use of SSL and SSH encrypted tunneling for providing privacy and security whenever an insecure local network is being used — such as at an open WiFi hotspot or when .. show full overview
1x16
Listener feedback Q&A #1
Episode overview
01, 2005
Leo and I discuss questions asked by listeners of our previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any .. show full overview
1x17
PPTP and IPSec VPN Technology
Episode overview
08, 2005
In our continuing exploration of VPN technology for protecting network users on networks they don't control, Leo and I discuss the oldest "original" VPN protocols: Industry standard .. show full overview
1x18
Hamachi Rocks!
Episode overview
15, 2005
This week Leo and I discuss and describe the brand new, ready to emerge from a its long development beta phase, ultra-secure, lightweight, high-performance, highly-polished, .. show full overview
1x19
VPNs Three: Hamachi, iPig, and OpenVPN
Episode overview
22, 2005
Leo and I wrap up our multi-week, in-depth coverage of PC VPN solutions by discussing some aftermath of the zero-configuration Hamachi system; introducing "iPig," a very appealing new .. show full overview
1x20
A SERIOUS new Windows vulnerability — and Listener Q&A
Episode overview
29, 2005
On December 28th a serious new Windows vulnerability has appeared and been immediately exploited by a growing number of malicious web sites to install malware. Many worse viruses and .. show full overview
1x21
The Windows MetaFile (WMF) Vulnerability
Episode overview
05, 2006
Leo and I discuss everything known about the first serious Windows security exploits of the New Year, caused by the Windows MetaFile (WMF) vulnerability. In our show's first guest .. show full overview
1x22
The Windows MetaFile Backdoor?
Episode overview
12, 2006
Leo and I carefully examine the operation of the recently patched Windows MetaFile vulnerability. I describe exactly how it works in an effort to explain why it doesn't have the feeling .. show full overview
1x23
GRC's
Episode overview
19, 2006
Leo and I "close the backdoor" on the controversial Windows WMF Metafile image code execution (MICE) vulnerability. We discuss everything that's known about it, separate the facts from .. show full overview
1x24
Listener Feedback Q&A #3
Episode overview
26, 2006
Leo and I discuss questions asked by listeners of our previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any .. show full overview
1x25
How the Internet Works (1)
Episode overview
02, 2006
Steve talks about the Kama Sutra virus, scheduled to strike tomorrow, and PC World's anti-virus roundup. Then we delve into How the Internet Works, part 1. We'll wrap things up next week.
1x26
How the Internet Works (2)
Episode overview
09, 2006
Part 2 of Steve's discussion of how the fundamental Internet technologies work. This and the previous episode will provide the foundation for our future podcasts on Internet security issues.
1x27
How Local Area Networks Work, Part 1
Episode overview
16, 2006
Steve continues to lay a foundation on understanding networking. This week, part one of how LANs work. We cover DHCP, Subnet Masks, Routers, and hubs. We'll conclude with part two on episode 29.
1x28
Listener Feedback Q&A #4
Episode overview
23, 2006
Steve answers your questions on this episide. With further clarification on VPN security, Hamachi, and the answer to the eternal question, which operating system is the most secure.
1x29
Ethernet Insecurity
Episode overview
02, 2006
In this week's marathon edition Steve tackles security issues inherent to Ethernet, including ARP spoofing.
1x30
Cryptographic Issues
Episode overview
10, 2006
This week Steve takes a look at how cryptography is used and the difficult issues strong crypto raises.
1x31
Symmetric Stream Ciphers
Episode overview
16, 2006
This week Steve continues his discussion of crypto with a look at secret decoder rings and one-time pads.
1x32
Listener Feedback Q&A #5
Episode overview
23, 2006
Episode 32 is our monthly question and answer session.
1x33
Symmetric Block Ciphers
Episode overview
30, 2006
Part three of Steve's overview of cryptography looks at symmetric block ciphers.
1x34
Public Key Cryptography
Episode overview
06, 2006
This week Steve explains how public key cryptography works, and we welcome our new sponsor, Astaro! Thanks so much for the support guys.
1x35
Cryptographic Hashes
Episode overview
13, 2006
This week Steve talks about how cryptographic hashes work and are used to verify the integrity of files and email. We also talk about email signing and recommend the Gnu Privacy Guard.
1x36
Listener Feedback Q&A #6
Episode overview
20, 2006
As usual on every fourth episode, Steve answers listener questions.
1x37
Crypto Series Wrap-up
Episode overview
27, 2006
We wrap up our talk about cryptography with a discussion of prime number generation, key recovery, and digital certificates.
1x38
Browser Security
Episode overview
04, 2006
Why is Internet Explorer so insecure? What can you do to secure it? And why is it so hard to make a secure browser? Steve talks about security policy vs. browser flaws, how he uses IE .. show full overview
1x39
Buffer Overruns
Episode overview
11, 2006
Buffer overflows... they're the most common kind of security flaw, but what are they and how do they happen? Finally, how can we protect ourselves from them? Steve explains all.
1x40
Listener Feedback Q&A #7
Episode overview
18, 2006
As he does every fourth episode, Steve answers your questions. But first, an update on some recent security news...
1x41
TrueCrypt
Episode overview
25, 2006
The ultimate encryption program, free, open source, strong, and flexible: Truecrypt.
1x42
NAT Traversal
Episode overview
01, 2006
Steve explains the clever technique that Skype and other programs use to end around NAT routers.
1x43
Open Ports
Episode overview
08, 2006
Ever wonder what a port is? Steve explains what they are and what terms like "stealth ports" and "port sniffing mean." Leo reads a little poetry.
1x44
Listener Feedback Q&A #8
Episode overview
15, 2006
On this episode, one dozen questons and answers
1x45
The 'Hosts' File
Episode overview
22, 2006
This week Steve explains the mysterious HOSTS file - part of Windows, OS X, Linux, and many other operating systems. He talks about how malicious programs may misuse it, and how you can use it to protect yourself.
1x46
Router Logs
Episode overview
29, 2006
This week Steve tells us what to do with the router logs. What a router can (and can't) tell you about your security situation?
1x47
Internet Weaponry
Episode overview
06, 2006
This week Steve tells us about distributed denial of service attacks and how hackers use IRC botnets to create them.
1x48
Listener Feedback Q&A #9
Episode overview
13, 2006
How big can a HOSTS file get? Does a firewall slow you down? A plan to fight phishers. All on this week's edition of Security Now! with Steve Gibson.
1x49
The NETSTAT Command
Episode overview
20, 2006
How can you tell what your computer is doing on the net? Netstat. This handy program comes with almost all operating systems. On Windows, click Start, then select Command Prompt from the .. show full overview
1x50
Virtual Machine History & Technology
Episode overview
27, 2006
Virtualization, its history and uses in security.
1x51
Vista's Virgin Stack
Episode overview
03, 2006
Will Windows Vista be secure? According to a new study from Symantec, the decision to re-write the networking stack from the ground up means it will be much less secure than XP.
1x52
A Busy Week for Security Troubles
Episode overview
10, 2006
Steve normally answers questions on shows divisible by four, but not this week. There's just too much security news including javascript exploits, Ebay gaming, and the sale of Hamachi.
1x53
VMware
Episode overview
17, 2006
More on Virtualization technology, with a special focus on VMWare's Virtual Appliances.
1x54
Blue Pill
Episode overview
24, 2006
The Blue Pill demonstrates a serious security concern with the Hypervisor mode in Windows Vista. Steve discusses the threat and arguments against it.
1x55
Application Sandboxes
Episode overview
31, 2006
Sandboxing your browser to keep your system secure.
1x56
Listener Feedback Q&A #10
Episode overview
07, 2006
Our regular session of questions and answers deals with Vista security, remote access, the HOSTS files, and Zone Alarm.
1x57
Virtual PC versus VMware
Episode overview
14, 2006
Steve wraps up his rundown of Virtualization programs with a look at Microsoft's free Virtual PC.
1x58
Two New Critical Windows Problems
Episode overview
21, 2006
Guest: Eric Sites, VP R&D Sunbelt Software Two serious Windows flaws have surfaced today. One, a zero-day exploit, makes it possible for any web site (or HTML email) to take over a .. show full overview
1x59
Comparing
Episode overview
28, 2006
We conclude our coverage of virtual machine software with a review of Parallels - the fastest of the VM programs.
1x60
Listener Feedback Q&A #11
Episode overview
05, 2006
Your questions, Steve's answers.
1x61
ISP Privacy and Security
Episode overview
12, 2006
First a review of three more zero day exploits in Windows XP, then a look at what your ISP knows about you and how to protect your privacy.
1x62
Internet Proxies
Episode overview
19, 2006
How proxy servers work to both speed up access and protect users.
1x63
MojoPac
Episode overview
26, 2006
MojoPac software lets you put your entire Windows configuration on a thumbdrive or portable disk and take it with you anywhere. It works surprisingly well, but there are some caveats. Steve reviews.
1x64
Listener Feedback Q&A #12
Episode overview
02, 2006
Your questions, Steve's answers.
1x65
Why Is Security So Difficult?
Episode overview
09, 2006
What makes it so hard to secure Windows? Steve says ultimate security is ultimately impossible.
1x66
Windows Vista Security
Episode overview
16, 2006
Why the 64-bit version of Windows is both more secure and less compatible. Steve explains why.
1x67
Kernel Patch Protection
Episode overview
23, 2006
Microsoft is touting PatchGuard, a new security feature in 64-bit versions of XP and Vista. Steve explains how easy it is to hack, and what it's really for if it's not for deterring hackers.
1x68
Listener Feedback Q&A #13
Episode overview
30, 2006
Our monthly question and answer session goes long - but there's lots of good information.
1x69
The Social Implications of Internet Anonymity
Episode overview
07, 2006
Is there such a thing as anonymity on the Internet? How important is it?
1x70
Achieving Internet Anonymity
Episode overview
14, 2006
Two interesting implementations of Internet anonymization: The Freenet Project for anonymously storing and transmitting files, and Tor, "the onion router" which can anonymize all your Internet accesses.
1x71
SecurAble
Episode overview
21, 2006
Steve's latest free security application is called Securable. It's not quite ready yet, but Steve gives us a preview in this episode.
1x72
Listener Feedback Q&A #14
Episode overview
28, 2006
Our monthly question and answer segment covers TOR details, overheating hard drives, and what happens to your data when you die...
1x73
Digital Rights Management (DRM)
Episode overview
04, 2007
Steve and Leo survey the history and evolution of media property rights and the technologies used to enforce them as they prepare for next week's show: a look at AACS, the most pervasive .. show full overview
1x74
Peter Gutmann on Vista DRM
Episode overview
12, 2007
Steve and Leo interview Peter Gutmann about his paper A Cost Analysis of Windows Vista Content Protection.
1x75
Vista DRM Wrap-Up & Announcing “SecurAble”
Episode overview
12, 2007
We wrap up our discussion of the premium content protection features in Vista and announce Steve's newest free security utility: Securable.
1x76
Listener Feedback Q&A #15
Episode overview
25, 2007
Our monthly question and answer segment covers DEP on the Mac, HD-DVD decryption, and email privacy...
1x77
Microsoft on Vista DRM
Episode overview
31, 2007
Steve and Leo discuss Dave Marsh's response on behalf of Microsoft to Peter Gutmann's paper about Windows Vista Content Protection.
1x78
DEP in Depth
Episode overview
07, 2007
Hardware Data Execution Protection is one of the best ways to protect your PC from hackers. Steve discusses how it works, how to turn it on, and the possible pitfalls of using it.
1x79
Backtracking Spoofed Spam eMail
Episode overview
15, 2007
How do spambots work, why do spammers need them, and the best way to block them and prevent spam.
1x80
Listener Feedback Q&A #16
Episode overview
22, 2007
Our monthly question and answer segment covers spam spoofing, VPN mysteries, and online backup security...
1x81
Hard Drive Unreliability
Episode overview
01, 2007
Google's massive study of hard drive reliability yields some surprising results. Read more at http://www.grc.com/sn/notes-081.htm
1x82
Cyber Warfare
Episode overview
08, 2007
Steve comments on the Federal Computer Week article Cyber officials: Chinese hackers attack 'anything and everything'.
1x83
UAC in Depth
Episode overview
15, 2007
A closer look at Vista's User Access Control.
1x84
Listener Feedback Q&A #17
Episode overview
22, 2007
Our monthly question and answer show.
1x85
Intro to Web Code Injection
Episode overview
29, 2007
Jikto is a Javascript tool that can take over your computer and use it to find sites with vulnerabilities. We describe it and the cross-site scripting flaws it looks for.
1x86
Cross-Site Scripting
Episode overview
05, 2007
Updates on the Animated Cursor Vulnerability, a recommendation for security software from eEye, and how the Sony Reader works, plus an in depth discussion of scripting vulnerabilities.
1x87
SQL Injection Exploits
Episode overview
12, 2007
Another common attack vector in web software is the SQL injection. Steve explains what it is and how it happens.
1x88
Listener Feedback Q&A #18
Episode overview
19, 2007
Our monthly question and answer show.
1x89
Even More Badly Broken WEP
Episode overview
26, 2007
WEP gets even more insecure with a new cracking technique that's 1000 times faster.
1x90
Multifactor Authentication
Episode overview
03, 2007
Steve explains the theory and practice of multifactor authentication which uses combinations of "something you know," "something you have," and "something you are" to provide stronger .. show full overview
1x91
Marc Maiffret
Episode overview
10, 2007
Guest: Marc Maiffret of eEye Digital Security Marc talks about Windows and Mac security, the coming threat from web applications, and eEye's free, all-in-one protection program, Blink Personal Edition.
1x92
Listener Feedback Q&A #19
Episode overview
17, 2007
Our monthly question and answer show.
1x93
Microsoft Patent Wars
Episode overview
24, 2007
Steve looks at software patents and the Microsoft challenge to open source software from the point of view of a developer, patent holder, and expert witness in patent cases.
1x94
The Fourth Factor
Episode overview
31, 2007
We've already talked about the three factors of authentication: something you know (e.g. a password), something you have (a passcard), and something you are (a fingerprint). Now Steve .. show full overview
1x95
OpenID
Episode overview
07, 2007
Open ID, how it works and what it means to you (not having to remember so many passwords for starters).
1x96
Listener Feedback Q&A #20
Episode overview
15, 2007
Steve answers listener mail on subjects like authentication and more...
1x97
Operation: Bot Roast
Episode overview
22, 2007
The FBI says it has uncovered one million computers that are being used by hackers without their owners' knowledge. Today Steve talks about BotNets and the FBI's Operation Bot Roast.
1x98
Internet Identity Metasystems
Episode overview
28, 2007
Steve continues our discussion of authentication with a look at Internet identity metasystems.
1x99
Trusted Platform Module (TPM)
Episode overview
05, 2007
The Trusted Platform Module - a hardware solution to security now shipping on many computers.
1x100
Listener Feedback Q&A #21
Episode overview
12, 2007
Your questions, Steve's answers as we complete 100 consecutive weeks of shows!
1x101
Are You Human?
Episode overview
19, 2007
Steve looks at Captcha and Re-Captcha - the pros and cons of trying to distinguish humans from robots, with a side look at Alan Turing and Jeff Hawkins's On Intelligence.
1x102
Listener Mailbag #1
Episode overview
26, 2007
Our first mailbag episode with 20 questions and comments from our listeners.
1x103
PayPal Security Key
Episode overview
02, 2007
A closer look at the Paypal Security Key with Michael Vergara, Director of Account Protections at Paypal.
1x104
Listener Feedback Q&A #22
Episode overview
09, 2007
For 16Kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written - Spinrite 6.
1x105
Firewall LeakTesting
Episode overview
16, 2007
Steve, the creator of the original leak test program, talks about leak testing and how hackers work to get around them.
1x106
Listener Mailbag #2
Episode overview
23, 2007
Our second mailbag episode with a dozen questions and comments from our listeners.
1x107
PIP & Even More Perfect Passwords
Episode overview
30, 2007
Steve looks at Verisign's Personal Identity Provider, an OpenID service that works with the Paypal token, and talks about updates to his Perfect Password page.
1x108
Listener Feedback #23
Episode overview
06, 2007
Our regular mailbag episode with a dozen questions and comments from our listeners.
1x109
GRC's eCommerce System
Episode overview
13, 2007
Steve talks about developing his in-house E-Commerce system, and how he solved some issues other e-commerce system handle poorly. We also talk about the pleasures of assembly language programming.
1x110
Listener Feedback #24
Episode overview
20, 2007
Our regular mailbag episode with a dozen questions and comments from our listeners, plus an extra one for fun.
1x111
OpenID Precautions
Episode overview
27, 2007
Steve responds to criticisms of the OpenID system and offers some issues to consider when you use it.
1x112
Listener Feedback #25
Episode overview
04, 2007
Our regular mailbag episode with a dozen questions and comments from our listeners.
1x113
Roaming Authentication
Episode overview
11, 2007
How do you solve the problem of secure access to data on the road? Steve shows how he tackled roaming authentication at grc.com and proposes a general solution for everyone.
1x114
Listener Feedback #26
Episode overview
18, 2007
Our regular mailbag episode with a dozen questions and comments from our listeners including our Great Idea of the Week...
1x115
Perfect Paper Passwords
Episode overview
25, 2007
Following up on Episode 113, Roaming Authentication, Steve proposes a great way to strengthen remote access using Perfect Paper Passwords.
1x116
Listener Feedback #27
Episode overview
01, 2007
Our regular mailbag episode with a dozen questions and comments from our listeners.
1x117
Even More Perfect paper Passwords
Episode overview
08, 2007
Perfect Paper Passwords version two!
1x118
Listener Feedback #28
Episode overview
15, 2007
Our regular mailbag episode with a dozen questions and comments from our listeners.
1x119
PayPal and DoubleClick
Episode overview
22, 2007
Why does Paypal secretly send you through Doubleclick to get to some of its web pages? Steve explains how third-party cookies can violate your privacy and what to do about it.
1x120
Listener Feedback #29
Episode overview
29, 2007
Our regular mailbag episode with a dozen questions and comments from our listeners.
1x121
Is Privacy Dead?
Episode overview
06, 2007
Is it possible to preserve your privacy in the digital age? It's certainly worth trying.
1x122
Listener Feedback #30
Episode overview
13, 2007
Our regular mailbag episode with a dozen questions and comments from our listeners...
1x123
Jungle Disk
Episode overview
20, 2007
Steve interviews Dave Wright of JungleDisk, a data storage optimization product for Amazon's S3...
1x124
Listener Feedback #31
Episode overview
27, 2007
Our regular mailbag episode with a dozen questions and comments from our listeners.
1x125
Symmetric Ciphers
Episode overview
03, 2008
Steve further elaborates on symmetric ciphers, the workhorses of encryption.
1x126
Listener Feedback #32
Episode overview
10, 2008
Steve discusses Treewalkdns.com, OpenDNS, Rijndael encryption Flash animation, Ironkey, and Opera mini security FAQ.
1x127
Corporate Security
Episode overview
17, 2008
Steve talks about the challenges of corporate IT security policy and enforcement and the inherent tension between IT security staff and employees.
1x128
Listener Feedback #33
Episode overview
24, 2008
Steve talks about the remote code execution exploit of the Microsoft Windows TCP/IP vulnerability and answers your questions.
1x129
Windows SteadyState
Episode overview
31, 2008
Steve discusses how network administrators can protect their systems using Windows SteadyState.
1x130
Listener Feedback #34
Episode overview
07, 2008
Our regular mailbag episode with questions and comments from our listeners.
1x131
FREE CompuSec
Episode overview
14, 2008
Microsoft's Super Patch Tuesday, Macintosh updates, Adobe Acrobat exploit, Firefox patch, Vista SP-1, and more.
1x132
Listener Feedback #35
Episode overview
21, 2008
Our regular mailbag episode with questions and comments from our listeners.
1x133
TrueCrypt v5.0
Episode overview
28, 2008
Steve explores whole-drive encryption and details the release of TrueCrypt 5.0.
1x134
Listener Feedback #36
Episode overview
06, 2008
Our regular mailbag episode with questions and comments from our listeners.
1x135
IronKey
Episode overview
13, 2008
Guest: Dave Jevans, CEO of IronKey Steve interviews Dave Jevans of IronKey.
1x136
Listener Feedback #37
Episode overview
20, 2008
Our regular mailbag episode with questions and comments from our listeners.
1x137
RAM Hijacks
Episode overview
27, 2008
Steve breaks down the concept of dynamic RAM hijacking raised by the recent Princeton study.
1x138
Listener Feedback #38
Episode overview
03, 2008
Our regular mailbag episode with questions and comments from our listeners.
1x139
Network Congestion
Episode overview
10, 2008
The logistics of network congestion, network neutrality and prioritized packets.
1x140
Listener Feedback #39
Episode overview
17, 2008
Our regular mailbag episode with questions and comments from our listeners.
1x141
RSA Conference 2008
Episode overview
24, 2008
ClamAV security flaw, ICQ vulnerability, Opera and more.
1x142
Listener Feedback #40
Episode overview
01, 2008
Our regular mailbag episode with questions and comments from our listeners.
1x143
YubiKey
Episode overview
08, 2008
Leo and I delve into the detailed operation of the YubiKey, the coolest new secure authentication device I discovered at the recent RSA Security Conference. Our special guest during the .. show full overview
1x144
Listener Feedback #41
Episode overview
15, 2008
Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are .. show full overview
1x145
Secunia's PSI
Episode overview
22, 2008
The free vulnerability scanner and update management tool Secunia PSI.
1x146
Listener Feedback #42
Episode overview
29, 2008
Our regular mailbag episode with questions and comments from our listeners.
1x147
Microsoft's Baseline Security Analyzer
Episode overview
05, 2008
Two useful but lesser-known Microsoft security utilities.
1x148
Listener Feedback #43
Episode overview
12, 2008
Our regular mailbag episode with questions and comments from our listeners.
1x149
ISP Betrayal
Episode overview
19, 2008
An overview of next-generation behavioral tracking and profiling systems.
1x150
Listener Feedback #44
Episode overview
26, 2008
Our regular mailbag episode with questions and comments from our listeners.
1x151
Phracking Phorm
Episode overview
03, 2008
How third parties are gaining footholds in ISP facilities in order to access your data.
1x152
Listener Feedback #45
Episode overview
10, 2008
Our regular mailbag episode with questions and comments from our listeners.
1x153
DePhormed Politics
Episode overview
17, 2008
More on the privacy threat from the Phorm system.
1x154
Listener Feedback #46
Episode overview
24, 2008
Our regular mailbag episode with questions and comments from our listeners.
1x155
Bailiwicked Domain Attack
Episode overview
31, 2008
The nuts and bolts of DNS and the DNS cache poisoning attacks.
1x156
Listener Feedback #47
Episode overview
07, 2008
Our regular mailbag episode with questions and comments from our listeners.
1x157
DNS — After the Patch
Episode overview
14, 2008
A follow-up on the serious, and somewhat still present, DNS protocol spoofability flaw.
1x158
Listener Feedback #48
Episode overview
21, 2008
Our regular mailbag episode with questions and comments from our listeners.
1x159
Vista Security Bypass
Episode overview
28, 2008
Black Hat Conference revelations, where Vista's security improvements fall short, and more.
1x160
Listener Feedback #49
Episode overview
04, 2008
Our regular mailbag episode with questions and comments from our listeners.
1x161
Google's Chrome
Episode overview
11, 2008
Steve drills down to determine the security levels offered by Google Chrome.
1x162
Listener Feedback #50
Episode overview
18, 2008
Our regular mailbag episode with questions and comments from our listeners.
1x163
GoogleUpdate & DNS Security
Episode overview
25, 2008
The benefits, challenges, and nuances of secure DNS.
1x164
SockStress
Episode overview
02, 2008
Steve explains yet another security flaw in the TCP stack.
1x165
Listener Feedback #51
Episode overview
09, 2008
Airport security checks and balances, white knuckle Disney adventures, and the limits of spyware infestations?
1x166
Cross-Site Request Forgery
Episode overview
16, 2008
Steve tells you why you must always explicitly log out from banking and other important sites.
1x167
Listener Feedback #52
Episode overview
23, 2008
Our regular mailbag episode with questions and comments from our listeners.
1x168
ClickJacking
Episode overview
30, 2008
Steve discusses clickjacking, aka UI redressing, which tricks users into unintended web-based actions.
1x169
Listener Feedback #53
Episode overview
06, 2008
Our regular mailbag episode with questions and comments from our listeners.
1x170
The TKIP Hack
Episode overview
13, 2008
Why you shouldn't worry about the TKIP crack.
1x171
Listener Feedback #54
Episode overview
20, 2008
Our regular mailbag episode with questions and comments from our listeners.
1x172
Sandboxie
Episode overview
27, 2008
Steve and Leo return to take a much closer look at "Sandboxie", an extremely useful, powerful, and highly recommended Windows security tool they first mentioned two years ago. This time, .. show full overview
1x173
Listener Feedback #55
Episode overview
04, 2008
Our regular mailbag episode with questions and comments from our listeners.
1x174
Sandbox Limitations
Episode overview
11, 2008
The limitations of sandboxing in preventing the negative impacts of malware.
1x175
Listener Feedback #56
Episode overview
18, 2008
Our regular mailbag episode with questions and comments from our listeners.
1x176
Drop My Rights
Episode overview
25, 2008
How to use Microsoft's little-known DropMyRights utility for safer browsing.
1x177
Breaking SSL, PDP-8's & UltraCapacitors
Episode overview
01, 2009
Breaking SSL, PDP-8s, and Ultracapacitors. Full show notes are available at grc.com.
1x178
Listener Feedback #57
Episode overview
08, 2009
Our regular mailbag episode with questions and comments from our listeners.
1x179
Cracking Security Certificates
Episode overview
15, 2009
How security certificates are created and signed, what they do for us, and the MD5 hash.
1x180
Listener Feedback #58
Episode overview
22, 2009
Our regular mailbag episode with questions and comments from our listeners.
1x181
Crypto Rehash
Episode overview
29, 2009
Steve gives an overview of the major concepts and components of encryption.
1x182
Listener Feedback #59
Episode overview
05, 2009
Our regular mailbag episode with questions and comments from our listeners.
1x183
Modes of Encryption
Episode overview
12, 2009
Windows Update, IE7 Problems, ActiveX and Windows 7 issues, SQL attacks, and more.
1x184
Listener Feedback #60
Episode overview
19, 2009
Our regular mailbag episode with questions and comments from our listeners.
1x185
Cryptographic HMACs
Episode overview
26, 2009
MSFT Autorun updates, FreeBSD telnetd, IE7 critical exploit, Acrobat Reader, and more.
1x186
Listener Feedback #61
Episode overview
05, 2009
Our regular mailbag episode with questions and comments from our listeners.
1x187
Windows Autorun-around
Episode overview
12, 2009
Past and recent problems with Windows Autorun.
1x188
Listener Feedback #62
Episode overview
19, 2009
Our regular mailbag episode with questions and comments from our listeners.
1x189
Internet Explorer 8
Episode overview
26, 2009
Internet Explorer 8 speed benchmarks, cookies, Compatibly Mode, Smart Screen filter, DEP, and more.
1x190
Listener Feedback #63
Episode overview
02, 2009
Our regular mailbag episode with questions and comments from our listeners.
1x191
GhostNet
Episode overview
09, 2009
A look into GhostNet, the alleged Chinese cyber-spying network.
1x192
Listener Feedback #64
Episode overview
16, 2009
This mailbag episode discusses new Firefox plugins, Conficker, buffer overflow, and more.
1x193
Conficker
Episode overview
23, 2009
Steve analyzes Conficker, the sophisticated worm that has spread to more than 10 million PCs worldwide.
1x194
Listener Feedback #65
Episode overview
30, 2009
This mailbag episode covers Conficker, Windows process control, NeXT, Ironkey, and more.
1x195
The SSL/TLS Protocol
Episode overview
07, 2009
Steve describes the Internet's most-used security protocol, SSL, now evolved into TLS.
1x196
Listener Feedback #66
Episode overview
14, 2009
This mailbag episode includes SSL/TLS, worms-resistant NATs, PDF JavaScript, nuclear power stations running Windows, and more.
1x197
Windows 7 Security
Episode overview
21, 2009
Security changes, additions and enhancements to Microsoft Windows 7.
1x198
Listener Feedback #67
Episode overview
28, 2009
This mailbag episode includes FASM, scripts, sockets, SSL/TLS, HTTPS, Windows 7's XP mode, and more.
1x199
The Geek Atlas, IPv6 & a non-VPN
Episode overview
04, 2009
A good book, the IPv6 protocol, and Steve's secure TCP idea that doesn't use a VPN tunnel.
1x200
Listener Feedback #68
Episode overview
11, 2009
In this mailbag episode we discuss IPv6, Non-VPNs, Microsoft ClickOnce, expired SSL certificates, and more.
1x201
SecureZIP
Episode overview
18, 2009
The operation, features, and security of PKWARE?s free SecureZIP file archiving and encrypting utility.
1x202
Listener Feedback #69
Episode overview
25, 2009
In this mailbag episode we discuss SecureZip, WPA/WPA2, home-grown VPNs, foreign ATMs, and more.
1x203
Boyer & Moore
Episode overview
02, 2009
Steve tells of the Bob Boyer and J Strother Moore algorithm for finding a substring in a buffer.
1x204
Listener Feedback #70
Episode overview
09, 2009
Our regular mailbag episode with questions and comments from our listeners.
1x205
Lempel & Ziv
Episode overview
16, 2009
An examination of Lempel-Ziv data compression, one of the most prevalent computer algorithms of all time.
1x206
Mega Security News Update
Episode overview
23, 2009
Security updates in Windows Office, IAS, Virtual PC, Virtual Server, msvid control, and more.
1x207
Listener Feedback #71
Episode overview
30, 2009
Steve answers questions on AES-256, iPhone security, TrueCrypt, Firefox privacy, and more.
1x208
Listener Feedback #72
Episode overview
06, 2009
Steve answers questions on SSL encryption, 3g security, Trojans, VPNs as infection vectors, and more.
1x209
Vitamin D
Episode overview
13, 2009
A rare off-topic discussion about Steve's research into vitamin D.
1x210
Listener Feedback #73
Episode overview
20, 2009
Security news and listeners' questions...
1x211
Voting Machine Hacking
Episode overview
27, 2009
Steve covers the security implications of electronic voting machines.
1x212
Listener Feedback #74
Episode overview
03, 2009
Steve answers questions on iPIG VPN, Flash cookies, firewalls, parents' passwords, and more.
1x213
Cracking GSM Cellphones
Episode overview
10, 2009
The inherent insecurities of GSM, the pseudo-random bitstream cipher protecting data on billions of phones.
1x214
Listener Feedback #75
Episode overview
17, 2009
Steve addresses feedback on GSM security, cookies, router admin passwords, proxy servers, and more.
1x215
Security Maxims
Episode overview
24, 2009
Steve and Leo talk about various security maxims, what they mean, why you should follow them, and more.
1x216
Listener Feedback #76
Episode overview
01, 2009
Leo and Steve talk about Microsoft Security Essentials, your questions, and more.
1x217
The Fundamentally Broken Browser Model
Episode overview
08, 2009
How SSLs can be spoofed in man-in-the-middle attacks.
1x218
Listener Feedback #77
Episode overview
15, 2009
Microsoft ships its biggest update ever, Comcast has its eyes on you, and Steve answers your questions.
1x219
Badly Broken Browsing
Episode overview
22, 2009
Why patches are impossible, the Total (In)security virus, and why writing software shouldn't be too easy.
1x220
Listener Feedback #78
Episode overview
29, 2009
Microsoft ships its biggest update ever, Comcast has its eyes on you, and Steve answers your questions.
1x221
The Oxymoron of “JavaScript Security”
Episode overview
05, 2009
The problem with Javascript and security. Guest John Graham-Cumming says it's the "elephant in your browser."
1x222
Listener Feedback #79
Episode overview
12, 2009
We've got the latest security news, including an SSL hack, plus eight great questions from you and Steve's answers...
1x223
A security vulnerability in SSL
Episode overview
19, 2009
Steve explains how a serious exploit in SSL works.
1x224
Listener Feedback #80
Episode overview
26, 2009
Security news, including the NSA's contributions to Windows 7, iPhone bot nets, plus Steve answers your questions.
1x225
“Same Origin” Troubles
Episode overview
03, 2009
Apple fixes security flaws, Ford SYNC SDK, black screen of death, same origin troubles, and more.
1x226
Listener Feedback #130
Episode overview
10, 2009
Digital voting goes open source, patch Tuesday news, and Steve answers your questions.
1x227
Cyberwarfare
Episode overview
17, 2009
Steve covers what may be the future of conflict, Cyberwarfare.
1x228
Listener Feedback #82
Episode overview
24, 2009
Steve responds to questions covering Skype spam, SSL cracking, unencrypted UAV video feeds, free SSL certificates, and more.
1x229
The Rational Rejection of Security Advice
Episode overview
31, 2009
A hard look at the costs and benefits of following all security advice.
1x230
Listener Feedback #83
Episode overview
07, 2010
This week's questions cover packet flow, hijacking DNS queries, router DNS, Patch Tuesday, and more.
1x231
Mega Security Update & CES Observations
Episode overview
14, 2010
Steve catches up with a mega security update, then gives us some of his favorite (wacky) products from CES.
1x232
Listener Feedback #84
Episode overview
21, 2010
Steve answers listener questions about live Linux CDs, TrueCrypt RAM encryption, resetting Thomson modem passwords, and more.
1x233
Let's Design a Computer (part 1)
Episode overview
28, 2010
Steve explains how computers work by designing one from first principles.
1x234
Listener Feedback #85
Episode overview
04, 2010
Internet Explorer as a file system, using Live CDs for security, and Steve takes on the iPad...
1x235
Machine Language
Episode overview
11, 2010
For 16kpbs versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.
1x236
Listener Feedback #86
Episode overview
18, 2010
More flash vulnerabilities, security updates, fake security software, Steve answers your questions, and more.
1x237
Indirection: The Power of Pointers
Episode overview
25, 2010
An introduction to the use of "indirection" in computer science, security news, and more.
1x238
Listener Feedback #87
Episode overview
04, 2010
Steve answers your questions about webcam privacy, unencrypted data in ram, and more.
1x239
Stacks, Registers & Recursion
Episode overview
11, 2010
How stacks, registers and recursion are interrelated, the latest security news, and more.
1x240
Listener Feedback #88
Episode overview
18, 2010
Patch Tuesday, Opera vulnerabilities, the RSA conference, RealDVD, and more.
1x241
Hardware Interrupts
Episode overview
25, 2010
Steve continues his talk on the foundational technologies of computing. This week: how computers do more than one thing at a time using interrupts.
1x242
Listener Feedback #89
Episode overview
01, 2010
Critical updates from Microsoft and Apple, good news for Gmail security, and a warning for nudists...
1x243
State Subversion of SSL
Episode overview
08, 2010
Firefox updates, vulnerabilities in .PDFs, Steve's iPad review, SSL/TLS, and more.
1x244
Listener Feedback #90
Episode overview
15, 2010
Microsoft security updates, the FCC's jurisdiction on bandwidth shaping, Java flaws, iPhone OS security, the state of SSL security, and more.
1x245
The Security of Open vs CLosed
Episode overview
22, 2010
Steve and Leo seriously examine the proven comparative security of open versus closed source and development software, and open versus closed execution platforms.
1x246
Listener Feedback #91
Episode overview
29, 2010
Stolen Google source code, GSM hacked, photocopy machine hard drive security, your questions, and more.
1x247
The “Multi”-verse
Episode overview
06, 2010
Opera vulnerabilities, Adobe PDF insecurities, malware from the US Treasury, Steve joins Twitter, and more.
1x248
The Portable Dog Killer
Episode overview
13, 2010
Patch tuesday, laptop camera surveillance, Yahoo! messenger worm, and more.
1x249
Listener Feedback #92
Episode overview
20, 2010
Shockwave issues, Mozilla's plug-in check, weaponized email, hacking cars, your questions, and more.
1x250
Operating Systems
Episode overview
27, 2010
Manually updating IrfanView and Free Download Manager, Google wifi litigation, how operating systems work, and more.
1x251
Listener Feedback #93
Episode overview
03, 2010
Tabnabbing, Adobe security rumors, iPad data plan changes, your questions, and more.
1x252
RISCy Business
Episode overview
10, 2010
Adobe zero-day, overwrought iPad security news, the evolution of computing architectures, and more.
1x253
Listener Feedback #94
Episode overview
17, 2010
Mac update, AT&T hijinks, another zero-day vulnerability from Microsoft, Adobe delays pdf fix, your questions, and more.
1x254
What We'll Do for Speed
Episode overview
24, 2010
The 25 year legacy of unbelievably complex technologies used in microprocessors to maximize performance.
1x255
Listener Feedback #95
Episode overview
01, 2010
Out of cycle Acrobat and Reader updates, Firefox improvements, flawed SSL study, internet kill switch, your questions, and more.
1x256
LastPass
Episode overview
08, 2010
Steve thoroughly evaluates LastPass, explains why high-security passwords are necessary, and tells us how LastPass makes storing those passwords secure.
1x257
Listener Feedback #96
Episode overview
15, 2010
Chrome update, ClearCloud DNS, Microsoft and Russian camaraderie, LastPass, your questions, and more.
1x258
Five Years of Vulnerabilities
Episode overview
22, 2010
Windows shell worm in the wild, Security Essentials 2.0 beta, Secunia's 5-year analysis, and more.
1x259
Listener Feedback #97
Episode overview
29, 2010
Firefox mega security update, WPA2 broken?, .LNK viruses in the wild, infected Dell motherboards, your questions and more.
1x260
DNS Rebinding
Episode overview
05, 2010
Windows .LNK vulnerability fixed, Google's WiFi "overcollection" in the UK, news from Blackhat, DNS rebinding, and more.
1x261
Listener Feedback #98
Episode overview
12, 2010
PayPal discontinues their virtual credit card service, RIM placing servers in Saudi Arabia, Firefox v4 updates silently, your questions and more.
1x262
Strict Transport Security
Episode overview
19, 2010
Apple fixes the jailbreak hole, trojans on Android, Strict Transport Security (STS), and more.
1x263
Listener Feedback #99
Episode overview
26, 2010
Out-Of-Cycle update from Adobe, Apple security update, binary planting, Spanair 2008 crash, your questions, and more.
1x264
Side-Channel Privacy Leakage
Episode overview
02, 2010
Consequences of the web not being designed for privacy, including non-consensual user tracking.
1x265
Listener Feedback #100
Episode overview
09, 2010
Fix-It for .dll hijack, danger from applications changing the working directory, first successful 64-bit Windows root kit, your questions, and more.
1x266
Inside OAuth
Episode overview
16, 2010
Microsoft's 2nd Tuesday update, new 0-day vulnerabilities in Adobe, Firefox fixes, "Stuxnet" worm, delegated access through OAuth, and more.
1x267
Listener Feedback #101
Episode overview
23, 2010
Flash update, Microsoft ASP .NET problem, HDCP master key leak, Twitter "OnMouseover" XSS flaw, your questions, and more.
1x268
CryptoSystem Backdoors
Episode overview
30, 2010
New 0-day for Windows, HDCP decryption software, Stuxnet & Iran, COICA, cryptography systems and backdoors for law enforcement, and more.
1x269
Listener Feedback #102
Episode overview
07, 2010
Adobe Acrobat patched, RIM and India going 'round & 'round, Comcast VS. Bot, and more.
1x270
The Evercookie
Episode overview
14, 2010
Microsoft breaks Patch Tuesday update record, Facebook adds OTPs and remote signout, What is The Evercookie?, and more.
1x271
Listener Feedback #103
Episode overview
21, 2010
Microsoft reports on Java exploits, new Adobe Reader will sandbox, feedback from MSRT, your questions, and more.
1x272
Firesheep
Episode overview
28, 2010
Mozilla and Real Player updates, Firefox 0-day, Wall Street Journal tracking and privacy series, session hijacking for the rest of us, and more.
1x273
Listener Feedback #104 & The FireStorm
Episode overview
04, 2010
Firesheep firestorm, Flash 0-day exploit in the wild, another iPhone lock screen bypass, your questions, and more.
1x274
Benchmarking DNS
Episode overview
11, 2010
Second Tuesday updates, critical Outlook fix, Android risks, Google expands "bug bounty", GRC's DNS Benchmark, and more.
1x275
Listener Feedback #105
Episode overview
18, 2010
Big Apple update, IE6/7 0-day unpatched, infected Chinese cell phones, Stuxnet's probable target, your questions, and more.
1x276
Testing DNS Spoofability
Episode overview
25, 2010
Safari update, HTTPS Everywhere, FBI wants to wiretap the Internet, comprehensive DNS spoofability test, and more.
1x277
Listener Feedback #106
Episode overview
02, 2010
New WIndows kernel vulnerability, Wikileaks siprnet, Vitamin D findings, your questions, and more.
1x278
Tag Me (with RFID)
Episode overview
09, 2010
Windows 7 SP1 reaches RC level, Google Chrome v8.0 released, What is SHIELD?, How to keep track of people using RFID tags, and more.
1x279
Listener Feedback #107
Episode overview
16, 2010
Microsoft's December security updates, backdoor in BSD, WikiLeaks DDoS, your questions, and more.
1x280
Bluetooth
Episode overview
23, 2010
OpenBSD discredits backdoor, weak net neutrality, compromised site warnings from Google, Bluetooth in depth, and more.
1x281
The Portable Dog Killer, Encore
Episode overview
30, 2010
An encore presentation of an enlightening story from Steve's past.
1x282
Listener Feedback #108
Episode overview
06, 2011
Microsoft acknowledges IE problem, hacking GSM phones, Stuxnet update, your questions, and more.
1x283
Bluetooth Hacking
Episode overview
13, 2011
Cross Fuzz, warrantless cell phone searches, Obama's "Unified Internet Identity", flavors of bluetooth hacking, and more.
1x284
Listener Feedback #109
Episode overview
20, 2011
Israel and US teamed up on Stuxnet, global IPv6 test coming, your questions, and more.
1x285
Fuzzy Browsers
Episode overview
27, 2011
Google awards first "Elite" security award, Facebook SSL and HTTPS, unprivileged work e-mail, stress testing browsers, and more.
1x286
Listener Feedback #110
Episode overview
03, 2011
Gingerbread data disclosure vulnerability, SourceForge hack, IPv4 depletion, zero-day attacks no more, your questions, and more.
1x287
BitCoin CryptoCurrency
Episode overview
09, 2011
Firefox adds "Do Not Track", Verizon alters web content, McAfee on Mobile Malware, BitCoin, and more.
1x288
Listener Feedback #111
Episode overview
17, 2011
A critical Microsoft vulnerability, The differences between open and closed source software, A number of questions around BitCoin, and more.
1x290
Listener Feedback #112
Episode overview
03, 2011
Windows 7 service pack 1 is out, Apple's Thunderbolt security, Facebook's HTTPS security turns itself off, and more.
1x291
Stuxnet
Episode overview
10, 2011
The anatomy of Stuxnet, plus Pwn2Own is underway meaning updates from Apple, Google, Microsoft, and more.
1x289
Proxied Surfing
Episode overview
17, 2011
After catching up with the week's security updates and other security-related news, Steve and Leo discuss the many modes of operation of "Proxied Web Surfing" which are used to bypass .. show full overview
1x292
Listener Feedback #113
Episode overview
17, 2011
The consequences of Pwn2Own, Issues around the Japanese earthquake, reverse DNS, and more.
1x293
IE9
Episode overview
24, 2011
Internet Explorer 9, RSA Security comprimised, India versus Blackberry, and more.
1x294
Listener Feedback #114
Episode overview
31, 2011
Fraudulent SSL certificates, RSA SecurID breach update, Real Player vulnerability, your questions, and more.
1x295
The Comodo SSL Breach
Episode overview
07, 2011
RSA SecurID Break-in, YubiHSM, Epsilon security breach, DNT gets traction, and more.
1x296
Listener Feedback #115
Episode overview
14, 2011
64 fixes from Microsoft, Another Flash exploit, Wordpress hacked, your questions, and more.
1x297
Pass-Sentences??
Episode overview
21, 2011
iOS location tracking, Pass phrase security, Dropbox authentication, and more.
1x298
Listener Feedback #116
Episode overview
28, 2011
Sony Playstation Network breach, Mobile tracking, Disc Drive steganography, your emails, and more.
1x299
Going Random (1)
Episode overview
05, 2011
Firefox and Chrome updates, Apple tracks differently, Bin Laden's security, relying on randomness, and more.
1x300
Listener Feedback #117
Episode overview
12, 2011
Reasons you should change your Facebook password right now, Zero Day, a new Do Not Track bill, and more.
1x301
Going Random (2)
Episode overview
19, 2011
DIY Malware kite for Mac, Protect IP act, Achieving true randomness, and more.
1x302
Listener Feedback #118
Episode overview
26, 2011
Mac Defender malware, Sony's continuing security woes, Android vulnerability patched by Google, your questions, and more.
1x303
Password Haystacks
Episode overview
02, 2011
Making passwords memorable AND uncrackable, More on Mac Defender, Lockheed Martin breach, and more.
1x304
Listener Feedback #119
Episode overview
09, 2011
RSA SecurID token replacement, Sony breaches continue, your questions, and more.
1x305
Ghostery
Episode overview
16, 2011
Website surveillance monitoring and blocking, IMF breach, commercial bank fraud liability, and more.
1x306
Listener Feedback #120
Episode overview
23, 2011
Malware stealing Bitcoins, Dropbox security, WordPress hacked, your questions, and more.
1x307
The Future of Identity
Episode overview
30, 2011
LulzSec says farewell, cost of Citigroup attack, National Institute of Standards and Technology, and more.
1x308
Listener Feedback #121
Episode overview
07, 2011
Dropbox TOS update, Microsoft's Skype intercept patent, evaluating LulzSec, your questions, and more.
1x309
How the Internet Works, Part 1
Episode overview
14, 2011
Steve explains how the internet works with three basic principles, plus security updates, security news, and more.
1x310
Listener Feedback #122
Episode overview
21, 2011
iOS updates, careers in computer security, randomness in cryptography, your questions, and more.
1x311
Anatomy of a Security Mistake
Episode overview
28, 2011
Apple iOS Certificate, Passware, dissecting the crypt_blowfish bug, and more.
1x312
Listener Feedback #123
Episode overview
04, 2011
We find a way to keep Tor from being censored, KISSmetrics's sneaky cookie and your questions answered by Steve.
1x313
How The Internet Works: ICMP & UDP
Episode overview
11, 2011
Adobe patches galore, a deep look at ICMP and UDP, and more.
1x314
Listener Feedback #124
Episode overview
18, 2011
Tons of Firefox news, Gizmodo off the hook, lot's of questions, and more.
1x315
Off The Grid
Episode overview
25, 2011
Caesar Cipher, Playfair Cipher, going off the grid and more.
1x316
Listener Feedback #125
Episode overview
01, 2011
Google's fraudulent SSL Certificate, Pakistan bans encryption software, your questions, and more.
1x317
TCP Part 1 – Getting Connected
Episode overview
08, 2011
DigiNotar mega-update, DNS hack of NetNames, TCP demystified, and more.
1x318
Listener Feedback #126
Episode overview
15, 2011
More on DigiNotar, GlobalSign security breach, your questions, and more.
1x319
Certificate Authority (CA) Trust - Time to Change it?
Episode overview
22, 2011
DigiNotar bankruptcy, SSL weakness discovered, alternatives to the CA Hierarchy Model, and more.
1x320
Listener Feedback #127
Episode overview
29, 2011
Kindle Fire and the Silk browser, MySQL breach, your questions, and more.
1x321
The Beauty of B.E.A.S.T.
Episode overview
05, 2011
HTC not sandboxing Android data, phishing on the rise, Browser Exploit Against SSL/TLS, and more.
1x322
Listener Feedback #128
Episode overview
12, 2011
Fighter drone's malware infection, Germany deliberately installing malware on traveller's computers, your questions and Steve's answers.
1x323
TCP Pt.2 - Attacking TCP
Episode overview
19, 2011
Details on the Silk browser, Google encrypted search, TCP attacks, and more.
1x324
Listener Feedback #129
Episode overview
26, 2011
Two Internets, Stuxnet variant "DuQu", Spanning Tree Protocol, your questions, and more.
1x325
TCP Pt.3 - Necessary Refinements
Episode overview
02, 2011
Certificate authorities compromised, BT to block Newzbin, Mac OSX Bitcoin mining malware, "Bytes in Flight", and more.
1x326
Listener Feedback #81
Episode overview
09, 2011
DuQu worm, remote code execution kernel vulnerability, Adobe abandons Flash for mobile, your questions, and more.
1x327
Internet Privacy Update
Episode overview
16, 2011
Firefox 8, SOPA, Kindle Fire first look, and more.
1x328
Listener Feedback #131
Episode overview
23, 2011
SOPA, SCADA hacked, Kindle Fire extended review, your questions, and more.
1x329
Browser ID
Episode overview
30, 2011
Comparing Mozilla's BrowserID to other security technologies, Android malware, Malvertising, and more.
1x330
Listener Feedback #132
Episode overview
07, 2011
DNSCrypt Beta for Mac, Zeus banking trojan, Carrier IQ, your questions, and more.
1x331
Mega Security News Update
Episode overview
14, 2011
Microsoft, Adobe, and Carrier IQ security news, and more.
1x332
Listener Feedback #133
Episode overview
21, 2011
Background updates of IE, more on Carrier IQ, your questions, and more.
1x333
Science Fiction Holiday Special
Episode overview
28, 2011
Firefox 9, SOPA, Sci-Fi movie and book recommendations, and more.
1x334
Listener Feedback #134
Episode overview
04, 2012
Microsoft's Out-Of-Cycle patch, FISA constitutionality, your questions, and more.
1x335
Wi-Fi Protected (In)Security
Episode overview
09, 2012
Simple Secure Wifi isn't very secure, password recovering charger, WPA cracker, and more.
1x336
Listener Feedback #135
Episode overview
18, 2012
Zappos customer data breach, Slow Motion DDoS, your questions, and more.
1x337
WPS: A Troubled Protocol
Episode overview
25, 2012
Forcing laptop decryption, GPS tracking now requires a warrant, DNS poisoning, and more.
1x338
Listener Feedback #136
Episode overview
01, 2012
Google's privacy policy changes, Region's lost 401k data, pcAnywhere source stolen years ago, your questions, and more.
1x339
“ScriptNo” for Chrome
Episode overview
08, 2012
NSTIC update, webcam nightmare, a NoScript-like extension for Chrome, and more.
1x340
Listener Feedback #137
Episode overview
15, 2012
SSL's public key encryption, pcAnywhere, Google Wallet, your questions, and more.
1x341
Can “Anonymous” Take Down the Internet?
Episode overview
22, 2012
The iOS cookie incident, whether Anonymous might take down the Internet, and more.
1x342
Listener Feedback #138
Episode overview
29, 2012
HTML video copy protection, protection against forced decryption, Yubico "Nano", your questions, and more.
1x343
HTTP & SPDY
Episode overview
06, 2012
LulzSec leader betrays Anonymous , how a site can know your social networks, comparing HTTP to SPDY, and more.
1x344
Listener Feedback #139
Episode overview
14, 2012
6th annual Pwn2Own, Microsoft's noisy 2nd Tuesday, Wikipedia transfer from GoDaddy complete, your questions, and more.
1x345
Buffer Bloat
Episode overview
21, 2012
Buffer Bloat on the internet, NSA Super-Super Computer Center, Apache Server Status information leakage, and more.
1x346
Listener Feedback #140
Episode overview
28, 2012
Ten great answers and questions, buffer bloat, security news, and more.
1x347
iOS Password Mis-Managers
Episode overview
04, 2012
Global Payments card processor breach, Apple holds security key for iCloud, iPhone passcode exploit, and more.
1x348
Listener Feedback #141
Episode overview
11, 2012
Flashback infects 670,000 Macs, safety of Safari password storage, Windows Defender Offline, your questions, and more.
1x349
Cloud Solutions
Episode overview
19, 2012
Steve gathers up all the cloud storage solutions and gives us his review.
1x350
Twitter Feedback Q&A #142 / Cloud Security
Episode overview
25, 2012
During this special Q&A episode, Iyaz and I host an entirely Twitter-driven Q&A episode, caused by the flurry of interest created by last week's focus upon Cloud Storage Solutions. After .. show full overview
1x351
Three Hybrid Cloud Solutions
Episode overview
02, 2012
After catching up with the week's news and Twitter feedback, Leo and I closely examine three remote cloud storage solutions whose Crypto was done COMPLETELY right, Offering full TNO .. show full overview
1x352
Listener Feedback #143
Episode overview
09, 2012
Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are .. show full overview
1x353
DMARC - eMail Security
Episode overview
16, 2012
After catching up with the week's news, Steve and Leo look at the state of the slow but sure and steady progress being made to tighten up the Internet's eMail security. Since spoofing .. show full overview
1x354
Listener Feedback #144
Episode overview
23, 2012
Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are .. show full overview
1x355
Poking Holes in TCP
Episode overview
30, 2012
Steve and Leo tackle two new and interesting threats to Internet security. First, the newly discovered “Flame” / “Flamer” / “Skywiper” malware dwarfs Stuxnet and Duqu in capability and .. show full overview
1x356
Listener Feedback #145
Episode overview
06, 2012
Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are .. show full overview
1x357
Flame On!
Episode overview
13, 2012
This week, after catching up with a large amount of the week’s news, Leo and I carefully examine two major new discoveries about the Windows Flame worm.
1x358
Listener Feedback #146
Episode overview
20, 2012
Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are .. show full overview
1x359
Coddling Our Buffers
Episode overview
27, 2012
After catching up with a few items of security and privacy news, Leo and I return to the Internet's "Buffer Bloat" problem to share the new solution “CoDel” (pronounced “coddle”) that .. show full overview
1x360
Listener Feedback #147
Episode overview
11, 2012
Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are .. show full overview
1x361
Paul Vixie & DNS Changer
Episode overview
18, 2012
After catching up with the week's security news, Leo and I take a close look at the recent “DNS Changer” malware, the FBI's role in the “takedown” of the malicious servers, and the .. show full overview
1x362
Listener Feedback #148
Episode overview
25, 2012
Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are .. show full overview
1x363
Ali Baba's Cave
Episode overview
01, 2012
After catching up with an eventful week of security news, Leo and I explore a variant of the story of “Ali Baba's Cave” as a means for clearly explaining the operation and requirements of cryptographic Zero-Knowledge Interactive Proofs.
1x364
Mat Honan's Very Bad Weekend
Episode overview
08, 2012
After catching up with an eventful week of security news, Leo and I describe and explore the details of the “epic hack” that recently befell well-known technology writer Mat Honan.
1x365
Listener Feedback #149
Episode overview
15, 2012
Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are .. show full overview
1x366
Password Cracking Update: The Death of “Clever”
Episode overview
22, 2012
After catching up with a collection of miscellaneous and interesting security-related news, Leo and I take a close look at the long-term consequences of the many massive password .. show full overview
1x367
What a Busy Week!
Episode overview
29, 2012
We have so much security news and information to cover this week that we didn’t have time to take questions from our listeners. What we have, instead, is a LOT of interesting news about .. show full overview
1x368
Listener Feedback #150
Episode overview
05, 2012
Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are .. show full overview
1x369
Internet Identity Update
Episode overview
11, 2012
After catching up with an eventful week of security news, Leo and I step back for an overview and discussion of the slowly evolving state of the art in Internet Identity Authentication.
1x370
Mark Russinovich & Other News
Episode overview
19, 2012
We begin the week with a visit with our distinguished guest, Mark Russinovich, late of Sysinternals and now with Microsoft. Mark joins us to chat about the release of his second security .. show full overview
1x371
Listener Feedback #151
Episode overview
26, 2012
Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are .. show full overview
1x372
NFC - Near Field Communications
Episode overview
03, 2012
After catching up with just a tiny bit of security news (it was a very quiet week in security), Leo and I take the podcast's first-ever comprehensive look at the emerging and .. show full overview
1x373
Listener Feedback #152
Episode overview
10, 2012
Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are .. show full overview
1x374
ECC - Elliptic Curve Cryptography
Episode overview
17, 2012
After catching up with the week's most important security news, Leo and I wind up our propeller-cap beanies, right to the breaking point of their springs, in order to obtain enough lift .. show full overview
1x375
Listener Feedback #153
Episode overview
24, 2012
Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are .. show full overview
1x376
Fully Homomorphic Encryption
Episode overview
31, 2012
This week, after failing to find much in the way of interesting security news, Leo and I make up for that by introducing the concept of “Fully Homomorphic Encryption,” which allows .. show full overview
1x377
Listener Feedback #154
Episode overview
07, 2012
Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are .. show full overview
1x378
Microsoft: Security, Privacy & DNT
Episode overview
14, 2012
After catching up with an interesting and varied grab-bag of security news and paraphernalia, Tom and I further examine the controversy surrounding Microsoft's decision to enable the Do .. show full overview
1x379
Listener Feedback #155
Episode overview
21, 2012
Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are .. show full overview
1x380
DTLS - Datagram Transport Layer Security
Episode overview
28, 2012
After catching up with lots of interesting security news, updates on Steve's Acoustic Dog Training project, and lots of other miscellany, Leo and I examine a recently developed and .. show full overview
1x381
Listener Feedback #156
Episode overview
05, 2012
Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are .. show full overview
1x382
QR Codes
Episode overview
12, 2012
After catching up with the week's news, Leo and I take a deep dive into the technology of the ever-more-ubiquitous “QR Codes” which are popping up everywhere and are increasingly being used, not only for good, but with malicious intent.
1x383
Listener Feedback #157
Episode overview
19, 2012
Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are .. show full overview
1x384
Once Upon a Time
Episode overview
26, 2012
For this special year-end holiday edition of Security Now!, I dug down deep into my video archives, taking back 22 years, to 1990, to share a 45-minute presentation I gave, once upon a .. show full overview
1x385
Listener Feedback #158
Episode overview
02, 2013
Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are .. show full overview
1x386
Disconnect WidgetJacking
Episode overview
09, 2013
After catching up with a very busy week of interesting security news and events, Leo and I examine the growing privacy and security problems created by the ever more pervasive social .. show full overview
1x387
Listener Feedback #159
Episode overview
16, 2013
Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are .. show full overview
1x388
Memory Hard Problems
Episode overview
23, 2013
After catching up with a bunch of fun and interesting news of the week, Leo and I examine the future of anti-hacking password scrambling and storage with the introduction of “Memory Hard .. show full overview
1x389
Listener Feedback #160 & UPnP Exposure Disaster
Episode overview
30, 2013
Leo and I discuss the week's major security events—and the disastrous news of 81 million exposed vulnerable routers!—discuss questions and comments from listeners of previous episodes. .. show full overview
1x390
“Mega” Security Overview
Episode overview
06, 2013
After covering “UPnP a week later” and catching up with some interesting security industry happenings, Leo and I take a look into the controversy surrounding the security (or lack thereof) of Kim Dotcom's new “Mega” cloud storage offering.
1x391
Listener Feedback #161
Episode overview
13, 2013
Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are .. show full overview
1x392
The Internet Underworld
Episode overview
20, 2013
We first converse with today's special guest, Brian Krebs, who for many years wrote for the Washington Post and is now publishing his own “Krebs on Security” blog. Our topic is “The .. show full overview
1x393
Listener Feedback #162
Episode overview
27, 2013
Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are .. show full overview
1x394
Tor 2.0
Episode overview
06, 2013
Evernote resets 50 million passwords, Oracle issues emergency JAVA update, Tor's updated operation, and more.
1x395
Your Questions, Steve's Answers 163
Episode overview
13, 2013
More JAVA vulnerabilities, more Flash vulnerabilities, DNT and IE10, your questions, and more.
1x396
Telnet-pocalypse
Episode overview
20, 2013
Bitcoin, Carna Botnet, Krebs DDoS'd, distributed hash tables, and more.
1x397
Your Questions, Steve's Answers 164
Episode overview
27, 2013
Apple authentication, FBI and Real-Time interception, your questions, and more.
1x398
Distributed Hash Tables
Episode overview
03, 2013
COX is blocking UPnP, "Darkleech", poor Comcast JavaScript, Distributed Database technology, and more.
1x399
Your Questions, Steve's Answers 165
Episode overview
10, 2013
Comcast's Blocked Ports, Verizon DSL begins to NAT it's users, VUDO, your questions, and more.
1x400
VPN Solutions
Episode overview
17, 2013
Wordpress botnet, another JAVA update, CRAPCHAs, Virtual Private Networks, and more.
1x405
Your Questions, Steve's Answers 168
Episode overview
22, 2013
New Firefox cookie policy, Skype snooping, your questions, and more.
1x401
Your Questions, Steve's Answers 166
Episode overview
24, 2013
Another JAVA flaw, Google Street View data collection in Germany, Malware in Google Play Apps, and more!
1x402
BitTorrent Sync
Episode overview
01, 2013
Security news, "BitTorrent Sync", and more.
1x403
Your Questions, Steve's Answers 167
Episode overview
08, 2013
Quantum Internet, BT tests IP address sharing, Syria on the Internet, your questions, and more.
1x404
How Facebook Monetizes
Episode overview
15, 2013
iPhone cracking for law enforcement, New Yorker opens an anonymous dead-drop system, Syria dropped off the Net again, and more.
1x406
Off the Record with OTR
Episode overview
29, 2013
Login with Amazon, Google to update SSL certificates, anatomy of a hack, and more.
1x407
Your Questions, Steve's Answers 169
Episode overview
05, 2013
Car door lock mystery, Zeus Trojan on Facebook, your questions, and more.
1x408
The State of Surveillance
Episode overview
12, 2013
Diving deep and defining NSA's PRISM data collection, and more.
1x409
Your Questions, Steve's Answers 170
Episode overview
19, 2013
More on PRISM, the business of secretive communication, your questions, and more.
1x410
Interesting Intel History
Episode overview
26, 2013
Snowden leaks continue, Firefox 22, Project Chess, and more.
1x411
Your Questions, Steve's Answers 171
Episode overview
03, 2013
Snowden leaks continue, Firefox 22, Project Chess, and more.
1x412
SSL and Perfect Forward Secrecy
Episode overview
10, 2013
A creepy PRISM thought, a defense against it, a big Microsoft patch Tuesday, and more.
1x413
How Much Tinfoil?
Episode overview
17, 2013
Microsoft handing NSA encrypted messages, Feds disinvited to Def Con, and more.
1x414
Inflection Points
Episode overview
24, 2013
Department of Homeland Security overreaction, Feds want master encryption keys, Apple's dev site hacked, and more.
1x415
Your Questions, Steve's Answers 172
Episode overview
31, 2013
XKeyscore, SkyDrive looking for a new name, Megamos Crypto, your questions, and more.
1x416
Black Hat, TOR and more
Episode overview
07, 2013
Firefox 23, Twitter multi-factor auth improvements, NSA Director's bad time at Black Hat, and more.
1x417
Your Questions, Steve's Answers 173
Episode overview
14, 2013
Lavabit, Silent Circle, Android and BitCoin, your questions, and more.
1x418
Considering PGP
Episode overview
21, 2013
Steve and Leo cover the consequences of the Snowden leaks and, with that in mind, they examine the Pretty Good Privacy (PGP) system for encrypting email and attachments.
1x419
Your Questions, Steve's Answers 174
Episode overview
28, 2013
Kim Dotcom's secure email solution, Wickr, Cackle, Hemlis, your questions, and more.
1x420
BitMessage
Episode overview
04, 2013
NSA and USA in the doghouse, New Zealand bans software patents, more JAVA trouble, and more.
1x421
The Perfect Accusation
Episode overview
11, 2013
LastPass and the NSA, MyOpenID, Patch Tuesday, NSA versus encryption, and more.
1x422
Your Questions, Steve's Answers 175
Episode overview
18, 2013
Social media monitoring at school, unpatchable Java 6 exploits, IPv6 subversion, and more.
1x423
Fingerprint Biometrics
Episode overview
25, 2013
NSA-influenced code and backdoors, iOS7 flaws, TouchID, and more.
1x424
SQRL
Episode overview
02, 2013
Fingerprints are usernames, BitTorrent Chat, Steve's practical replacement for website usernames and passwords, and more.
1x425
SQRL and Q & A 176
Episode overview
09, 2013
Secure QR Login followup, Lavabit defied the FBI, Microsoft's second Tuesday, your questions, and more.
1x426
SQRL: Anti-Phishing and Revocation
Episode overview
16, 2013
Two new valuable features of SQRL, Internet Governance Project, Lavabit, and more.
1x427
A Newsy Week
Episode overview
23, 2013
Google's “Project Shield”, CryptoSeal, CryptoLocker, Shumway, and more.
1x428
Your Questions, Steve's Answers 177
Episode overview
30, 2013
Firefox 25, LinkedIn Intro, CryptoLocker, SQRL, your questions, and more.
1x429
Monkey Was 26th
Episode overview
06, 2013
TrueCrypt Audit, Google versus the NSA, LastPass update, and much more news.
1x430
Your Questions, Steve's Answers 178
Episode overview
13, 2013
Microsoft TIFF 0-day flaw, lots of Bitcoin happenings, your questions, and more.
1x431
What is RADIUS?
Episode overview
20, 2013
Security news, the coin wallet idea, why does proXPN allow only twelve characters, Steve explains RADIUS, and more.
1x432
Coin, Patent Trolls, and More
Episode overview
27, 2013
Following another week overfilled with interesting security-related news, Steve and Leo spend an hour and a half diving deeply into an updated (and likely very close to correct) .. show full overview
1x433
Breaking SSL
Episode overview
04, 2013
A closer look at "BULLRUN", the NSA's code name for their Encryption Cracking initiative, TL Warp Drive, and more.
1x434
Your Questions, Steve's Answers 179
Episode overview
11, 2013
Patch Tuesday, Firefox 26, NSA and Google cookies, your questions, and more.
1x435
Your Questions, Steve's Answers 180
Episode overview
18, 2013
All things NSA, Acoustic Crypto Key leakage, FIDO Alliance and SQRL, your questions, and more.
1x436
Time Traveling with Steve
Episode overview
25, 2013
Steve opens up his archives to show some of his first appearances with Leo on the Screen Savers.
1x437
New Year's News Catchup
Episode overview
07, 2014
We talk about the NSA and ANT protocols, more CryptoLocker news, the SnapChat leak of names and phone numbers, and more.
1x438
NSA's ANT
Episode overview
14, 2014
After catching up with another busy week of security news, we dive into the amazing NSA ANT documentation to learn about the NSA's field capabilities.
1x439
Your Questions, Steve's Answers 181
Episode overview
21, 2014
Steve and Leo discuss the week's major security events and discuss questions and comments from listeners of previous episodes.
1x440
Your Questions, Steve's Answers 182
Episode overview
28, 2014
More point-of-sale malware news, overtrain Apple's TouchID for reliability, BlueTooth LE's pairing is "just broken" and more.
1x441
Password Policies
Episode overview
04, 2014
Steve and Leo examine research performed by Dashlane (makers of a password manager). They have researched and presented the current state of the Top100 web retailer's password policies.
1x442
Q&A 183
Episode overview
11, 2014
Steve and Leo discuss the week's major security events and discuss questions and comments from listeners of previous episodes.
1x443
Sisyphus
Episode overview
18, 2014
Steve's original plan to explain Google's terrific innovations in web performance, known as "QUIC" were derailed by the overwhelmingly worrisome security news, so this week's podcast is pure, and rather sobering, news of the week.
1x444
Goto: Fail
Episode overview
25, 2014
Goto: Fail, Apple's SSL screw up, WhatsApp TOS change, Telegram, Mt. Gox & Bitcoin, and more!
1x445
Your Questions, Steve's Answers 184
Episode overview
04, 2014
Was the iOS SSL flaw done on purpose? NSA spying on Yahoo users' webcams, Steve makes a shocking admission about Windows XP, and more!
1x446
iOS Security (1)
Episode overview
11, 2014
Snowden's SXSW appearance, SQRL coming in 34 languages, the deepest look yet into Apple's iOS security, and more!
1x447
iOS Security (2)
Episode overview
18, 2014
More "XP Armageddon", PwnToOwn, cloud storage costs plummet, and more!
1x448
iOS Security (3)
Episode overview
25, 2014
An important Fix-It for a new 0-day vulnerability in Microsoft Word, has WPA2 Wi-Fi been cracked? iOS security part 3, and more.
1x449
Your Questions, Steve's Answers 185
Episode overview
01, 2014
The NSA / Dual_EC_DRBG flaw is worse than we knew, is Google's Always HTTPS for Gmail a bad thing? A quick WiFi password install for iPhones, and more.
1x450
How the Heartbleeds
Episode overview
08, 2014
The end of updates for Windows XP, AnyDVD, the Heart Bleed Bug, and more.
1x451
TrueCrypt & Heartbleed Part 2
Episode overview
15, 2014
The previous week consisted of nearly a single story: Heartbleed. It was only "nearly", though, because we also received the results from the first phase of the TrueCrypt audit.
1x452
Your Questions, Steve's Answers 186
Episode overview
21, 2014
Ladar Levinson's appeal ruling, Google could bring end-to-end encryption to the masses, Jailbreaking iOS and more!
1x453
Certificate Revocation
Episode overview
29, 2014
Internet Explorer 0-day flaw, a new look for Firefox v29, what do we do when good certificates go bad? And more!
1x454
Certificate Revocation, Part 2
Episode overview
06, 2014
OpenID and OAuth vulnerability rediscovered, US Gov begins testing Universal CyberID, certificate revocation part 2: how practice follows theory, and more!
1x455
Your Questions, Steve's Answers 187
Episode overview
13, 2014
Microsoft's 2nd Tuesday patches, the Certificate Authority Security Council weighs in on Chrome's revocation solution, the appeal decision in Oracle vs. Google, and more!
1x456
Harvesting Entropy
Episode overview
20, 2014
Steve and Leo examine the practical size of randomness and the challenge of collecting Entropy in a client that may not have any built-in support for providing it, and may also be surrounded by active attackers.
1x457
Your Questions, Steve's Answers 188
Episode overview
27, 2014
During this week's Q&A we host a special guest, industry veteran and ISP, Brett Glass, who shares his views on the confusing Network Neutrality debate. We also catch up with the past .. show full overview
1x458
TrueCrypt: WTH?
Episode overview
03, 2014
Steve and Leo look back upon and analyze the past seven days of insanity which followed the startling surprise "self-takedown" of the long standing TrueCrypt.org website, and of TrueCrypt itself.
1x459
Your Questions, Steve's Answers 189
Episode overview
10, 2014
Google's browser-based PGP, more OpenSSL troubles, iOS8 thwarts tracking? And Steve answers your questions!
1x460
Authenticated Encryption
Episode overview
17, 2014
Steve and Leo discuss the need for, and the Internet industry's search for, new standards for "Authenticated Encryption" which simultaneously encrypts messages for privacy while also authenticating them against any active in-flight tampering.
1x461
Your Questions, Steve's Answers 190
Episode overview
24, 2014
The EFF wants internet users to open up their Wi-Fi networks, BoringSSL, Google to start offering domains, and more.
1x462
Cloud Storage Solutions
Episode overview
01, 2014
Paypal's security misfires, serious Android crypto key theft vulnerability affecting 86% of devices, and we announce and launch the beginning of a multi-part podcast series which will .. show full overview
1x463
Your Questions, Steve's Answers 191
Episode overview
08, 2014
Microsoft's Patch Tuesday & they fumble a takedown, Oracle ends XP's Java, Cloud Storage Solutions update and more!
1x464
Your Questions, Steve's Answers 192
Episode overview
15, 2014
Three Internet of Things standardization groups, Google hires a team of hackers for "Project Zero," Has CryptoLocker been neutralized? And more!
1x465
iOS Surveillance?
Episode overview
22, 2014
Level3 responds to Verizon's network congestion chart, Canvas Fingerprinting, Microsoft Research says not to use strong passwords? And more!
1x466
Your Questions, Steve's Answers #193
Episode overview
29, 2014
iOS v7 HAS been Jailbroken, iOS Backdoors and Canvas Fingerprinting, WhisperSystems' truly secure "Redphone" comes to iPhone as "Signal", Android found not to be checking certificate .. show full overview
1x467
Browser Password Managers
Episode overview
05, 2014
HP's recent analysis of the (lack of) security in "Internet of Things" appliances, BadUSB, Steve's analysis of browser-based password managers, and more!
1x468
Your Questions, Steve's Answers 194
Episode overview
12, 2014
BadUSB follow-up, LastPass outage, Google to prioritize websites with HTTPS, and more!
1x469
Big Routing Tables
Episode overview
19, 2014
Who can access your digital assets after death? HTTP Shaming, last week's internet outage, and more!
1x470
Your Questions, Steve's Answers 195
Episode overview
26, 2014
"Autonomous" vs. "Anonymous", Sony's Playstation Network DDoS attack, the first confirmed Heartbleed intrusion and more.
1x471
PGP: Time for an Upgrade?
Episode overview
02, 2014
The iCloud iBrute iHack, more consumer Wi-Fi router security troubles, encrypting email... with PGP? And more!
1x472
Your Questions, Steve's Answers 196
Episode overview
09, 2014
The Home Depot breach, Comcast gets pretty intrusive, Google declares war on the SHA-1 hash and more!
1x473
Google vs. SHA-1
Episode overview
16, 2014
Comcast versus TOR, a big Linked-In mistake, a serious pre-KitKat Android problem and more!
1x474
Your Questions, Steve's Answers 197
Episode overview
23, 2014
Apple's iOS 8 security, Google and Dropbox team up in a new venture, encrypting some data versus all data, and more!
1x475
Shocked by the Shell
Episode overview
01, 2014
After covering a very busy and interesting past week of security and privacy news, Father Robert and Steve explain, examine, and dig down deep into the many fascinating details of the .. show full overview
1x476
Your Questions, Steve's Answers 198
Episode overview
07, 2014
JP Morgan Chase and the largest breach yet, Yahoo!'s servers hit by ShellShock, BadUSB exploit code posted to Github, and your Q&A!
1x477
Payment Tokenization
Episode overview
14, 2014
A new Windows 0-day exploit, rumor of a pending SSLv3 flaw and Steve analyzes the next evolution in online payment technology which replaces traditional credit card numbers with "Payment Tokens."
1x478
Poodle Bites
Episode overview
21, 2014
FBI director wants Congress to fix phone encryption, Google adds Yubikey 2nd-factor authentication, and is there anything to worry about Poodle?
1x479
Your Questions, Steve's Answers 199
Episode overview
28, 2014
Apple Pay vs. CurrentC, Verizon (and AT&T) inserting a sticky cookie, RC4 gets an upgrade tweak, and listener feedback!
1x480
Your Questions, Steve's Answers 200
Episode overview
04, 2014
CurrentC already hacked, a serious OSX Yosemite vulnerability, is your TV watching you? And your questions!
1x481
Certificate Transparency
Episode overview
11, 2014
Microsoft's Mega Patch Tuesday, Obama wants to reclassify ISPs as telecommunications carriers, verifying a website's authenticity with certificates and more.
1x482
Your Questions, Steve's Answers 201
Episode overview
18, 2014
Dirtboxes spying on cellphones, an update for AT&T and Verizon's Cellular Super-Cookie, worries about BitTorrent Sync's security and privacy, and your questions!
1x483
Let's Encrypt
Episode overview
25, 2014
Intelligence gathering malware Regin, the Edward Snowden documentary Citizenfour, upcoming Certificate Authority Let's Encrypt and more.
1x484
Your Questions, Steve's Answers 202
Episode overview
02, 2014
Firefox v34, iOS 8 bugs, how to safely report a vulnerability and more of your questions.
1x485
Expensive Lessons
Episode overview
09, 2014
Poodle Bites (again!), TURLA - an APT (Advanced Persistent Threat) targeting Linux, and very expensive lessons learned from Target and Sony's recent security breaches.
1x486
Your Questions, Steve's Answers 203
Episode overview
16, 2014
Chrome UX changes in 2015, a Las Vegas casino struck hard by a cyberattack, the ethics of disclosing illegally obtained content, your questions and Steve's answers!
1x487
Steve Introduces SQRL
Episode overview
23, 2014
Steve Gibson introduces and explains Secure Quick Reliable Login (SQRL), Steve's proposal for a replacement for website passwords at DigiCert Security Summit 2014 in Las Vegas.
1x488
The (In)Security of 2014
Episode overview
30, 2014
Who hacked Sony? Apple deploys their first forced-update, Snowden docs revealing NSA headaches, and a look back on a busy 2014 for security!
1x489
Your Questions, Steve's Answers 204
Episode overview
06, 2015
The HSTS Super-Cookie, "ThunderStrike," CryptoLocker's successor, and questions from listeners!
1x490
The Enigma
Episode overview
13, 2015
Lizard Squad's DDoS network largely powered by SOHO Routers, Google abandons pre-v4.4 Android Updates, and British Prime Minister David Cameron proposes outlawing communications that the government cannot eavesdrop on.
1x491
Cryptographic Backdoors
Episode overview
20, 2015
Why the President was sure it was North Korea, a few Sci-Fi recommendations from Steve, and separating fact from fiction about Cryptographic Backdoors.
1x492
Your Questions, Steve's Answers 205
Episode overview
27, 2015
The Firefox Marketplace, Google takes a bite out of Apple too, Apple agrees to a Chinese audit of their product security, and your questions!
1x493
TOR: Not so Anonymous
Episode overview
03, 2015
Regin's apparent heritage, Bad Linux "GHOST" vulnerability, and how TOR may not be so anonymous after all.
1x494
Your Questions, Steve's Answers 206
Episode overview
10, 2015
Adobe's multiple Flash patches, the U.S. Government announces a cyber threat integration center, the latest on the Anthem breach, and Steve answers listener questions!
1x495
HTTP/2
Episode overview
17, 2015
Leo and Steve catches up with several VERY interesting security events and stories of the week, then we take a close look and a deep dive into the operation of the industry's first .. show full overview
1x496
Your Questions, Steve's Answers 207
Episode overview
24, 2015
Leo and Steve discuss the week's major security events, including the revelation of the Lenovo crapware "Superfish," the joint GCHQ/NSA Gemalto attack which rendered cellular phones insecure, and Steve answers more of your questions!
1x497
Hacking Vehicles
Episode overview
03, 2015
Leo and I discuss the week's tamer-than-usual news, then we host a terrific interview of the team (recently featured on Sunday's 60 Minutes) who have been working with DARPA to address .. show full overview
1x498
Freak & RowHammer
Episode overview
12, 2015
Steve and Leo catch up with several VERY interesting security events and stories of the week, then we take a deep dive into two of the week's big security stories: FREAK and RowHammer.
1x499
Your Questions, Steve's Answers 208
Episode overview
17, 2015
A look at the new TeslaCrypt, Yahoo! to eliminate passwords, InstantCryptor and Steve answers your questions!
1x500
Secure Boot
Episode overview
24, 2015
An iPhone/iPad 4-digit PIN hack, the recent Pwn2Own hacking competition, and Steve takes a look at the evolution of booting from BIOS to UEFI and how Microsoft has leveraged this into their "Windows Secure Boot" system.
1x501
Your Questions, Steve's Answers 209
Episode overview
01, 2015
The ongoing GitHub/GreatFire.org DDoS attack, a bad vulnerability discovered in hotel/convention center/visitor routers, a detailed analysis of 10 million passwords and your questions!
1x502
The TrueCrypt Audit
Episode overview
07, 2015
CNNIC's Root CA cert to be removed from Chrome, Microsoft to change handling of Do Not Track, the "After Market" for IPv4 address space is heating up, and Steve looks at the findings of the TrueCrypt Audit.
1x503
Your Questions, Steve's Answers 210
Episode overview
14, 2015
The EFF wins its Podcast Patent Challenge, an update on CNNIC's root certificates, the Mac "Rootpipe" vulnerability, more viewer questions and Steve's Answers!
1x504
Great Firewalls & Cannons
Episode overview
21, 2015
TrueCrypt audit follow up, Google search history dump, and Steve Gibson and Leo Laporte take a close look at the mechanisms China has developed - both filtering and offensive weaponry - .. show full overview
1x505
Your Questions, Steve's Answers 211
Episode overview
28, 2015
Wi-Fi access points can crash iOS devices, CryptoWall installed via malicious ads for two months, thoughts about ad blocking, and Steve answers your questions!
1x506
Law Enforcement Backdoors
Episode overview
05, 2015
The "Pixie Dust" failure of WPS, disabling RC4, Mozilla putting on the pressure to phase out HTTP, two very different and well thought out statements about law enforcement backdoors.
1x507
Your Questions, Steve's Answers 212
Episode overview
12, 2015
Appeals court rules that sweeping up Americans' data is illegal, Europe's Smart Grid crypto is dumb, SSD on-the-shelf data retention, your questions and Steve's answers!
1x508
Exploiting Keyless Entry
Episode overview
19, 2015
Starbucks discovers the downside of convenience over security, the "Venom" vulnerability, and a look at how crooks are ransacking and stealing cars.
1x509
TLS Logjam
Episode overview
26, 2015
Let's Encrypt's Terms of Service, more on "plane hacker" Chris Roberts, a major new vulnerability in the Internet's TLS protocol known as "Logjam," and more!
1x510
Your Questions, Steve's Answers 213
Episode overview
02, 2015
Crashing (your friends') iPhones, a worrisome Mac firmware problem, Microsoft annoying and/or frightening users with unsolicited "Win10 upgrade" offers, Google's Vault and Soli projects, and your questions and Steve's answers!
1x511
Your Questions, Steve's Answers 214
Episode overview
09, 2015
Patch Tuesday, Federal backdoor development funding, a real HDD firmware bootkit, iOS v9, your questions and Steve's answers!
1x512
Mozilla Tracking Protection
Episode overview
16, 2015
Steve Gibson and Leo Laporte discuss Firefox's Tracking Protection and the state of tracking users on the internet. The LastPass network breach, more bad news from the Office of .. show full overview
1x513
Your Questions, Steve's Answers 215
Episode overview
23, 2015
How does a buffer overflow lead to an exploit? A significant cross-application security flaw in Mac OS X and iOS, the Samsung keyboard flaw, how safe is your Lastpass master password, .. show full overview
1x514
Tor’s Astoria Client
Episode overview
30, 2015
Should we trust NoScript? Adobe issues an emergency out-of-cycle patch for FLASH, an update to Google's Chrome browser unnerves some, an AM radio that steals nearby Crypto keys, a truly .. show full overview
1x515
A Crazy News Week!
Episode overview
07, 2015
Steve Gibson talks about his concerns of "Wi-Fi Sense" on Windows 10, a feature that shares your Wi-Fi password with your contacts in Facebook, Outlook and Skype. Firefox v39, ICANN's .. show full overview
1x516
Hacking Team vs. SQRL
Episode overview
14, 2015
Steve Gibson revisits SQRL with Fr. Robert Ballecer. More Hacking Team revelations including another Adobe Flash exploit and a UEFI rootkit, OpenSSL's latest problem, another plea to .. show full overview
1x517
Your Questions, Steve's Answers 216
Episode overview
21, 2015
Steve loses his T1, the official SQRL logo, Auto hacking matures from "connect" to "Internet", Microsoft's emergency out-of-cycle update, Progress in attacking RC4, and more of your questions with Steve's answers!
1x518
HORNET: A Fix For TOR?
Episode overview
28, 2015
A significant Android problem is found in the "StageFright" module, with almost a billion Android devices at risk. Fiat/Chrysler hacking follow-up, the Android "StageFright" flaw, the .. show full overview
1x519
The Windows 10 Privacy Tradeoff
Episode overview
04, 2015
Steve Gibson analyzes Windows 10's privacy settings. StageFright update, a DNS vulerability in BIND, PagerDuty suffered a database breach, OSX has a somewhat worrisome 0-day in the .. show full overview
1x520
The Quest for Surfing Safety
Episode overview
11, 2015
Steve Gibson and the search for safely navigating the internet. StageFright Watch, Windows 10 Tracking disable tool, was TrueCrypt decrypted by the FBI? Firefox vulnerability, and .. show full overview
1x521
Security Is Difficult
Episode overview
18, 2015
Steve Gibson and Leo Laporte discuss the distressing state of online web advertising. Two steps forward, one step back for Android StageFright, new Windows 10 privacy concerns, high .. show full overview
1x522
Your Questions, Steve's Answers 217
Episode overview
25, 2015
What is the best way to securely wipe a drive? Lenovo BIOS behavior retraction and update, ransomware file encryptor appears on Github, consequences of the growing intersection of life .. show full overview
1x523
uBlock Origin
Episode overview
01, 2015
Steve Gibson and Leo Laporte look at uBlock Origin, an add-on blocker for web browsers. Running Firefox as a "normal" user, malvertising hits MSN, Amazon & Google tighten up on Flash, .. show full overview
1x524
Your Questions, Steve's Answers 218
Episode overview
08, 2015
How is data stored on glass platters used in hard drives? Seagate Wi-Fi drive nightmare, AdBlock plus releases adblocking browsers on the eve of iOS 9, Android phones now coming with pre-installed malware, your questions and Steve's answers!
1x525
Disconnect.me
Episode overview
15, 2015
Steve Gibson talks with co-founder and CTO of Disconnect, a privacy and security tool to block trackers. Has LastPass been hacked? Matthew Green's look at iMessage's assurances, Canary .. show full overview
1x526
iOS Content Blockers
Episode overview
22, 2015
iOS XcodeGhost, critical Adobe FLASH update, Ashley Madison password mystery. iOS XcodeGhost discovered by Chinese developer, critical Adobe Flash update, AVG begin selling browsing and .. show full overview
1x527
Your Questions, Steve's Answers 219
Episode overview
29, 2015
Listener and columnist for ComputerWorld Michael Horowitz found that Lenovo's ThinkPad line still monitors and tracks users. Time to migrate away from TrueCrypt? AdBlocker App update, .. show full overview
1x528
Breaches & Vigilante Worms
Episode overview
06, 2015
Linux.Wifatch is a piece of code that behaves like a worm, has infected vulnerable routers, removes malware and secures the router. Breaches at Patreon, Experian & Scottrade, .. show full overview
1x529
Joe Siegrist of LastPass
Episode overview
13, 2015
Joe Siegrist talks with Steve Gibson and Leo Laporte about the recent news that LogMeIn has purchased LastPass. Joe Siegrist and the LastPass acquisition, Patch Tuesday, another dent in .. show full overview
1x530
Doing It Wrong
Episode overview
20, 2015
Steve Gibson takes a look at four companies getting security wrong. An emergency Adobe FLASH vunerability, sneaking naughty iOS apps pas Apple's scrutiny and a look at four examples (from this week) of companies getting security wrong.
1x531
Your Questions, Steve's Answers 221
Episode overview
27, 2015
Is it time to drop TrueCrypt for VeraCrypt? 1Password metadata, revisited, bad Western Digital hard drive encryption, how the NSA is seeing into encrypted data, an update on the "Let's .. show full overview
1x532
Verifying iOS App Conduct
Episode overview
04, 2015
Steve Gibson explores the fundamental problem with iOS application security enforcement. Brief glitch with uBlock Origin in the Chrome store, Symantec screws up cert issuance, "the .. show full overview
1x533
Your Questions, Steve's Answers 222
Episode overview
10, 2015
A variant of the ransomware "Power Worm" can not be decrypted even after the ransom is paid. China's new hiring problem, Firefox v42 update, don't pay the "Power Worm" ransomware, CAs .. show full overview
1x534
Encryption and the Law
Episode overview
17, 2015
The post-Paris Encryption controversy. Leo and Steve discuss a wide range of security news, Steve's feelings about the new iPad Pro, lots of interesting bit of miscellany, and we then .. show full overview
1x535
Your Questions, Steve's Answers 223
Episode overview
24, 2015
Dell, Lastpass, Windows 10, and Q&A with Steve. Dell steps in it big time, Windows 10's various recent struggles, a report of the Manhattan DA's office about Smartphone Encryption, .. show full overview
1x536
Your Questions, Steve's Answers 224
Episode overview
01, 2015
A security researcher finds 600,000 Arris cable modems have two backdoor vulnerabilities. A Follow up on last week's thoughts on warranted iPhone unlocking, Mozilla's life after Google, .. show full overview
1x537
A Mega News Week
Episode overview
08, 2015
France considers counter-terrorism measures such as blocking TOR and public Wi-Fi. Microsoft's Patch Tuesday (and Adobe Flash mega patch Tuesday!) Microsoft's new moves to force Windows .. show full overview
1x538
Your Questions, Steve's Answers 225
Episode overview
15, 2015
A security researcher exposes 13 million MacKeeper user data using the Shodan search engine. Is Kazakhstan's new encryption law a preview of future U.S. policy? FBI chief asks tech .. show full overview
1x539
Your Questions, Steve's Answers 226
Episode overview
22, 2015
Should password length be kept a secret? The stunning Juniper router backdoor, Oracle gets smacked by the U.S. Federal Trade Commission, what happens if you simply press backspace 28 .. show full overview
1x540
Vitamin D
Episode overview
29, 2015
This special episode from 2009 featured a rare off-topic discussion about Steve Gibson's research into vitamin D. This episode was originally recorded with audio only.
1x541
New Year's News
Episode overview
05, 2016
A look back at security vulnerability counts of 2015. Some GWX (Get Windows X) news updates, a Windows 10 market share snapshot, hysteria over Windows 10 disk encryption, Google issues .. show full overview
1x542
Your Questions, Steve's Answers 227
Episode overview
12, 2016
How can LastPass' Emergency Access be TNO? TrendMicro drastically lowers the bar on "you're doing it wrong", Symantec issues banned SHA-1 certs in 2016, Firefox backs off from .. show full overview
1x543
LostPass
Episode overview
19, 2016
Steve Gibson analyzes the ShmooCon presentation on "LostPass" and LastPass' response. Major Internet of Things news: Ring Doorbell, Webcams, Wi-Fi passwords in the cloud, more .. show full overview
1x544
Your Questions, Steve's Answers 228
Episode overview
26, 2016
How do I know that I am on the most secure connection with a VPN? More on the consumer encryption fight, a smartphone updating lawsuit, a new web compression standard, a website that .. show full overview
1x545
Three Dumb Routers
Episode overview
02, 2016
Steve Gibsons guide to using multiple routers for a secure network. Java is finally leaving the browser, Google's February Nexus Android update, the ongoing encryption debate, and Steve .. show full overview
1x546
Router Q&A Follow-Up
Episode overview
09, 2016
Steve Gibson looks at a severe vulnerability in eBay's online sales platform that could be the "hack of the decade." iOS Error 53 and an interesting Apple 3rd party service conundrum, .. show full overview
1x547
GRC is DOWN
Episode overview
16, 2016
Steve Gibson details how vulnerable websites can be to attacks. Steve and Leo talk about what is happening to the grc.com website and how a DDoS attack brings down a website.
1x548
DDoS Attack Mitigation
Episode overview
23, 2016
Steve Gibson on what has happened in the last week since the DDoS attack on GRC.com. Apple vs the FBI, Linux Mint, more Comodo bad news, Hollywood Presbyterian Medical Center pays .. show full overview
1x549
Your Questions, Steve's Answers 229
Episode overview
01, 2016
Steve Gibson tries to find a formal definition of a "backdoor." The ongoing Apple iPhone battle, iPhone passcode length helps a lot! So does not running as Admin under Windows, local network scanning tools, and Steve answers your questions!
1x550
CacheBleed
Episode overview
08, 2016
Steve Gibson takes a look at the CacheBleed attack. A brief Apple decryption dispute update, the first Mac OS X ransomware strikes, will quantum computing mean the end of encryption? .. show full overview
1x551
Your Questions, Steve's Answers 230
Episode overview
15, 2016
Storing encrypted information in the cloud. Encryption - dispute or dispute? A specific IoT nightmare example, BleepingComputer gets sued and asks for help, a new and horrifying DDoS .. show full overview
1x552
D.R.O.W.N.
Episode overview
22, 2016
Steve Gibson takes a closer look at the D.R.O.W.N. vulnerability & attack (and why security is hard!). FBI postpones today's court hearing, Matthew Green and four students poked a hole .. show full overview
1x553
Too Much News
Episode overview
29, 2016
Steve Gibson unveils his free tool to hold off that Windows 10 update: Never10! U.S. says it has unlocked the iPhone without Apple, California Assembly Bill AB-1681, was TrueCrypt .. show full overview
1x554
Your Questions, Steve's Answers 231
Episode overview
05, 2016
IoT: Whose "lifetime" is a lifetime subscription? A quiet week gives us a chance to catch up on some listener feedback, a few words of caution about jumping in to the IoT gadget world .. show full overview
1x555
WhatsApp
Episode overview
12, 2016
Steve Gibson analyzes the Open Whisper "Signal" protocol that has been integrated into WhatsApp. BadLock, the latest draft of the Burr/Feinstein encryption bill, the iPhone FBI hack .. show full overview
1x556
SMTP STS
Episode overview
19, 2016
A look at SMTP STS: a new specification to add Strict Transport Security (STS) to email. 60 Minutes expose' on the inter­provider SS7 signalling system, the future appears black for .. show full overview
1x557
Your Questions, Steve's Answers 232
Episode overview
26, 2016
Let's Encrypt certificate issuance update, the Net Snowden effect, the cost to unlock an (empty) iPhone, a clever AppLocker bypass to run any program, Opera's built in VPN announcement, .. show full overview
1x558
Bit Con
Episode overview
03, 2016
The U.S. Congress passed a new eMail privacy act, Edward Snowden and Fareed Zakaria debate, the still unresolved fingerprint question, Android's continuing troubles with "Stagefright", .. show full overview
1x559
Dumb SmartThings
Episode overview
10, 2016
Today's Mega Patch Tuesday for Windows, closing the chapter on Dr. Craig Wright, Lenovo, Microsoft and Qualcomm all in separate doghouses, another fun bit on Curl bashing, the unintended .. show full overview
1x568
Your Questions, Steve's Answers 237
Episode overview
12, 2016
Facebook Messenger adds "Secret Conversations", Putin vs. the Internet, the fate of Russian-based VPN endpoints, Russian hackers compromising iOS devices, Steve's follow-up to the Lenovo .. show full overview
1x560
Z­-Wave Goodbye
Episode overview
17, 2016
Steve's long love affair with Windows, the Oracle/Google JAVA API lawsuit, the pending registration of "burner" phones, surveillance microphones found in public areas, John McAfee and .. show full overview
1x561
Your Questions, Steve's Answers 234
Episode overview
24, 2016
A surprising end to the Teslacrypt file encrypting malware, Google's plan to continue squeezing Flash off the web, anyone want 117 million (old) LinkedIn email messages and passwords? .. show full overview
1x562
IoT Infancy (1)
Episode overview
31, 2016
Over-the-top Feinstein-Burr encryption bill dies in the Senate, Google's fair use API defense prevails, Google's increasing pressure on its Android partners, Bluecoat Systems obtains an .. show full overview
1x563
IoT Infancy (2)
Episode overview
07, 2016
A "Reality-Check" timeout, a new 0-day Windows exploit on the market, a truly horrifying (and clever) chip-level exploit, yesterday's monthly Android Security Update, a sad side-effect .. show full overview
1x564
Your Questions, Steve's Answers 235
Episode overview
14, 2016
BlueCoat Systems gets a new parent, a bad Chrome bug you never knew you had, prolific hacker "Peace" has another 51 million account credentials to sell, LetsEncrypt's mass emailer .. show full overview
1x565
Control-Flow Enforcement Technology (CET)
Episode overview
21, 2016
Palantir got owned - in a good way, confirmation of the danger of SMS as a 2nd factor, a frightening IoT camera experience, some confusion over the GotoMyPC full password reset, the .. show full overview
1x566
Your Questions, Steve's Answers 236
Episode overview
28, 2016
One Windows update was expensive for Microsoft, a troubling court ruling about FBI hacking, hope for slow Windows 7 updates, Comodo dops to a new low level of slimy behavior, malware .. show full overview
1x567
Hacking Certificates
Episode overview
05, 2016
Leo and I catch up with another packed week of security news, including an update on mobile ransomware, the successful extraction of Android's full disk encryption (FDE) master keys, .. show full overview
1x569
Messenger, CryptoDrop & Riffle
Episode overview
19, 2016
Leo and I catch up with a fun and interesting week of security happenings, including a bit of daylight on the password sharing question, the trouble with self reporting security .. show full overview
1x570
Your Questions, Steve's Answers 238
Episode overview
26, 2016
Apple gets Stagefright, is Russia trying to influence the U.S. presidential election? Microsoft's battles and wins against U.S. privacy overreach, Grace Hopper (who coined the term .. show full overview
1x571
Phishing & Filtering
Episode overview
02, 2016
Keysniffer: More fun with wireless keyboards. LastPass vulnerabilities, new wireless keyboard headaches, deprecating SMS as a second authentication factor, obtaining Windows 10 for free .. show full overview
1x572
Defcon & Blackhat (1)
Episode overview
09, 2016
Does ZFS "Scrub" on a FreeNAS replace SpinRite? A distressing quantity of Win10 news, Apple's changing bug bounty policy, newly disclosed Android takeover flaws, yet another way to track .. show full overview
1x573
Memory & Micro Kernels
Episode overview
16, 2016
Did Microsoft really leak their secure boot "Golden Key?" AdBlock, unblock, counter-unblock, and counter-counter-unblock is well underway, Leo's story from the field about Avast A/V, a .. show full overview
1x574
Routers & Micro Kernels
Episode overview
23, 2016
Did the Shadow Brokers hack the NSA's Equation Group? Apple's bug bounty gets quickly outbid, a critical flaw discovered in the RNG of GnuPG, the EFF weighs in on Windows 10, Chrome .. show full overview
1x575
Pegasus & Trident
Episode overview
30, 2016
The FBI has found evidence that two state election systems were attacked and hacked. Dropbox and Opera handle incidents responsibly, while a Chinese certificate authority could not have .. show full overview
1x576
Flip Feng Shui
Episode overview
06, 2016
Weaponizing RowHammer with "Flip Feng Shui" - the most incredibly righteous and sublime hack... ever! The continuing woes of WoSign, autonomous micro-recon drones turn out to be real, a .. show full overview
1x577
Your Questions, Steve's Answers 239
Episode overview
13, 2016
Is secure delete still necessary on a drive with whole disk encryption? Flip Feng Shui follow-up, Apple's announcements, Android's rough week, a bank's data center shuts down due to .. show full overview
1x578
GRC's XSS Adventure
Episode overview
20, 2016
Steve Gibson recommends the best website security scanner. Concerns over a significant expansion in effectively warrantless intrusion into end-user computers, the forthcoming change in .. show full overview
1x579
DDoS, Breaches and Other Records To Be Broken
Episode overview
27, 2016
Brian Krebs, Akamai and Google's Project Shield, Yahoo's record-breaking, massive 500 million user data breach, Apple's acknowledged iOS 10 backup PBKDF flaw, well known teen hacker .. show full overview
1x580
Your Questions, Steve's Answers 240
Episode overview
04, 2016
What is the difference between HTTPS and HSTS? An "update" on Microsoft's GWX remover, an encouraging direction for the Windows 10 Edge browser, HP's "security update" blocks non-HP ink .. show full overview
1x581
Yahoo & Primal Worries
Episode overview
11, 2016
Yahoo security, $1.5 mil iPhone bug bounty, WoSign woes, trapdoored primes. Leo and Steve discuss today's Windows update changes for 7 and 8.1, an exploit purchaser offers a $1.5 million .. show full overview
1x582
Your Questions, Steve's Answers 241
Episode overview
18, 2016
Feds demand fingerprints to unlock phones, VeraCrypt audited, life in a simulation. Leo and Steve discuss some serious concerns raised over compelled biometric authentication, a detailed .. show full overview
1x583
DRAMMER
Episode overview
25, 2016
Last Week's Botnet DDoS, Linux "Dirty COW" bug, the DRAMMER exploit. Leo and Steve discuss last week's major attack on DNS, answering the question of whether the Internet is still .. show full overview
1x584
Your Questions, Steve's Answers 242
Episode overview
01, 2016
Windows "Atom Bomb" exploit, side-channel attack on Intel processors, verifiable hacker-proof code. Leo and Steve discuss an oh-so-subtle side-channel attack on Intel processors, the .. show full overview
1x585
The Windows AtomBomb
Episode overview
08, 2016
LastPass goes mobile-free, MySQL patches, problems with OAuth, Windows Atombomb attack, and the open source LessPass app. Leo and I discuss the answer to last week’s security & privacy .. show full overview
1x586
The BlackNurse Attack
Episode overview
15, 2016
The BlackNurse Attack, PwnFest. Results from our listener's informal CAIDA spoofing testing. LessPass turned out to be even less than it appeared. Steve's day at Yubico. News from .. show full overview
1x587
Mobile & IoT Nightmares
Episode overview
22, 2016
Weaponized $5 Raspberry Pi. Samy Kamkar is back with a weaponized $5 RaspberryPI. "El Cheapo" Android phones bring new meaning to "Phoning it in". Watching a webcam getting taken over. .. show full overview
1x588
Your Questions, Steve's Answers 243
Episode overview
29, 2016
San Francisco Muni hacked. A wonderful quote about random numbers, our standard interesting mix of security do's and dont's, new exploits (WordPress dodged a big bullet!), planned .. show full overview
1x589
Your Questions, Steve's Answers 244
Episode overview
07, 2016
Gooligan breaches 1m Google accounts. Leo and Steve discuss Android meeting Gooligan, Windows Upgrades bypass Bitlocker, nearly one million UK routers taken down by a Mirai variant, the .. show full overview
1x590
Your Questions, Steve's Answers 245
Episode overview
13, 2016
A Brilliantly Horrific New Ransomware Twist. This week, Leo and Steve discuss ticket-buying bots getting their hand slapped (do they have hands?), a truly nasty new addition to .. show full overview
1x591
Law Meets Internet
Episode overview
20, 2016
1 Billion Yahoo Accounts Hacked. This week, Leo and Steve discuss Russia’s hacking involvement in the US Election; that, incredibly, it gets even worse for Yahoo!, misguided anti-porn .. show full overview
1x592
The Portable Dog Killer (2)
Episode overview
27, 2016
Steve Gibson tells how he built a device to solve a problem with a neighborhood dog. Steve Gibson tells how he built a device at 16 years old to solve a problem with a neighborhood dog. Original podcast date: May 13, 2010, Episode 248.
1x593
I'm NOT a Robot! (Really)
Episode overview
03, 2017
The Internet of Tattling Things. Law enforcement and the Internet of Tattling things, a very worrisome new and widespread PHP eMail vulnerability, Paul and Mary Jo score a big concession .. show full overview
1x594
A Look Into PHP Malware
Episode overview
10, 2017
A TV station learns to be careful when saying the "A" word. The US Federal Trade Commission steps into the IoT and home networking malpractice world, a radio station learns a lesson in .. show full overview
1x595
What’s Up with WhatsApp?
Episode overview
17, 2017
WhatsApp's non-backdoor "backdoor". A classic bug at GoDaddy bypassed domain validation for 8850 issued certificates, could flashing a peace sign compromise your biometric data?, it's .. show full overview
1x596
Password Complexity
Episode overview
24, 2017
A phishing attack that uses a browser's autofill. Symantec issues additional invalid certificates while on probation, Tavis Ormandy finds a very troubling problem in Cisco's Web .. show full overview
1x597
Traitors In Our Midst
Episode overview
31, 2017
Robot is "Not a Robot," Netgear exploit. The best “I'm not a Robot” video ever, Cisco's WebEx problem is far more pervasive than first believed, more bad news (and maybe some good news) .. show full overview
1x598
Two Armed Bandits
Episode overview
07, 2017
150,000 printers "pwned". Speak of the devil... printers around the world get hacked! Vizio's TVs really were watching their watchers, Windows has a new 0-day problem, Android's .. show full overview
1x602
Let’s Spoof!
Episode overview
07, 2017
Why Amazon AWS S3 crashed the web. Countdown to March's patch Tuesday; what was behind Amazon's S3 outage? Why don't I have a cellular connectivity backup? Some additional Cloudflare .. show full overview
1x599
TLS Interception INsecurity
Episode overview
14, 2017
Uncontrolled TLS Interception. Patch Tuesday DELAYED (and we may know why!), our favorite ad-blocker embraces the last major browser, a university gets attacked by its own vending .. show full overview
1x600
The MMU Side-Channel Attack
Episode overview
21, 2017
Microsoft Patch Tuesday for February is cancelled! The story behind Microsoft's Patch Tuesday security update disaster. CyberX discovered a new large-scale cyber-reconnaissance .. show full overview
1x601
The First SHA-1 Collision
Episode overview
28, 2017
Cloudbleed vs. Cloudflare. This week, Leo and Steve discuss the "CloudBleed" adventure, another project zero 90-day timer expires for Microsoft, this week's IoT head-shaker, a New York .. show full overview
1x603
Vault 7
Episode overview
14, 2017
CIA Vault 7 Tools Analyzed. This week Steve and Leo discuss March's long-awaited patch Tuesday, the release deployment of Google Invisible reCaptcha, getting more than you bargained for .. show full overview
1x604
Taming Web Ads
Episode overview
21, 2017
Bye-Bye, Windows 7 Updates. This week Steve and Leo discuss developments in the new windows on old hardware front, Cisco finds a surprise in the Vault7 docs, Ubiquity was caught with .. show full overview
1x605
Google -vs- Symantec
Episode overview
28, 2017
This week Steve and Jason discuss… Google’s Tavis Ormandy takes a shower, iOS gets a massive feature and security update, a new target for ‘Bot money harvesting appears, Microsoft .. show full overview
1x606
Proactive Privacy
Episode overview
04, 2017
Step-by-step digital privacy. This week Steve and Leo discuss another iOS update update, more bad news and some good news on the IoT front, the readout on Tavis Ormandy's shower .. show full overview
1x607
Proactive Privacy, Really!
Episode overview
11, 2017
Protecting your privacy as you surf online. This week Steve and Leo discuss Symantec finding 40 past attacks explained by the Vault7 document leaks, an incremental improvement coming to .. show full overview
1x608
News & Feedback Potpourri
Episode overview
18, 2017
Stealing PINs, Fingerprint Sensors. This week Steve and Leo discuss another new side-channel attack on smartphone PIN entry (and much more), Smartphone fingerprint readers turn out to .. show full overview
1x609
The Double Pulsar
Episode overview
25, 2017
DoublePulsar, Google Ad Blocking. This week Steve and Leo discuss how one of the NSA's Vault7 vulnerabilities has gotten loose, a clever hacker removes Microsoft deliberate (and .. show full overview
1x610
Intel's Mismanagement Engine
Episode overview
02, 2017
A May Day Mayday for Intel. This week Steve and Leo discuss the long-expected remote vulnerability in Intel's super-secret motherboard Management Engine technology, exploitable open .. show full overview
1x611
Go FCC Yourself
Episode overview
09, 2017
Intel AMT Horror, Net Neutrality. This week Steve and Leo discuss much more about the Intel ATM nightmare, Tavis and Natalie discover a serious problem in Microsoft's built-in malware .. show full overview
1x612
Makes You WannaCry
Episode overview
16, 2017
WannaCry Ransomware, FCC DDoS. This week Steve and Leo discuss an update on the FCC's Net Neutrality comments, the discovery of an active keystroke logger on dozens of HP computer .. show full overview
1x613
WannaCry Aftermath
Episode overview
23, 2017
WannaCry Aftermath, Hacking Trump. This week we examine a bunch of WannaCry follow-ups, including some new background, reports of abilities to decrypt drives, attacks on the Killswitch, .. show full overview
1x614
Vulnerabilities Galore!
Episode overview
30, 2017
Chipotle Hack, Malware Subtitles. This week we discuss a new non-eMail medium for spear phishing, Chipotle can't catch a break, social engineering WannaCry exploits on Android, video .. show full overview
1x615
Legacy's Long Tail
Episode overview
06, 2017
OneLogin Breach, Hacking Submarines. This week we discuss an embarrassing high-profile breach of an online identity company, an over-hyped problem found in Linux's sudo command, the .. show full overview
1x616
Things Are Getting Worse
Episode overview
13, 2017
Social media malware, Russia is hacking through AMP, Bitcoin malware. This week we discuss clever malware hiding its social media communications, the NSA documents the Russian election .. show full overview
1x617
When Governments React
Episode overview
20, 2017
Governments Want Web Security Keys. This week we discuss France, Britain, Japan, Germany & Russia each veering around in their Crypto Crash Cars, Wikileaks' Vault7 reveals widespread .. show full overview
1x618
Research: Useful and Otherwise
Episode overview
27, 2017
Crypto in a Lightbulb. This week we discuss another terrific NIST initiative, RSA crypto in a quantum computing world, Cisco's specious malware detection claims, the meaning of .. show full overview
1x619
All the Usual Suspects
Episode overview
11, 2017
W3C adds DRM to HTML5, Facebook can track logged out users, jailbreaking drones and more! This week we have all the usual suspects: Governments regulating their citizenry, evolving .. show full overview
1x620
Calm Before the Storm
Episode overview
18, 2017
MySpace Hack, Net Neutrality. This week, while waiting for news from the upcoming BlackHat & DefCon conventions, we discuss another terrific security eBook bundle offer, a Net .. show full overview
1x621
Crypto Tension
Episode overview
25, 2017
Arresting ethical hackers, Verizon caught violating Title II, Roomba maker wants to sell maps of your home. We start off this week with a fabulous picture of the week and for the first .. show full overview
1x622
Hack the Vote
Episode overview
01, 2017
DEF CON Antics, Facebook Kills AI. This week we look at the expected DEF CON fallout including the hacking of US election voting machines, Microsoft's enhanced bug bounty program, the .. show full overview
1x623
Inching Forward
Episode overview
08, 2017
DigiCert, LastPass, IoT Security. This week we discuss and look into DigiCert's acquisition of Symantec's certificate authority business unit, LogMeIn's LastPass Premium price hike, the .. show full overview
1x624
Twelve and Counting
Episode overview
15, 2017
Password Rules Changes. This week we have a Marcus Hutchins update, the backstory on the NIST's rewrite of their 15-year-old password guidance, can DNA be used to hack a computer? Can .. show full overview
1x625
Security Politics
Episode overview
22, 2017
Marcus Hutchins drama update, Apple's Secure Enclave decryption key, rating "Terms of Service". This week we discuss the continuing Marcus Hutchins drama, the disclosure of a .. show full overview
1x626
Shattering Trust
Episode overview
29, 2017
CIA Hacks FBI & NSA. This week we cover a bit of the ongoing drama surrounding Marcus Hutchins, examine a reported instance of interagency hacking, follow the evolving market for 0-day .. show full overview
1x627
Sharknado
Episode overview
05, 2017
SharknAT&To Zero Day Hack. (Although there are an unbelievable FIVE Sharknado movies, this will be the first and last time we use that title for a podcast!) This week we have another .. show full overview
1x628
Equifax Fiasco
Episode overview
12, 2017
Biggest. Security Leak. Ever. This week we discuss last Friday's passing of our dear friend and colleague Jerry Pournelle, when AI is turned to evil purpose, whether and when Google's .. show full overview
1x629
Apple Bakes Cookies
Episode overview
19, 2017
Equifax, EFF vs WC3, CCleaner. This week Padre and Steve discuss what was up with Security Now's recent audio troubles, more on the Equifax Fiasco, the EFF & Cory Doctorow weigh in on .. show full overview
1x630
The Great DOM Fuzz-Off
Episode overview
26, 2017
Did China Attack Equifax? CCleaner breach, DOM fuzzing at Google's Project Zero. This week, Father Robert and Steve follow more Equifax breach fallout, look at encryption standards .. show full overview
1x631
Private Contact Discovery
Episode overview
03, 2017
Moxie Marlinspike and Signal. This week we discuss some aspects of iOS v11, the emergence of browser hijack cryptocurrency mining, new information about the Equifax hack, Google .. show full overview
1x632
The​ ​DNSSEC​ ​Challenge
Episode overview
10, 2017
D​omain N​ame S​ystem SEC​urity Extensions. This week we take a look at a well-handled breach-response at Disqus, a rather horrifying mistake Apple made in the implementation of their .. show full overview
1x633
KRACKing WiFi
Episode overview
17, 2017
KRACK and ROCA. This week, we examine ROCA's easily factorable public keys, the surprising prevalence of web-based cryptocurrency mining, some interesting work in iOS password dialog .. show full overview
1x634
IoT Flash Botnets
Episode overview
24, 2017
The Next Big IoT Botnet. This week we discuss some ROCA fallout specifics, an example of PRNG misuse, the Kaspersky Lab controversy, a DNS security initiative for Android, another .. show full overview
1x635
Reaper Redux
Episode overview
01, 2017
An update on the Reaper botnet. This week we examine the source of WannaCry, a new privacy feature for Firefox, Google's planned removal of HPKP, the idea of visual objects as a second .. show full overview
1x636
ROCA Pain
Episode overview
07, 2017
ROCA Crypto Key Flaw Even Worse. This week we discuss the inevitable dilution in the value of code signing, a new worrisome cross-site privacy leakage, is Unix embedded in all our .. show full overview
1x637
Schneier on Equifax
Episode overview
14, 2017
Mr. Schneier Goes to Washington. This week we discuss why Steve won't be relying upon Face ID for security, a clever new hack of longstanding NTFS and Windows behavior, the Vault8 .. show full overview
1x638
Quad Nine
Episode overview
21, 2017
Quad 9 is the New DNS Hotness. This week we discuss Windows having a birthday, Net Neutrality about to succumb to big business despite a valiant battle, Intel's response to the .. show full overview
1x639
News & Feedback
Episode overview
28, 2017
Hide Your Mac! This week we discuss a new bad bug found in the majority of SMTP mailing agents, 54 high-end HP printers found to be remotely exploitable, more than 3/4ths of 433,000 .. show full overview
1x640
More News & Feedback
Episode overview
05, 2017
Apple Snafu, FB Wants Your Pix. This week we discuss the long-awaited end of StartCom & StartSSL, inside last week's macOS passwordless root account access and problems with Apple's .. show full overview
1x641
The iOS Security Trade-off
Episode overview
12, 2017
iOS Jailbreak, Cryptocurrency Woes. This week we discuss the details behind the "USB / JTAG takeover" of Intel's Management Engine, a rare Project Zero discovery, Microsoft's .. show full overview
1x642
BGP
Episode overview
19, 2017
Border Gateway Protocol Security. This week we examine how Estonia handled the Infineon crypto bug, two additional consequences of the pressure to maliciously mine cryptocurrency, .. show full overview
1x643
The Story of Bitcoin
Episode overview
26, 2017
How Bitcoin works. In this special rebroadcast of Security Now from February 9, 2011, Steve Gibson explains, in detail, exactly how Bitcoin works.
1x644
NSA Fingerprints
Episode overview
02, 2018
Betrayed by Our Browser's AutoFill. This week we discuss a new clever and disheartening abuse of our browser's handy-dandy username and password autofill, some recent and frantic .. show full overview
1x645
The Speculation Meltdown
Episode overview
09, 2018
Meltdown and Spectre Explained. This week, before we focus upon the industry-wide catastrophe enabled by precisely timing the instructed execution of all contemporary high-performance .. show full overview
1x646
The InSpectre
Episode overview
16, 2018
Steve Gibson explains his "Inspectre" utility for Meltdown and Spectre. This week we discuss more trouble with Intel's AMT, what does Skype's use of Signal really mean, the UK's data .. show full overview
1x647
The Dark Caracal
Episode overview
23, 2018
State-sponsored Cyber Espionage. The Meltdown and Spectre vulnerabilities continue to dominate the week’s news. So we’ll first catch up with what's new there, then discuss the new Net .. show full overview
1x648
Post Spectre?
Episode overview
30, 2018
Spectre Keeps on Giving. This week we discuss continuing Spectre updates, how not to treat Tavis Ormandy, a popular dating app where you'd really hope for HTTPS but be surprised to find .. show full overview
1x649
Meltdown & Spectre Emerge
Episode overview
06, 2018
Meltdown & Spectre in the Wild. This week we observe that the Net Neutrality battle is actually FAR from lost, ComputerWorld’s Woody Leonard enumerates a crazy January of updates, .. show full overview
1x650
CryptoCurrency Antics
Episode overview
13, 2018
5 Interesting CryptoCurrency Tales. This week we discuss today's preempted 2nd Tuesday of the month, slow progress on the Intel Spectre firmware update front, a .. show full overview
1x651
Russian Meddling Technology
Episode overview
20, 2018
How Russia's 2016 election information warfare worked. This week we examine and discuss the appearance of new forms of Meltdown and Spectre attacks, the legal response against Intel, .. show full overview
1x652
WebAssembly
Episode overview
27, 2018
iPhones Hacked, Android P Security. This week we discuss Intel’s Spectre & Meltdown microcode update, this week in crypto jacking, Tavis strikes again, Georgia on my mind (and not in a .. show full overview
1x653
MemCrashed
Episode overview
06, 2018
Biggest. DDoS. Ever. This week we discuss some very welcome microcode news from Microsoft, ten (yes, ten!) new 4G LTE network attacks, the battle over how secure TLS v1.3 will be allowed .. show full overview
1x654
AMD Chipset Disaster
Episode overview
13, 2018
AMD Security Flaws, DDoS Attacks. This week we discuss the just-released news of major trouble for AMD's chipset security, ISPs actively spreading state-sponsored malware, Windows 10 S .. show full overview
1x655
Pwn2Own 2018
Episode overview
20, 2018
AMD Flaws, Pwn2Own winners. This week we discuss the aftermath of CTS Labs' abrupt disclosure of flaws in AMD's outsourced chipsets, Intel's plans for the future and their recent .. show full overview
1x656
TLS v1.3 Happens
Episode overview
27, 2018
Election Security, CLOUD Act. The mess with US voting machines, technology's inherent security vs convenience tradeoff, the evolving 2018 global threat landscape, welcome news on the .. show full overview
1x657
ProtonMail
Episode overview
03, 2018
Secure Email, 1.1.1.1. This week we discuss "DrupalGeddon2", Cloudflare's new DNS offering, a reminder about GRC's DNS Benchmark, Microsoft's Meltdown meltdown, the persistent iOS QR .. show full overview
1x658
Deprecating TLS 1.0 & 1.1
Episode overview
10, 2018
Spectre, Net Neutrality, Kill TLS 1.0. This week we discuss Intel's big Spectre microcode announcement, Telegram is not long for Russia, the US law enforcement's continuing push for .. show full overview
1x659
Never a Dull Moment
Episode overview
17, 2018
AMD vs Spectre, Telegram vs Russia. This week we discuss AMD's release of their long-awaited Spectre variant 2 microcode patches, the end of Telegram messenger in Russia, the on-time .. show full overview
1x660
Azure Sphere
Episode overview
23, 2018
IoT Security. This week we discuss Drupalgeddon2 continuing to unfold right on plan, the Orangeworm takes aim at medical equipment and companies, the FDA moves forward on requiring .. show full overview
1x661
Securing Connected Things
Episode overview
01, 2018
IoT Security Complications. Windows 10 got a new spring in its step, Microsoft further patches Intel microcode, even the UK's NHS plans to update, another hack of modern connected .. show full overview
1x662
Spectre - NextGen
Episode overview
08, 2018
Russia v Telegram, New Spectre Bug. This week we begin by updating the status of several ongoing security stories: Russia vs Telegram, DrupalGeddon2, and the return of RowHammer. We .. show full overview
1x663
Ultra-Clever Attacks
Episode overview
15, 2018
eFail and Throwhammer. This week we will examine two incredibly clever, new (and bad) attacks named eFail and Throwhammer. But first we catchup on the rest of the past week's security .. show full overview
1x664
SpectreNG Revealed
Episode overview
22, 2018
Next-generation of Spectre speculation flaws. This week we examine the recent flaws discovered in the secure Signal messaging app for desktops, the rise in DNS router hijacking, another .. show full overview
1x665
VPNFilter
Episode overview
29, 2018
FBI Says: Reboot Your Router NOW. This week we discuss Oracle's planned end of serialization, Ghostery's GDPR faux paus, the emergence of a clever new banking Trojan, Amazon Echo and .. show full overview
1x666
Certificate Transparency
Episode overview
05, 2018
What is "Certificate Transparency?" This week we discuss yesterday's further good privacy news from Apple, the continuation of VPNFilter, an extremely clever web browser cross-site .. show full overview
1x667
Zippity Do... or Don't
Episode overview
12, 2018
Active Wormable Exploitation. This week we update again on VPNFilter, look at another new emerging threat, check in on Drupalgeddon2, examine a very troubling remote Android .. show full overview
1x668
Lazy FPU State Restore
Episode overview
19, 2018
Meltdown, Spectre & Lazy Restores. This week we examine a rather "mega" patch Tuesday, a nifty hack of Win10's Cortana, Microsoft's official "when do we patch" guidelines, the .. show full overview
1x669
Cellular Location Privacy
Episode overview
26, 2018
SCOTUS Cell Phone Location Privacy. This week we examine some new side-channel worries and vulnerabilities, did Mandiant "hack back" on China?, more trouble with browsers, the big .. show full overview
1x670
Wi-Fi Protected Access v3
Episode overview
03, 2018
WPA3 Wi-Fi Security on the Way. This week we discuss the interesting case of a VirusTotal upload... or was it?, newly discovered problems with our 4G LTE... and even what follows, .. show full overview
1x671
STARTTLS Everywhere
Episode overview
10, 2018
Fortnite Malware, Email Security. This week we discuss another worrisome trend in malware, another fitness tracking mapping incident and mistake, something to warn our friends and .. show full overview
1x672
All Up in Their Business
Episode overview
17, 2018
Russian Election Hack Indictments. This week we look at even MORE, new, Spectre-related attacks, highlights from last Tuesday's monthly patch event, advances in GPS spoofing technology, .. show full overview
1x673
The Data Transfer Project
Episode overview
24, 2018
Google, MS, FB, & Twitter Play Nice. This week as we examine still another new Spectre processor speculation attack, some news on DRAM hammering attacks and mitigation, the consequences .. show full overview
1x675
New WiFi Password Attack
Episode overview
07, 2018
Hacking WiFi passwords. This week we discuss yet another new and diabolical router hack and attack, Reddit's discovery of SMS 2FA failure, WannaCry refuses to die, law enforcement's .. show full overview
1x676
The Mega FaxSploit
Episode overview
14, 2018
Black Hat and DEF CON 2018 Hacks. This week we cover lots of discoveries revealed during last week's Black Hat 2018 and DEF CON 26 Las Vegas security conferences. Among them, 47 .. show full overview
1x677
The Foreshadow Flaw
Episode overview
21, 2018
The Latest Intel Speculation Disaster. As we head into our 14th year of Security Now​, this week we look at some of the research released during last week's USENIX Security symposium, .. show full overview
1x678
Never a Dull Moment
Episode overview
28, 2018
Another busy week. This week we catch-up with another busy week. We look at Firefox's changing certificate policies, the danger of grabbing a second-hand domain, the Fortnite mess on .. show full overview
1x674
Attacking Bluetooth Pairing
Episode overview
31, 2018
"Death Botnet," Google Titan Key. This week we examine still another new Spectre processor speculation attack, we look at the new "Death Botnet", the security of the US DoD websites, .. show full overview
1x679
SonarSnoop
Episode overview
04, 2018
Turn Your Phone Into a Sonar. This week we cover the expected exploitation of the most recent Apache STRUTS vulnerability, a temporary interim patch for the Windows 0-day privilege .. show full overview
1x680
Exploits & Updates
Episode overview
11, 2018
Win7 2023, Chrome 69, PWD=1234. This week we discuss Windows 7's additional three years of support life, MicroTik routers back in the news (and not in a good way), Google Chrome 69's .. show full overview
1x681
The Browser Extension Ecosystem
Episode overview
18, 2018
Presidential Alerts, Safari Ripper. This week we prepare for the first ever Presidential Alert unblockable nationwide text message, we examine Chrome's temporary "www" removal reversal, .. show full overview
1x682
SNI Encryption
Episode overview
25, 2018
Chrome 69 Issues, Browser Reaper. This week we look at additional changes coming from Google's Chromium team, another powerful instance of newer cross-platform malware, the publication .. show full overview
1x683
The Facebook Breach
Episode overview
02, 2018
US Sues CA, 50M FB Accounts Hacked. This week we discuss yet another treat from Cloudflare, the growing legislative battle over Net Neutrality, the rise of Python malware, Cisco's .. show full overview
1x684
The Supply Chain
Episode overview
09, 2018
China Chip Hack, Google+ . An October Surprise of a different sort - Windows 10 update deletes users' files. A security researcher has massively weaponzied the existing MicroTik .. show full overview
1x685
Good Samaritans?
Episode overview
16, 2018
Paul Allen, Microsoft's October patching fiasco, & the end of TLS v1.0 and 1.1. This week we observe the untimely death of Microsoft’s co-founder Paul Allen, revisit the controversial .. show full overview
1x686
Libssh's Big Whoopsie!
Episode overview
23, 2018
A Truly Gobsmacking Libssh Error. This week a widely used embedded OS (FreeRTOS) is in the doghouse, as are at least eight D-Link routers which have serious problems most of which .. show full overview
1x687
Securing the Vending Machine
Episode overview
30, 2018
More Zero-day exploits in Windows 10, publicly exposed Docker Engine APIs, Google's plan to fix Android, the DoD is expanding its existing "Hack the Pentagon" bug-bounty program to .. show full overview
1x688
PortSmash
Episode overview
06, 2018
A close look at the impact and implication of the new “PortSmash” attack against Intel (and almost certainly other) processors. The new “BleedingBit” Bluetooth flaws. JavaScript is .. show full overview
1x689
Self-Decrypting Drives
Episode overview
13, 2018
SSD Encryption Flaws. Last month's Patch Tuesday, this month. A GDPR-inspired lawsuit filed by Privacy International. Check these two router ports to protect against a new botnet .. show full overview
1x690
Are Passwords Immortal?
Episode overview
20, 2018
Pwn2Own, the Future of Passwords. All the action at last week's Pwn2Own Mobile hacking contest. The final word on processor mis-design in the Meltdown/Spectre era. A workable .. show full overview
1x691
ECCploit
Episode overview
27, 2018
The Next Evolution of Rowhammer. Yesterday, the US Supreme Court heard Apple's argument about why a class action lawsuit against their monopoly App Store should not be allowed to .. show full overview
1x692
GPU RAM Image Leakage
Episode overview
04, 2018
Marriott Breach, Printer Spam. Another Lenovo SuperFish-style local security certificate screw up. The Marriott breach and several other new, large and high-profile secure breach .. show full overview
1x693
Internal Bug Discovery
Episode overview
11, 2018
Australia's recently passed anti-encryption legislation Details of a couple more mega-breaches including a bit of Marriott follow-up A welcome call for legislation from .. show full overview
1x694
The SQLite RCE Flaw
Episode overview
18, 2018
Rhode Island's response to Google's recent API flaw Signal's response to Australia's anti-encryption legislation The return of PewDiePie US border agents retaining .. show full overview
1x695
Our Best of 2018
Episode overview
25, 2018
The Best of Security Now from 2018!
1x696
Here Comes 2019!
Episode overview
08, 2019
The NSA announces the forthcoming release of an internal powerful reverse-engineering tool for examining and understanding other people's code. Emergency out-of-cycle patches .. show full overview
1x697
Zerodium
Episode overview
15, 2019
The implications of the recent increase in bounty for the purchase of 0-day vulnerabilities. The intended and unintended consequences of last week's Windows Patch Tuesday. .. show full overview
1x698
Which Mobile VPN Client?
Episode overview
22, 2019
Which is the right VPN client for Android, and which should you avoid at all costs? A very worrisome WiFi bug affecting billions of devices Hack a Tesla Model 3 at .. show full overview
1x699
Browser Extension Security
Episode overview
29, 2019
Can browsers be flexible and secure? The expressive power of the social media friends we keep The persistent DNS hijacking campaign which has the US Government quite .. show full overview
1x700
700 and Counting!
Episode overview
05, 2019
Battle Typo-squatters, Linux Patch Chrome gets "spell-check for URLs" Catch up on your Linux patch up! Performance enhancements for Chrome and FireFox. Facebook must .. show full overview
1x701
Adiantum
Episode overview
12, 2019
Google Adiantum, FaceTime Fix Apple's most recent v12.1.4 iOS update and the two 0-day vulnerabilities it closed Worrisome new Android image-display vulnerability An .. show full overview
1x702
Authenticity on the Internet
Episode overview
19, 2019
Elon's Dangerous AI, PiDP-11. Last week's doozy of a patch Tuesday for both Microsoft and Adobe An interesting twist coming to Windows 7 and Server 2008 security updates .. show full overview
1x703
Out in the Wild
Episode overview
26, 2019
Attacks in the Wild A number of ongoing out-in-the-wild attacks Another early-warned Drupal vulnerability A 19-year old flaw in an obscure decompress for the "ACE" .. show full overview
1x704
Careers in Bug Hunting
Episode overview
05, 2019
The increasing feasibility of making a sustainable career out of hunting for software bugs A newly available improvement in Spectre mitigation performance and who can try it .. show full overview
1x705
SPOILER
Episode overview
12, 2019
0-day exploit bidding war NSA releases Ghidra v9 Firefox's adds Tor privacy A pair of nasty 0-days A worrisome breach at Citrix The risk of claiming to be an .. show full overview
1x706
Open Source eVoting
Episode overview
19, 2019
Last week's Patch Tuesday March Madness Win7 SHA256 Windows Update... Update Many attacks leveraging the recently discovered WinRAR vulnerability What happens when .. show full overview
1x707
Tesla, Pwned
Episode overview
26, 2019
The return of "Clippy", Microsoft's much-loathed dancing paperclip Operation "ShadowHammer" which reports say compromised ASUS (... but did it?) The ransomware attack on .. show full overview
1x708
Android Security
Episode overview
02, 2019
Android Security, 10 Years Later WinRAR, a 20+ Year Old Tool With 500M Users, Acknowledged Vulnerability Russian GPS Hacking and What It Means For Us Android's April .. show full overview
1x709
URL “Ping” Tracking
Episode overview
09, 2019
Your Browser is Tracking You, UK vs Social Media Yet another capitulation in the (virtually lost) battle against tracking our behavior on the Internet with URL "ping" .. show full overview
1x710
DragonBlood
Episode overview
16, 2019
DragonBlood: the first effective attack on the new WPA3 protocol • Malicious use of the URL tracking "ping" attribute • The WinRAR Nightmare • More 3rd-party A/V troubles with .. show full overview
1x711
DNSpionage
Episode overview
23, 2019
Top Security Stories this Week: • Google uses its "sensorvault" to help catch the bad guys. • Time to update Drupal again. • Facebook steals users' email contact lists, logs plaintext .. show full overview
1x712
Credential Stuffing Attacks
Episode overview
30, 2019
The large and emerging threat of website credential stuffing attacks. • Privacy fallout from our recent coverage of Facebook and Google • The uptake rate of recent Windows 10 feature .. show full overview
1x713
Post-Coinhive Cryptojacking
Episode overview
07, 2019
This Week's Stories • The continuing and changing world of cryptojacking after Coinhive closed their doors last month. • Google's announcement of self-expiring data retention • The .. show full overview
1x714
Android 'Q'
Episode overview
14, 2019
This Week's Stories • Update WhatsApp NOW! • Security News from Google I/O 2019 conference • A new exploitable flaw in all Linux kernels earlier than v5.0.8 • A new set of flaws .. show full overview
1x715
CPU.fail
Episode overview
21, 2019
This Week's Stories • The next round of Intel processor information leakage problems: Microarchitectural Data Sampling vulnerabilities • Last Tuesday's patches from Microsoft, Abode .. show full overview
1x716
RDP - Really Do Patch
Episode overview
28, 2019
• The Internet is Doomed: BlueKeep Attacks Windows Remote Desktop Protocol • Google Stores Unhashed G Suite Passwords • Sandbox Escaper Drops FIVE New Zero-Day Exploits • Microsoft's .. show full overview
1x717
The Nansh0u Campaign
Episode overview
04, 2019
Checking in on the BlueKeep RDP vulnerability • The planned shutdown of one of the most "successful" affiliate-based ransomware systems • An update on the anti-Robocalling problem • .. show full overview
1x718
Update Exim Now!
Episode overview
11, 2019
SandboxEscaper drops another 0-day • The still-not-yet-widely-exploited BlueKeep vulnerability • GoldBrute Botnet pounding on RDP servers (but not yet using BlueKeep) • The FBI issued .. show full overview
1x719
Exim Under Siege
Episode overview
18, 2019
• A new DRAM problem called "RAMBleed" • A bad Linux TCP SACK server kernel crashing flaw • Last week's patch Tuesday • A Bluetooth surprise • Another useless warning about the .. show full overview
1x720
Bug Bounty Business
Episode overview
25, 2019
Update on the Linux TCP SACK Kernel panic • Hackers exploit a Firefox flaw and attack Coinbase • Google corrects a flaw with Nestcam • An elegant solution to OpenSSH key theft via .. show full overview
1x721
Exposed Cloud Databases
Episode overview
02, 2019
Ransomware in Florida and elsewhere • The "Going Dark" anti-encryption debate • A BlueKeep Proof of Concept demo produced by the guys at SophosLabs • Massive publicly-exposed .. show full overview
1x722
Gem Hack & Ghost Protocol
Episode overview
09, 2019
• Mozilla's privacy-enhancing DNS over HTTPS support • Facial recognition and automobile license plate scanners • The future of satellite-based Internet services • How a Ruby code .. show full overview
1x723
Encrypting DNS
Episode overview
16, 2019
• Bullet points from last Tuesday's monthly Windows patches as well • Notes from the end of Windows 7 • Laporte County Under Ransomware Attack • The mixed blessing of fining companies .. show full overview
1x724
Hide Your RDP Now!
Episode overview
23, 2019
This Week's Stories • Welcome to Kazakhstan! Please check your privacy at the border. • Mozilla marking all non-HTTPS pages as "not secure" • Chrome Incognito Mode getting a bit more .. show full overview
1x725
Urgent/11
Episode overview
30, 2019
This Week's Stories Marcus Hutchins … is Free! U.S. Attorney General Bill Barr on "warrant proof data encryption" What malware is the most popular underground? This .. show full overview
1x726
Steve’s File Sync Journey
Episode overview
06, 2019
This week's stories • A widespread false alarm about Facebook's planned subversion of end-to-end encryption • Still more municipality Ransomware attacks • Anti-encryption saber .. show full overview
1x727
BlackHat & DefCon
Episode overview
13, 2019
This Week's Stories BlackHat and Def Con 2019 Microsoft dangles $300,000 for Azure hacks at BlackHat... Hotel chaos from Germany's Chaos Computer Club 40 dangerous .. show full overview
1x728
The KNOB is Broken
Episode overview
20, 2019
• Last Tuesday was another busy and important patch Tuesday • And speaking of Patch Tuesday... 3rd-Party A/V Strikes Again! • Kaspersky facilitates independent web tracking • So, what .. show full overview
1x729
Next Gen Ad Privacy
Episode overview
27, 2019
• Texas Ransomware Update • Remember that Kazakhstan cert? • The mixed-blessing of "wide open" source projects • RubyGems is in trouble again • Chrome to add data breach notification • iOS v12.4 updated quickly to 12.4.1 • Next-gen ad privacy
1x730
The Ransomware Epidemic
Episode overview
03, 2019
This Week's Stories: Google expands its bug bounty program New bug bounty millionaires Google's Project Zero group dropped a bomb on iOS Ransomware attacks on local governments and businesses are on the rise
1x731
DeepFakes
Episode overview
10, 2019
This week's stories: Get rich quick spotting deepfakes! A forced two-day recess of all schools in Flagstaff, Arizona The case of a ransomware operator being too greedy .. show full overview
1x732
SIM Jacking
Episode overview
17, 2019
This Week's Stories SIMjacker allows attackers to hijack any phone just by sending it an SMS message. Here comes iOS "Lucky" 13! Chrome follows Mozilla to DoH with a .. show full overview
1x733
Top 25 Bug Classes
Episode overview
24, 2019
This Week's Stories: Cryptomining makes a comeback The top three most attacked ports Small office/home office (SOHO) routers and wireless access points: “SOHOpelessly .. show full overview
1x734
The Joy of Sync
Episode overview
01, 2019
This Week's Stories The latest state-of-the-art secure solutions for cross-device, cross-location device synchronization Mozilla's recently announced plans to gradually and .. show full overview
1x735
Makes Ya WannaCry
Episode overview
08, 2019
Ransomware hits schools, hospitals, and hearing aid manufacturers Sodinokibi: the latest advances in Ransomware-as-a-Service Win7 Extended Security Updates are .. show full overview
1x736
CheckM8
Episode overview
15, 2019
This week's stories A sobering reminder about supply chain attacks Facebook's stance on end-to-end encryption raises official protests UNIX’s Co-Creator Ken Thompson's .. show full overview
1x737
Biometric Mess
Episode overview
22, 2019
Pixel 4 Face Unlock is so easy you can do it with your eyes closed! Samsung Galaxy S10 and Note 10 fingerprint sensor can be foiled with a $3 screen protector. The frenzy .. show full overview
1x738
A Foregone Conclusion
Episode overview
29, 2019
This Week's Stories 3rd-party antivirus strikes again Windows Defender offline scan Adobe databases hacked Johannesburg hit by ransomware Firefox's .. show full overview
1x739
DOH and Bluekeep
Episode overview
05, 2019
October's Windows Patch Tuesday BROKE Windows' ability to connect to a significant number of the Internet's websites. Here's how to fix it. Chrome 78 disables Code Integrity .. show full overview
1x740
Credential Delegation
Episode overview
12, 2019
CheckM8 & Checkra.in moves to first public beta The case of the misbehaving transducer BlueKeep and Microsoft BlueKeep and BSODs BlueKeep and Marcus Hutchins Mozilla .. show full overview
1x740
Credential Delegation
Episode overview
19, 2019
CheckM8 & Checkra.in moves to first public beta The case of the misbehaving transducer BlueKeep and Microsoft BlueKeep and BSODs BlueKeep and Marcus Hutchins .. show full overview
1x741
TPM-FAIL
Episode overview
26, 2019
November's Patch Tuesday is the antepenultimate free Windows 7 update CheckM8 & https://Checkra.in GitHub launches Security Lab to boost open-source security .. show full overview
1x742
Pushing "DoH"
Episode overview
03, 2019
The future of the Linux kernel underneath the Android OS Inherent challenges presented by the nature of the Android ecosystem VNC users: Time to update! A welcome .. show full overview
1x743
Android “StrandHogg”
Episode overview
10, 2019
This Week's Stories Everyone can still upgrade to Windows 10 for free with this trick HP SSDs fail after 32768 hours The EU is not happy about a possible US encryption .. show full overview
1x744
VPN-geddon Denied
Episode overview
10, 2019
This Week's Stories Microsoft has started forcing feature updates on people who don't want them. Bypass to continue obtaining Win7 updates created. Microsoft's Project .. show full overview
1x745
PlunderVolt
Episode overview
17, 2019
This Week's Stories: Google turns over 1500 users' location data to catch Milwaukee arsonist Android's Messenger app offers its users verified SMS messaging conversations with .. show full overview
1x746
A Decade of Hacks
Episode overview
23, 2019
On this Eve of 2020, we look back over the hacks of the past decade: The big news of 2010 was Stuxnet -- Boy did THAT make an impression Operation Aurora - the hack that changed .. show full overview
1x747
The Year's Best
Episode overview
31, 2019
The best of Security Now from 2019. Download or subscribe to this show at https://twit.tv/shows/security-now. You can submit a question to Security Now! at the GRC Feedback Page.
1x748
Our Malware Lexicon
Episode overview
07, 2020
This Week's Stories The Deadly Seven top cybersecurity attacks Russia successfully cuts itself off from the rest of the internet. Love Wawa? Surprise! Your credit .. show full overview
1x749
Windows 7 - R. I. P.
Episode overview
14, 2020
This Week's Stories: - Windows 7 support dies today, but 1 in 7 PCs are still running it - Cablehaunt- the remote exploit with the catchy logo that works on ALL cable modems .. show full overview
1x750
The Crypto CurveBall
Episode overview
21, 2020
This Week's Stories: - iPhones join Android in being a Google account security key. - How much "substantive assistance" did Apple provide in the Pensacola investigation? .. show full overview
1x751
SHAmbles
Episode overview
28, 2020
This Week's Stories: - Is Apple actually encrypting our iCloud storage backups? - 250 Million Microsoft Customer Support Records Exposed Online - New York state is .. show full overview
1x752
The Little Red Wagon
Episode overview
04, 2020
This Week's Stories: - L1D Eviction Sampling becomes “CacheOut” - Only one final version of Windows? - Windows 7 and the Free Software Foundation - Windows 7's final .. show full overview
1x753
Promiscuous Cookies
Episode overview
11, 2020
Twitter, Google, and Facebook tell Clearview AI to stop stealing your face to catch crooks The NIST is testing methods to recover data from smashed smartphones Whoa! We get to .. show full overview
1x754
The Internet of Troubles
Episode overview
18, 2020
This Week's Stories How to fix the Windows 7 "You don’t have permission to shut down this computer." error Win10’s “One Button PC Reset” fails after KB4524244. And, also… .. show full overview
1x755
Apple's Cert Surprise
Episode overview
25, 2020
This Week's Security News: More Windows 10 lost profile pain A micropatch for the jscript.dll problem Coming in the next Feature Release (Win10 2004): optional device .. show full overview
1x756
Kr00k
Episode overview
03, 2020
This Week's Stories Lets Encrypt hits 1 BILLION certs Pakistan passes Internet censorship law Clearview AI breach: clients and searches stolen Swiss government .. show full overview
1x757
The Fuzzy Bench
Episode overview
10, 2020
This Week's Stories: Microsoft, Google, LogMeIn & Cisco offer limited-time free use of telecommuting Tools: Hack the Pentagon!: The Android security dilemma: AMD processors get .. show full overview
1x758
The SMBGhost Fiasco
Episode overview
17, 2020
This Week's Stories: Does Steve have coronavirus? Maybe? He got very sick over the weekend and is still coughing, but he couldn't get tested. Mayhem ensues after last week's Patch .. show full overview
1x759
TRRespass
Episode overview
24, 2020
This week's stories: Two new un-patched 0-days affecting billions of Windows users - here is the fix! Mozilla reversed itself on TLS v1.0 and 1.1 deprecation... due to the .. show full overview
1x760
Folding Proteins
Episode overview
31, 2020
This week's stories: VPN bug in iOS 13.4 Folding@Home - how to donate your unused CPU cycles to help provide answers to COVID-19. RDP and VPN use skyrocketing To 'www' or not to .. show full overview
1x761
Zoom Go Boom!
Episode overview
07, 2020
Zoom is a security nightmare - from zoombombing to encryption issues, Steve Gibson runs down Zoom's security concerns. Plus, Jitsi is a great alternative! Mozilla just patched a pair .. show full overview
1x762
Virus Contact Tracing
Episode overview
14, 2020
Apple+Google Covid Tracker is Secure and RIP John Conway, Creator of The Game of Life Apple & Google Virus Contact Tracing: secure and effective Zoom gets another Zoom-bombing .. show full overview
1x763
The COVID Effect
Episode overview
21, 2020
Zoom Fixes Security, EARN IT is Evil, Tor in Trouble Zoom gets big-name help with security fixes Google updates Chrome to v81.0.4044.113 to squash a critical flaw FTP in Chrome .. show full overview
1x764
RPKI
Episode overview
28, 2020
Apple/Google Contact Tracing, Best VPNs to protect you. Apple/Google Contact Tracing Update iOS 0-Day Alert! Update Apple Mail Best VPNs to protect you from the Five .. show full overview
1x765
An Authoritarian Internet?
Episode overview
05, 2020
China wants to rebuild the Internet. China's proposal to rebuild the internet is an authoritarian nightmare Bruce Schneier on COVID-19 Contact Tracing Apps Political Correctness .. show full overview
1x766
ThunderSpy
Episode overview
12, 2020
Thunderbolt security flaw, Zoom buys Keybase. Why the ThunderSpy Thunderbolt security flaw is such a big deal Zoom purchases Keybase to fix encryption Firefox 76 released with new .. show full overview
1x767
WiFi 6
Episode overview
19, 2020
WiFI 6, Apple vs. FBI, face masks. Last Tuesday's Windows patch Tuesday was the not the biggest ever, but it was the 3rd largest in Microsoft's history, weighing in with a whopping .. show full overview
1x768
Contact Tracing Apps R.I.P.
Episode overview
26, 2020
Contact tracing apps are not going to work. Why contact tracing apps are never going to work Unc0ver: There's a new iOS jailbreak in town, and as jailbreaks go, it looks VERY .. show full overview
1x769
Zoom’s E2EE Design
Episode overview
02, 2020
Zoom gets end-to-end encryption. ACLU takes Clearview to court, but maybe they should worry about their own website first The state of drive-by malvertising downloads Google will .. show full overview
1x770
Zoom's E2EE Debacle
Episode overview
09, 2020
Zoom's end-to-end encryption fail. Zoom will offer end-to-end encryption, but only if you pay for it IBM announces no more work on facial recognition The Odd Case of Mozilla's DoH .. show full overview
1x771
Lamphone
Episode overview
16, 2020
Windows update kills printers & SSDs. Lamphone: eavesdrop on a hanging lightbulb Brave Browser caught and chastised for tweaking user-entered URLs for its benefit Microsoft breaks .. show full overview
1x772
Ripple20
Episode overview
23, 2020
Zoom encryption, Windows 10 printer error. Ripple20: a set of 19 TCP/IP vulnerabilities that could let remote attackers gain control over your device Russian government lifts its .. show full overview
1x773
Ripple20 Too
Episode overview
30, 2020
Congress wants to kill encryption & face recognition. New information about Ripple20 The Facial Recognition and Biometric Technology Moratorium Act wants to kill face .. show full overview
1x774
123456
Episode overview
07, 2020
Boston bans face recognition, bad passwords. Boston bans facial recognition 123456 is still the most popular password iOS 14 catches Linked-In, Tik Tok, and others red .. show full overview
1x775
Tsunami
Episode overview
14, 2020
EARN IT is still evil, Google tsunami. Mozilla suspends “Send” due to persistent malware abuse Zoom fixed a new RCE affecting Windows 7 and earlier systems The EARN IT bill, take II .. show full overview
1x776
A Tale of Two Counterfeits
Episode overview
21, 2020
Here's how Twitter was hacked. How can we prevent the next Twitter hack? Cloudflare outage takes out huge swath of American internet, including Down Detector. All internet got sent to .. show full overview
1x777
rwxrwxrwx
Episode overview
28, 2020
F5 Networks “Big-IP” devices in Big-Trouble Twitter bitcoin hack update GnuTLS vs OpenSSL The Garmin outage then and now Cisco's latest trouble Surprising SpinRite results
1x778
BootHole
Episode overview
04, 2020
Twitter hackers arrested, Garmin hackers get ransom. Vitamin D fights death by Covid Firefox is now at v79 Twitter hackers arrested Garmin hackers rewarded Tor and Dr. .. show full overview
1x779
Geneva
Episode overview
11, 2020
Great Firewall Of China, Black Hat/DEFCON 2020, Have I Been Pwned. It's Patch Tuesday! News from Black Hat / DEFCON 2020 Generalizing Speculative Execution Vulnerabilities Canon .. show full overview
1x780
Microsoft’s 0-day Folly
Episode overview
18, 2020
Microsoft acts badly, Canon ransomware, Mozilla tries to pivot. When Microsoft doesn't act responsibly: Parts 1 and 2 Snap Your Dragon / "Achilles: Small Chip, Big Peril" 3rd .. show full overview
1x781
SpiKey
Episode overview
25, 2020
Ransomware hits Jack Daniel's, Iranian Script-Kiddies, how ransomware happens. SpiKey: using the sound of a key to determine its shape What do The University of Utah, Jack Daniel’s .. show full overview
1x782
I Know What You Did Last Summer
Episode overview
01, 2020
Russian tries to hack Tesla, web browser history research. Chrome 85 security features Russian Attempts to Cyber Attack Tesla More EMV Standard monetary transaction method .. show full overview
1x783
IoT Isolation Strategies
Episode overview
08, 2020
Isolate your IoT devices, Threema goes open-source. IoT Isolation Strategies DoH coming to Chrome for Android Bye Bye Drive-By Downloads Threema goes Open-Source WordPress File .. show full overview
1x784
BlindSide & BLURtooth
Episode overview
15, 2020
Chrome vs abusive ads, patch Tuesday palooza. BlindSide and BLURtooth Chrome gets tough on abusive ads The last hurrah for IE & Flash exploits Chromium Edge on Win10: Forcing the .. show full overview
1x785
Formal Verification
Episode overview
22, 2020
iOS 14 & Android 11 security features, DuckDuckGo gets big. The most important iOS 14 privacy & security features All of Android 11's new privacy & security features DuckDuckGo .. show full overview
1x786
ZeroLogon++
Episode overview
29, 2020
Amazon flying security cam, ZeroLogon on GitHub, ransomware roundup. What could possibly go wrong: Amazon/Ring's autonomous flying home security webcam Evil ransomware gang deposited .. show full overview
1x787
Why Win7 Lives On
Episode overview
06, 2020
Android Security, Windows 7 Security, Microsoft Defender. Google to get even more proactive about Android security Why are people sticking with Windows 7? And Google funds a .. show full overview
1x788
Well Known URI’s
Episode overview
13, 2020
Carnival Cruise hack, ZeroLogon, Five Eyes vs Encryption. Chrome gets 86’d! Carnival Cruise Line Hack The largest company you've never heard of gets hit by ransomware hackers No .. show full overview
1x789
Anatomy of a Ryuk Attack
Episode overview
20, 2020
Zoom end-to-end encryption, Windows 10 god mode, Manifest v3. Last Wednesday, Zoom announced that THIS week their 30-evaluation of end-to-end encrypted video conferencing would .. show full overview
1x790
Top 25 Vulnerabilities
Episode overview
27, 2020
Chrome 0-Day, Edge for Linux, WordPress Loginizer. Top 25 Vulnerabilities Critical 0-day in Chrome Chrome 86 is now blocking slippery notifications Site Isolation coming soon to .. show full overview
1x791
Google’s Root Program
Episode overview
03, 2020
Google One VPN, WordPress update fail, Windows 7 0-Day. A new 0-day in Win7 through Win10 A public service reminder from Microsoft Google One adding an Android VPN Vulnonym: Stop .. show full overview
1x792
NAT Firewall Bypass
Episode overview
10, 2020
SlipStream NAT firewall bypass, MS Police use Ring doorbell cams. Let's Encrypt's cross-signed root expires next year Chrome updates on Windows, macOS, Linux, and Android to remove .. show full overview
1x793
SAD DNS
Episode overview
17, 2020
Malicious Android apps, ransomware-as-a-service. Where do most malicious Android apps come from? SAD DNS is a revival of the classic DNS cache poisoning attack How many .. show full overview
1x794
Cicada
Episode overview
24, 2020
Ongoing WordPress attack, RCS gets End-to-end encryption. Chrome moves to release 87. Explicit Publication of Privacy Practices. Firefox 83 gets HTTPS-only Mode. Mozilla seeks .. show full overview
1x795
DNS Consolidation
Episode overview
01, 2020
Generic smart doorbells, Tesla Model X key fobs, critical Drupal flaw, Spotify. Chrome Omnibox becomes more Omni. Chrome's open tabs search. Ransomware news involving Delaware .. show full overview
1x796
Amazon Sidewalk
Episode overview
08, 2020
Google Play Core Library, iOS zero-click radio proximity exploit, Apple M1 chip. Ransomware news regarding Foxconn, Egregor, and K12 Inc. The Apple iPhone zero-click radio proximity .. show full overview
1x797
SolarWinds
Episode overview
15, 2020
Chrome throttling ads, Google outage, 2020 Pwnie Awards, JavaScript's 25th birthday. Chrome's heavy ad intervention. Adrozek. Ransomware: "Double Extortion." A 0-click wormable .. show full overview
1x798
Best of 2020
Episode overview
22, 2020
Leo Laporte walks through some of the highlights of the show and most impactful stories of 2020. Stories include: Clearview AI face scanning. The "EARN IT" act. Zoom security .. show full overview
1x799
SunBurst & SuperNova
Episode overview
29, 2020
Ransomware Task Force, Chrome 87, Firefox caches, preserving Flash video. Chrome 87 backs away from Insecure Form Warnings. Firefox to begin partitioning its caches. Browsers say no .. show full overview
1x800
SolarBlizzard
Episode overview
05, 2021
SolarWinds' Orion software, swatting goes IoT, PHP Zend Framework vulnerability. Chrome struggles with A/V pre-scan file locking. Zyxel security products protected by a single .. show full overview
1x801
Out With The Old
Episode overview
12, 2021
SolarWinds smoking gun, Signal influx of WhatsApp users, male chastity cage. Firefox and Chromium updates address remote system take over bugs. Tenable researchers reported a .. show full overview
1x802
Where the Plaintext is
Episode overview
19, 2021
2021's first Patch Tuesday, Titan Security Key side-channel attack, WhatsApp. When is Chrome not Chromium? A major DuckDuckGo milestone. Project Zero in the wild. First Patch .. show full overview
1x803
Comparative Smartphone Security
Episode overview
26, 2021
Browser password managers, Adobe Flash repercussions, SolarWinds. Chrome and Edge have beefed-up their built-in password managers. The random repercussions associated with the end of .. show full overview
1x804
NAT Slipstreaming 2.0 This
Episode overview
02, 2021
SUDO was pseudo secure, BigNox supply-chain attack, iMessage in a sandbox. Picture of the Week. Chrome rescinding another CA's root cert. An urgent update to the recently released .. show full overview
1x805
SCADA Scandal
Episode overview
09, 2021
Defender thinks Chrome is malware, Plex Media Servers in DDoS attacks. Picture of the Week. Google has been busy with Chrome. Google Chrome Heap Buffer Overflow Vulnerability .. show full overview
1x806
C.O.M.B.
Episode overview
16, 2021
Florida water supply hack update, Major patch Tuesday, Android SHAREit vulnerability. Pic of the week. New info in the Oldsmar, Florida water supply attack. Major Patch Tuesday .. show full overview
1x807
Dependency Confusion
Episode overview
23, 2021
SHAREit's security update, Solorigate, Brave's "Private Window with Tor". SHAREit Follow-up This Week in Web Browser Tracking Brave's “Private Window with Tor” was not so .. show full overview
1x808
CNAME Collusion
Episode overview
02, 2021
Seven Exchange 0-days, Firefox Enhanced Tracking Protection, SolarWinds Password. Chrome to default to trying HTTPS first when not specified. Firefox's “Enhanced Tracking Protection” .. show full overview
1x809
Hafnium
Episode overview
09, 2021
Dependency confusion, Intel Side Channel Attacks, Crispy Subtitles from Lay's. Picture of the week. 47 fixes in Chrome 89.0.4389.72. Crispy Subtitles from Lay’s. Google funds Linux .. show full overview
1x810
ProxyLogon
Episode overview
16, 2021
New Chrome 0-Day, Patch Tuesday Redux, Spectre Comes to Chrome. Chrome closes another 0-day. This v89 of Chrome also lost some weight. Spectre comes to Chrome! Prime+Probe: A new .. show full overview
1x811
What the FLoC?
Episode overview
23, 2021
Automatic fix for Exchange Server flaw, Firefox 87 features, MyBB patch. Dave's Garage on YouTube. The latest update on the ProxyLogon fiasco is from Microsoft. Black Kingdom .. show full overview
1x812
GIT me some PHP
Episode overview
30, 2021
Spectre returns to Linux, API Security, OpenSSL flaws, SolarWinds. Picture of the week. ProxyLogon Update. Spectre returns to Linux. OpenSSL fixes several high-severity .. show full overview
1x813
A Spy in Our Pocket
Episode overview
06, 2021
Ubiquity coverup, Facebook data dump, malicious Call of Duty cheats. The Ubiquiti Coverup. Facebook’s 533,313,128 Million User Whoopsie! Don't mess with our water! Android moves to .. show full overview
1x814
PwnIt And OwnIt
Episode overview
13, 2021
- Picture of the week. - The Slips keep Streaming. - Are You FLoC'ed? - The PHP GIT Hack, revisited. - CISCO abandons old routers having problems. - Failure to Patch. - PwnIt And OwnIt.
1x815
Homogeneity Attacks
Episode overview
20, 2021
Club TWiT details. Picture of the Week. The Vivaldi Project's take on FLoC. Chrome continues to be THE high-value target. We’re at Chrome v90. Exchange Server Web Shells removed, .. show full overview
1x816
The Mystery of AS8003
Episode overview
27, 2021
Remembering Dan Kaminski. Week before last was Patch Tuesday. Google's Project Zero responds to today's patch latency reality. Baking security into IoT UNethical security .. show full overview
1x817
The Ransomware Task Force
Episode overview
04, 2021
Picture of the Week. REvil hacks Apple supplier Quanta Computer. World-famous Scripps Health taken down. The Big Emotet Botnet Takedown. Emotet’s 4,324,770 eMail addresses. Have I .. show full overview
1x818
News from the Darkside
Episode overview
11, 2021
Picture of the week. TsuNAME - “DNS Configuration Flaw Lets Attackers Take Down DNS Servers” Huh Google? Tor's Exit Nodes. 21 Nails in Exim's coffin. Project Hail Mary: A Novel. Closing the loop. SpinRite update. News from the Darkside.
1x819
The WiFi Frag Attacks
Episode overview
18, 2021
Picture of the week. DarkSide Follow-Up. Follow The Money. Toshiba Attacked by DarkSide. Ransomware topics off-limits here. “DarkTracer: DarkWeb Criminal Intelligence” Please Leak .. show full overview
1x820
The Dark Escrow
Episode overview
25, 2021
Picture of the Week. Firefox finally achieves sustained “Fission”. Conti ransomware. CNA Financial pays up big. When they say IoT do they mean us? “Mean Time to Inventory” The .. show full overview
1x821
Epsilon Red
Episode overview
01, 2021
Photo of the Week. Chrome advances to 91. Emsisoft has created their own ransomware decryption tool. Stepping off the Sidewalk. Just another phishing attack. The Great Encryption Struggle. Hail Mary. Epsilon Red.
1x822
Extrinsic Password Managers
Episode overview
08, 2021
Picture of the week. The Great CyberSecurity Awakening of 2021. Firefox will soon auto-update on Windows even when it's not running. Edge takes its own approach to HTTPS .. show full overview
1x823
TLS Confusion Attacks
Episode overview
15, 2021
Picture of the week. Being #1 is a mixed blessing. Industry wide patch Tuesday. TikTok Quietly Updated Its Privacy Policy to Collect Users' Biometric Data. iOS 14.5 requires apps to .. show full overview
1x824
Avaddon Ransonomics
Episode overview
22, 2021
Picture of the Week. Another day, another Chrome 0-day. Ransomware perpetrators are increasingly purchasing access. A weird bug in iOS Wi-Fi. An Early Preview of Windows 11. The .. show full overview
1x825
Halfway through 2021
Episode overview
29, 2021
Picture of the week Google's FLoC has landed with a hard thud and is now-delayed The high cost of Ireland's recovery from the Conti ransomware attack Who is responsible for damage and .. show full overview
1x826
The Kaysea Saga
Episode overview
06, 2021
Picture of the Week. “PrintNightmare” is NOT CVE-2021-1675. The Authentication Dilemma. Western Digital steps up. WD's MyCloud OS3 Troubles. SpinRite. Miscellany & Closing The Loop. The Kaysea Saga.
1x827
REvil’s Clever Crypto
Episode overview
13, 2021
Picture of the Week The “PrintNightmare Continues” Kaseya - Not nearly as bad as it could have been Ransomwhere site Microsoft Office Users: There's a new malware-protection .. show full overview
1x828
REvil Vanishes!
Episode overview
20, 2021
Picture of the week Browser News The attacks on Google Chrome continue. Firefox special-cases anti-tracking for "Login With" functions. Security News iOS WiFi SSID bug We still .. show full overview
1x829
SeriousSAM & PetitPotam
Episode overview
27, 2021
Picture of the Week. Faster and more efficient phishing detection in Chrome 92. A Universal Decryptor for all Kaseya victims. The printer driver used by millions of HP, Samsung and .. show full overview
1x830
The BlackMatter Interview
Episode overview
03, 2021
Picture of the Week. Mozilla's Firefox Monthly Active Users (MAU) slowly but steadily drops. Google to finally assume HTTPS. The evolution of “Initial Access Brokers”. DarkSide .. show full overview
1x831
Apple’s CSAM Mistake
Episode overview
10, 2021
Picture of the week. “You're Doing IoT RNG” The Pulse Secure VPN remains in trouble. And Cisco, too... Flaws found in another popular embedded TCP/IP library. Microsoft Edge gets .. show full overview
1x832
Microsoft’s Culpable Negligence
Episode overview
17, 2021
Picture of the week. Firefox Update. Facebook finally adds end-to-end encryption to Messenger. Exploitation of PrintNightmare has begun. And “Magniber” Ransomware Uses .. show full overview
1x833
Microsoft's Reasoned Neglect
Episode overview
24, 2021
Picture of the week. Firefox soon to be blocking mixed-content downloads by default. The news from T-Mobile is all bad. Introducing ProxyLogon's kissing cousin, ProxyShell. The Razer .. show full overview
1x834
Life: Hanging by a PIN
Episode overview
31, 2021
Picture of the Week. Credit Freeze vs Credit Lock. T-Mobile hacker speaks! Where will Windows 11 run? ProxyToken. Tailscale Open Source? SSD Bait & Switch. SpinRite. Life: Hanging by a PIN.
1x835
TPM v1.2 vs 2.0
Episode overview
07, 2021
Picture of the Week. The Razor mouse & keyboard. The wishful phrase “Internet Anonymity” is an oxymoron. And speaking of Apple's client-side image matching... BlueTooth has new .. show full overview
1x836
The Mēris Botnet
Episode overview
14, 2021
Picture of the Week. A new worrisome 0-day attack against Office documents. Work From Home (WFH) — No problem? “Attacks only ever get better” The return of REvil — Apparently, .. show full overview
1x837
Cobalt Strike
Episode overview
21, 2021
Picture of the week. The DDoS attack on VoIP.ms. Patch Tuesday's Mixed Blessing. Android to auto-reset app permissions on many more devices. BREAKING: FBI held back ransomware .. show full overview
1x838
autodiscover.fiasco
Episode overview
28, 2021
Picture of the Week. Chrome's 12th 0-day this year. Next up on this week's 0-day Watch... is Apple. Apple appears to be annoying their bug reporters. Epik Confirms Hack, Gigabytes of .. show full overview
1x839
“Something Went Wrong”
Episode overview
05, 2021
Picture of the Week. Another two, in-the-wild, true 0-days found and fixed in Chrome. Windows 11 arrives. A known memory leak in Windows Explorer. Ransomware and cyber warfare. On .. show full overview
1x840
0-Day Angst
Episode overview
12, 2021
Picture of the week. Windows 11 Watch: “AllowUpgradesWithUnsupportedTPMOrCPU” AMD processors running some apps up to 15% slower. The Windows 10 taskbar on Windows 11. Microsoft is .. show full overview
1x841
Minh Duong's Epic Rickroll
Episode overview
19, 2021
Picture of the week. Windows 11 Watch - Don't update to Windows 11 unless you need to. Patch Tuesday - PrintNightmare fix to fix the previous print nightmare fix that broke other .. show full overview
1x842
The More Things Change...
Episode overview
26, 2021
Picture of the Week. A sneak peak at November 9th upcoming Win11 fixes. Leo gets his wish!! REvil WAS recently re-taken down by Law Enforcement! Microsoft: “We’re Excited to Announce .. show full overview
1x843
Trojan Source
Episode overview
02, 2021
More 0-days for Chrome. Two naughty Firefox add-ons have been caught abusing an extension API. Windows 11 News: Can we print yet? A new Local Privilege Escalation affecting all .. show full overview
1x844
Bluetooth Fingerprinting
Episode overview
09, 2021
Picture of the Week. Lots of welcome progress on the ransomware front. Pwn2Own Austin: Last Tuesday-Thursday largest ever 3-day Fall 2021 Pwn2Own. Windows 11 snipping tool, its emoji .. show full overview
1x845
Blacksmith
Episode overview
16, 2021
Picture of the week. ~10,000 VPN/Firewall appliances from Palo Alto Networks vulnerable. The 0-Patch Guys Produce a Micropatch This brings me to “The Zen of Code” November's Patch .. show full overview
1x846
HTTP Request Smuggling
Episode overview
23, 2021
Picture of the Week. An idea whose time has passed... The stats of brute force password attacks. The Most Common Passwords. GoDaddy Breached Bigtime! A heads-up about NetGear routers. HTTP Request Smuggling.
1x847
Bogons Begone!
Episode overview
30, 2021
Picture of the Week. “Super Duper Secure Mode” 37% of the world's smartphones are vulnerable. The RAT Dispenser. The Entirely Predictable 0-Day Windows Exploit. “The Frontiers Saga: Fringe Worlds” Closing the Loop. Bogons Begone!
1x848
XSinator
Episode overview
07, 2021
Picture of the Week. Tavis finds a bad bug in NSS. Cheap Smartwatches for kids and babies? Additional VPN vendors just say no to Roskomnadzor! Windows 11 loosens its grip on .. show full overview
1x849
Log4j & Log4Shell
Episode overview
14, 2021
Picture of the Week. Amazon outage and cloud dependence. AirTag Abuse. Windows 11 vs Your Browser of Choice. WordPress once again in the crosshairs. Closing the Loop. Sci-Fi. SpinRite. Log4j & Log4Shell.
1x850
It's a Log4j Christmas
Episode overview
21, 2021
Picture of the Week. Google's 16th exploited Chrome 0-day of the year. Firefox refuses to do Microsoft.com! Firefox disabled Microsoft's Cloud Clipboard. Weaknesses in all cellular .. show full overview
1x851
Best of 2021
Episode overview
28, 2021
Leo Laporte walks through some of the highlights of the show and most impactful stories of 2021. Stories include: SolarWinds Hack Detailed By Microsoft Crispy Subtitles from .. show full overview
1x852
December 33rd
Episode overview
04, 2022
Picture of the Week. Log4j’s 5th update. Microsoft's Log4j scanner triggers false positives. Chinese government is annoyed with Alibaba. “Hack the DHS” Bug Bounty Expanded. COVID .. show full overview
1x853
URL Parsing Vulnerabilities
Episode overview
11, 2022
Picture of the Week. The US CISA Log4J status update. The H2 Database Console vulnerability. The Federal Trade Commission gets into the act! Chrome fixed 37 known problems last .. show full overview
1x854
Anatomy of a Log4j Exploit
Episode overview
18, 2022
Picture of the Week "Hack the Pentagon" with Log4j Open Source Software Security Summit Microsoft's January Patch Tuesday Review: The GOOD News Microsoft's January Patch Tuesday .. show full overview
1x855
Inside the NetUSB Hack
Episode overview
25, 2022
Picture of the Week. Log4J News. Who pays for RansomWare attack recovery? The rising cost of cyber-insurance. Another very dangerous WordPress add-on. And a supply-chain attack on a .. show full overview
1x856
The “Topics” API
Episode overview
01, 2022
Picture of the Week. Apple eliminates 0-days from iOS and macOS. Qualys published technical details for PwnKit. Log4Shell hits Ubiquiti. New bug bounties posted by .. show full overview
1x857
The Inept Panda
Episode overview
08, 2022
Picture of the Week. China's Olympics: Leave your tech at home. We have a serious CVS 9.9 remote code execution vulnerability in SAMBA. Living off the Land. The suspension of the .. show full overview
1x858
InControl
Episode overview
15, 2022
Picture of the Week. A high-severity 0-day in Chrome. Apple updates against another 0-day. CISA thinks this Apple vulnerability is quite serious. Which brings us back to “SeriousSAM” .. show full overview
1x859
A BGP Routing Attack
Episode overview
22, 2022
Picture of the Week. The “UpdraftPlus” WordPress Plug-In. “Xenomorph” Decrypting “The Hive” Un-Pixelating redacted text. No Internet For You!! If at first you don't .. show full overview
1x860
Trust Dies in Darkness
Episode overview
01, 2022
Picture of the Week. Honor among thieves? Daxin. Whither or Wither: Log4j / Log4Shell. “418 I’m a teapot” Will the US attack? Windows 11 Compatibility. Closing the Loop. SpinRite News. Trust Dies in Darkness.
1x861
Rogue Nation Cyber Consequences
Episode overview
08, 2022
Picture of the Week. The Russians are coming. Ukrainian “Cyber Unit Technologies” is paying for attacks on Russia. StarLink in Ukraine. Russia blocks access to Facebook, Twitter, .. show full overview
1x862
QWACs on? or QWACs off?
Episode overview
15, 2022
Picture of the Week. Patch Tuesday for the Industry. Android, too. Firefox emergency update. HP's major UEFI firmware patch-fest. The NVIDIA breach. ProtonMail gets it .. show full overview
1x863
Use After Free
Episode overview
22, 2022
Picture of the Week. Report Cybercrime: It's the Law. A software supply chain compromise. Browser in the Browser. TrickBot, MicroTik & Microsoft. The Infinite Loop OpenSSL .. show full overview
1x864
Targeted Exploitation
Episode overview
29, 2022
Picture of the Week. A high severity 0-day vulnerability update for Chrome. An interview with the CTO of a large Ukraine ISP, Ukrtelecom. NPM under attack, again. Honda says, nothing .. show full overview
1x865
Port Knocking
Episode overview
05, 2022
Picture of the Week. 0-Day Watch. Spring Forward (Java: Spring4Shell) QNAP and the OpenSSL DoS vulnerability. Sophos has a 9.8. CISA orders federal civilian agencies to patch the .. show full overview
1x866
Spring4Shell
Episode overview
12, 2022
Picture of the Week. Could NGINX have a 0-day? Microsoft's new Autopatch system. Another instance of Russian Protest in JavaScript's repository. End-of-service life for some popular Windows editions. Miscellany. Closing The Loop. Spring4Shell.
1x867
A Critical Windows RPC RCE
Episode overview
19, 2022
Picture of the Week. Chrome's 3rd 0-day of 2022. Patch Tuesday Redux. WordPress once again... Apache Struts Framework needs a critical update. Are America's nuclear systems so old .. show full overview
1x868
The 0-Day Explosion
Episode overview
26, 2022
Picture of the Week. CISA's Known Exploited Vulnerabilities Catalog. Lenovo UEFI Firmware Troubles. Everscale Blockchain Wallet. Java 15, 16, 17, and 18 received MUST UPDATES last week. Closing The Loop. Sci-Fi. SpinRite. The 0-Day Explosion.
1x869
Global Privacy Control
Episode overview
03, 2022
Picture of the Week. DoD DIB-VDP Pilot Overview. The OpenSSF and the Package Analysis project. Connecticut moves toward state privacy protections. Closing The Loop. Global Privacy Control.
1x870
That “Passkeys” Thing
Episode overview
10, 2022
Picture of the Week. Google updates Android to patch an actively exploited vulnerability. Connecticut’s recently passed data privacy bill became law last Wednesday. Ransomware .. show full overview
1x871
The New EU Surveillance State
Episode overview
17, 2022
Picture of the Week. An “eventful” Patch Tuesday. Patch Tuesday. Apple patched a 0-day. Google's “Open Source Maintenance Crew”. Conti suggests overthrowing the new Costa Rican .. show full overview
1x872
Dis-CONTI-nued: The End of Conti?
Episode overview
24, 2022
Picture of the Week. Emergency mid-cycle update for Active Directory. Clearview AI -vs- {Illinois, Australia, Canada and the United Kingdom}. Clearview AI in Ukraine. Pwn2Own .. show full overview
1x873
DuckDuckGone?
Episode overview
31, 2022
Picture of the Week. New South Wales DDL — Digital Driver's License. The latest Microsoft Office 0-day remote code execution vulnerability. GhostTouch. Vodafone’s new TrustPiD. Closing the Loop. DuckDuckGone?
1x874
Passkeys, Take 2
Episode overview
07, 2022
Picture of the Week. ServiceNSW Responds. ExpressVPN pulls the plug in India. And speaking of pulling the plug. “Follina” under active exploitation. And a Windows Search URL schema .. show full overview
1x875
The PACMAN Attack
Episode overview
14, 2022
Picture of the Week. Apple’s Passkeys presentation at WWDC 2022. WebAuthn. FREE Penetration Testing course with Kali Linux. Proof of Simulation. A valid use for facial recognition: The Smart Pet Door! Closing The Loop. The PACMAN Attack.
1x876
Microsoft's Patchy Patches
Episode overview
21, 2022
Picture of the Week. Double Decryption (Last week's key-strength puzzler). 3rd Party Authenticators. Firefox: Total Cookie Protection. We keep breaking DDoS attack .. show full overview
1x877
The “Hertzbleed” Attack
Episode overview
28, 2022
Picture of the Week. Errata: Firefox’s “Total Cookie Protection” 3rd Party FIDO2 Authenticators Germany's not buying the EU's proposal which subverts encryption The Conti Gang have .. show full overview
1x878
The ZuoRAT
Episode overview
05, 2022
Picture of the week. Chrome's fourth zero-day of 2022. Mozilla's new Firefox privacy-enhancing feature. HackerOne discloses a malicious insider incident. Closing the loop. The ZuoRAT.
1x879
The Rolling Pwn
Episode overview
12, 2022
Picture of the Week. OpenSSL's Patch For Heap Memory Corruption Vulnerability. NIST Announces First Four Quantum-Resistant Cryptographic Algorithms. Yubico donated 30,000 .. show full overview
1x880
RetBleed
Episode overview
19, 2022
Picture of the Week. The Rolling Pwn, take II. The great IPv4 Address Space Depletion. Confronting Reality in Cyberspace: Foreign Policy for a Fragmented Internet. Facebook has .. show full overview
1x881
The MV720
Episode overview
26, 2022
Picture of the Week. Patch Tuesday Redux Redux. Windows 11 Start button failure. The continuing saga of Windows VBA macros. Windows 11 now blocks RDP brute-force attacks by .. show full overview
1x882
Rowhammer’s Nine Lives
Episode overview
02, 2022
Picture of the Week. Atlassian's “Confluence” under attack. LS-Anvil. Google delays Chrome's cookie phase-out again. Attacker responding to loss of Office Macros. SpinRite. Closing .. show full overview
1x883
The Maker’s Schedule
Episode overview
09, 2022
Picture of the Week. Crypto is Hard. VirusTotal: Deception at a scale. Windows 11 might damage encrypted data. Microsoft Defender External Attack Surface Management. Closing The Loop. Daniel Bernstein sues the NSA. The Maker’s Schedule.
1x884
TLS Private Key Leakage
Episode overview
16, 2022
Picture of the Week. Patch Flashback Tuesday. Facebook is cautiously creeping toward default E2E encryption. VNC's inherent insecurity. The need to control domain names. And .. show full overview
1x885
The Bumblebee Loader
Episode overview
23, 2022
VIDEO of the Week Crashing Laptop Computers With Janet Jackson RealTek SoC flaw affects many millions of IoT devices 46 Million RPS - requests per second Chrome's 5th 0-Day of .. show full overview
1x886
Wacky Data Exfiltration
Episode overview
30, 2022
Picture of the Week. LastPass Breached. The US Federal Trade Commission filed a lawsuit against data broker Kochava. The US Federal Communications Commission launched an .. show full overview
1x887
Embedding AWS Credentials
Episode overview
06, 2022
Picture of the Week. Google’s (newest) Open Source Software Vulnerability Rewards Program. Did TikTok leak 2.05 BILLION User Records? An urgent Chrome update patches new 0-day .. show full overview
1x888
The EvilProxy Service
Episode overview
13, 2022
Picture of the Week. Cyberwarfare: Albania vs Iran. Crypto Heist — this or that. The White House "Tech Platform Accountability" Listening Session. Changes to the Dutch .. show full overview
1x889
Spell-Jacking
Episode overview
20, 2022
Picture of the Week. This is Patch News-Day. Lloyd's of London backing away from Cyber-Insurance. Uber Oops! Rockstar Games: Grand Theft Auto 6 Massive Leak. LastPass Breach .. show full overview
1x890
DarkNet Politics
Episode overview
27, 2022
Picture of the Week. Can't have it both ways. Denmark has become the fourth EU member to rule that the use of Google Analytics is illegal. Rockstar Games hacker is busted! .. show full overview
1x891
Poisoning Akamai
Episode overview
04, 2022
Picture of the Week. (What Could Possibly Go Wrong) Microsoft Teams - Unecessarily Insecure Roskomnadzor blocks Soundcloud Microsoft Exchange Server Under Attack Again I'm (Still) .. show full overview
1x892
Source Port Randomization
Episode overview
11, 2022
Picture of the Week. Breach of Customer Information Meta-targeted Malware Uber's Chief Security Officer Found Guilty More Cryptocurrency Chaos The UK to drop GDPR Summer Internship .. show full overview
1x893
Password Change Automation
Episode overview
18, 2022
Picture of the Week. Microsoft "Won't Fix". Malicious Kernel Drivers. Microsoft has finally added an RSS feed for Windows Updates! Passkeys [dot] Dev. Largest DDoS attack. Signal .. show full overview
1x894
Data Breach Responsibility
Episode overview
25, 2022
Picture of the Week. Firefox 106 is out. Google's Open Source IoT KataOS and Sparrow. This Week in CryptoCurrency Craziness. New Windows 0-day bypasses executable security .. show full overview
1x895
After 20 years in GCHQ
Episode overview
01, 2022
Picture of the Week. Windows driver blocklist to be updated next Tuesday. More Microsoft shenanigans. An upcoming OpenSSL CRITICAL vulnerability update -- get ready! A new TCP/IP RCE .. show full overview
1x896
Something for Everyone
Episode overview
08, 2022
Picture of the Week. A minor Dropbox breach. OpenSSL follow-up. FTC sued and settled with a repeated offender. $1.2 billion in reported ransomware payments during 2021. Akamai's Q3 .. show full overview
1x897
Memory-Safe Languages
Episode overview
15, 2022
Picture of the Week. Patch Tuesday review. Shennina Framework - Automating Host Exploitation with AI. GitHub's welcome new feature. Three LightSpeed vulnerabilities. .. show full overview
1x898
Wi-Peep
Episode overview
22, 2022
Picture of the Week. Firefox v107 was released last Tuesday. Google settles for a cool $391.5 million. Red Hat Signing its ZIP file Packages. The FBI purchased Pegasus for .. show full overview
1x899
Freebie Bots & Evil Cameras
Episode overview
29, 2022
Picture of the Week. iSpoof you no more. Here come the Freebie Bots! Anatomy of the real-time Cryptocurrency heist. Lookin' for something to do? Boa server vulnerability. The .. show full overview
1x900
LastPass Again
Episode overview
06, 2022
Picture of the Week. Don't mess with Australia. Facebook / Meta fined by Ireland. REvil’s full Medibank dump. Is nothing sacred? Mozilla yanks a (no longer) trusted root. .. show full overview
1x901
Apple Encrypts the Cloud
Episode overview
13, 2022
Picture of the Week. Chrome does Passkeys. SYNC.COM suffered its first outage. Medibank reboot. Totally fake cryptocurrency trading platforms. Malware on Telegram. Texas gets .. show full overview
1x902
A Generic WAF Bypass
Episode overview
20, 2022
Picture of the Week. A malware operation known as URSNIF. Pwn2Own Toronto 2022. Citrix and Fortinet recently released security updates to patch 0-day vulnerabilities. Patch .. show full overview
1x903
Best of 2022
Episode overview
27, 2022
Anatomy of a Log4j Exploit. Will Russia Disconnect? FCC Says Kaspersky Labs is a National Security Threat. Lenovo UEFI Firmware Troubles. That ""Passkeys"" Thing. Dis-CONTI-nued: The End of Conti? Steve's Take on the LastPass Breach.
1x904
Leaving LastPass
Episode overview
03, 2023
Picture of the Week. SpinRite. Leaving LastPass. Is there reason for concern? Well known password cracker Jeremi Gosney's LastPass rant. Steve shares his plan regarding .. show full overview
10, 2023
Picture of the Week. LastPass Aftermath. LastPass Vault De-Obfuscator. What more do we know this week regarding LastPass? The most alarming discovery by listeners. Understanding the .. show full overview
1x906
The Rule of Two
Episode overview
17, 2023
Picture of the Week About Password Iterations EBC or CB Norton Lifelock Troubles Chrome Follows Microsoft and Firefox Chromium is Beginning to Rust BYOVD and Windows Defender Failures Closing the Loop (feedback) The Rule of Two
1x907
Credential Reuse
Episode overview
24, 2023
Picture of the Week. PayPal Credential Stuffing. iOS 16.3 : Cloud encryption for all. InfoSecurity Magazine: “ChatGPT Creates Polymorphic Malware”. CheckPoint Research: OPWNAI : .. show full overview
1x908
Data Operand Independent Timing
Episode overview
31, 2023
Android to start blocking old and unsafe apps. Microsoft to block Internet sourced Excel add-ins. An example of saying "no" even when it may hurt. Hacked Wormhole funds on the .. show full overview
1x909
How ESXi Fell
Episode overview
07, 2023
Picture of the Week. The European Union's Internet Surveillance Proposal. 30,000 patient records online? .DEV is always HTTPS! Google changes Chrome's release strategy. Russia .. show full overview
1x910
Ascon
Episode overview
14, 2023
Picture of the Week ESXiArgs follow-up ChatGPT's Malicious Use Google Security Key Giveaway Brave goes HTTPS-by-default 1Password Makes Another Passkeys Move Russian Patriotic .. show full overview
1x911
A Clever Regurgitator
Episode overview
21, 2023
Picture of the Week. GoneDaddy. Section 230. No Blue, No SMS-based 2FA. Bitwarden gets Argon. “Meta Verified”. Emsisoft Fake Code Signing. Attacks breaking records. More .. show full overview
1x912
The NSA @ Home
Episode overview
28, 2023
Picture of the Week. Windows 11? ... anyone? As Plain as Ever. Edge's new built-in VPN? LastPass Incident Update. Signal says NO to the UK. More PyPI troubles. The QNAP bug bounty program. SpinRite. The NSA @ Home.
1x913
A Fowl Incident
Episode overview
07, 2023
Picture of the Week. DDoS’ing Fosstodon. DDoS for Hire takedowns. TikTok Insanity. Illegal Warrantless Surveillance. Strategic Objective 3.3. GitHub Secret Scanning. CISA's .. show full overview
1x914
Sony Sues Quad9
Episode overview
14, 2023
Picture of the Week. Another Malicious Chrome Extension. Germany to join the Huawei & ZTE ban. Putting “phishing” into perspective. The Polynonce attack. Plex's RCE now in CISA's KEV. Sci-Fi: Andor. Sony Sues Quad9.
1x915
Flying Trojan Horses
Episode overview
21, 2023
Picture of the Week. Multiple Exploitable Samsung 0-Days. A good idea for NPM. The TikTok Tick Tock. Google pushes for 90-day TLS certificate life. CHESS is safe. CISA has begun scanning! Flying Trojan Horses.
1x916
Microsoft’s Email Extortion
Episode overview
28, 2023
Picture of the Week. Synacktiv wins this year's CanSecWest Pwn2Own GitHub: Mistakes happen DDoS for Hire. . .Or Not 144,000 malicious packages published No iPhones For Russian .. show full overview
1x917
Zombie Software
Episode overview
04, 2023
Picture of the Week So... Not an attack, then? AI Overlord Hysteria Italy says NO to ChatGPT It’s illegal... How much will that be? The U.S. FDA & medical device security Hack the .. show full overview
1x918
A Dangerous Interpretation
Episode overview
11, 2023
Picture of the Week. Microsoft and Fortra go on the offensive. Can ChatGPT keep a secret? Apple updates their OS's. Wordpress under attack... again. Mozilla's Site Breach .. show full overview
1x919
Forced Entry
Episode overview
18, 2023
Picture of the Week. Patch Tuesday Review. Risky Business News. Google Assured Open Source Software. WhatsApp Improvements. Bad Security? Go to jail! Forced Entry.
1x920
An End-to-End Encryption Proposal
Episode overview
25, 2023
Picture of the Week. Lockdown Mode seen succeeding. A growing black market for ChatGPT accounts. Decommissioned Corporate Routers Leak Secrets. Jaguar Tooth: Cisco router .. show full overview
1x921
OSB OMG and other news!
Episode overview
02, 2023
Picture of the Week. The Encryption Debate. Age does matter... Age Verification. WhatsApp: Rather be blocked in UK than weaken security. Exposing Side-Channel Monitoring. .. show full overview
1x922
Detecting Unwanted Location Trackers
Episode overview
09, 2023
Picture of the Week. Google & Passkeys. TP-Link routers DO auto-update. US Marshals Service: Where’s the backup?? T-Mobile keeps getting breached. Chrome: No more LOCK icon. .. show full overview
1x923
Location Tracker Behavior
Episode overview
16, 2023
Picture of the Week. SpinRite. Location Tracker Behavior. Formal definitions from the specification. Bluetooth LE devices have MAC addresses and therein lies a problem. All devices .. show full overview
1x924
VCaaS – Voice Cloning as a Service
Episode overview
23, 2023
Picture of the Week. Tracker Follow-Up. Automatic IoT device updating. HP 9020e - error code 83C0000B. Section 230 Stands. The KeePass Vulnerability. Apple joins Samsung, Amazon .. show full overview
1x925
Brave's Brilliant Off the Record Request
Episode overview
30, 2023
Picture of the Week. HP = “Huge Pile” The “.ZIP” TLD — What could possibly go wrong? PyPI gets more serious about security AND privacy. “No logs saved anywhere”??? Twitter in the .. show full overview
1x926
Windows Platform Binary Table
Episode overview
06, 2023
Picture of the Week. Another week of silence from HP. Mandatory “SMB Signing” coming to Windows 11. OWASP. Did Apple help the NSA attack the Kremlin? Kaspersky's analysis of this .. show full overview
1x927
Scanning the Internet
Episode overview
13, 2023
Picture of the Week. Cryptomining Rude Surprise Billing. Musk's Twitter is refusing to pay for Cloud Services. IoT DDoS rapidly rising. H1CA found executing code on client .. show full overview
1x928
The Massive MOVEit Maelstrom
Episode overview
20, 2023
Picture of the Week. Patch Tuesday. Does EVERYTHING leak?? Closing the Loop. SpinRite gets version 7.1! The Massive MOVEit Maelstrom.
1x929
Operation Triangulation
Episode overview
27, 2023
Picture of the Week. Catching Leo up to speed from last week. DuckDuckBrowse. And an updated Tor Browser. Opera, now enhanced with “AI”. The KasperskyOS Phone. The cost of doing .. show full overview
1x930
Rowhammer Indelible Fingerprinting
Episode overview
11, 2023
Picture of the Week. Another Critical Unauthenticated SQLi Flaw Discovered in MOVEit Transfer Software. And as for MOVEit... What's a “Rug Pull” ?? “Avast, ye Matey” China's .. show full overview
1x931
Satellite Insecurity, Part 1
Episode overview
18, 2023
Picture of the Week. Kaspersky on Microsoft's Patch Tuesday. As the worm turns: WormGPT. Microsoft revokes 100+ malicious drivers. MOVEit Update. Does Dun & Bradstreet know you? No .. show full overview
1x932
Satellite Insecurity, Part 2
Episode overview
25, 2023
Picture of the Week. R.I.P. Kevin Mitnick. Apple says: "Thanks, but we'd rather leave." Web Environment Integrity. Web Analytics under the spotlight. More progress on the IoT .. show full overview
1x933
TETRA:BURST
Episode overview
01, 2023
Picture of the Week. Satellite Turla: APT Command and Control in the Sky. OS 17 to further crack down on device fingerprinting. Android to start warning of "unknown trackers". The .. show full overview
1x934
Revisiting Global Privacy Control
Episode overview
08, 2023
Picture of the Week. NASA “shouted” at Voyager. Another view of Microsoft. What about this Chinese attack? AI meets Keyboard Acoustic Side-Channel attacks. Closing the Loop. Revisiting Global Privacy Control.
1x935
“Topics” Arrives
Episode overview
15, 2023
Picture of the Week. Security Now!'s 18th birthday! Closing the Loop. Firefox Multi-Account Containers. A question about Full Disk Encryption on SSD's. Should I run SpinRite before .. show full overview
1x936
When Heuristics Backfire
Episode overview
22, 2023
OpenSUSE goes private. Android to get satellite comms. SanDisk and Western Digital in hot water. You’re asking for it: YouTube children's privacy. Whoopsie! 8Base. Where the money .. show full overview
1x937
The Man in the Middle
Episode overview
29, 2023
Picture of the Week WinRAR v6.23 fixes HTTPS for local networks Portable domains for email Google Topics and monopolies Voyager 2 antenna analysis Windows time settings Unix time in TLS handshakes Fake flash drives Man-in-the-middle attacks
1x938
Apple Says No
Episode overview
05, 2023
Steve provides an update on ValiDrive, his new freeware utility for testing USB drives. There has been another sighting of Google's Topics API, this time on Android phones. Apple has .. show full overview
1x939
LastMess
Episode overview
12, 2023
UK government appears to back down on demands to break encryption in Online Safety Bill Microsoft reveals how China-based hackers acquired secret key used to breach Outlook .. show full overview
1x940
When Hashes Collide
Episode overview
19, 2023
Last week's news about evidence of LastPass vault decryption targeting cryptocurrency keys, and the UK's backing down on its encryption monitoring legislation. How hardware security .. show full overview
1x941
We told you so!
Episode overview
26, 2023
Apple has quietly removed support for Postscript in macOS Ventura. China has formally accused the NSA of hacking and maintaining access to Huawei servers since 2009. A misconfigured .. show full overview
1x942
Encrypting Client Hello
Episode overview
03, 2023
Exim email server ignored ZDI's responsible disclosure of critical remote code execution flaws for over a year, putting millions of servers at risk. Malicious ads are appearing in Bing .. show full overview
1x943
The Top 10 Cybersecurity Misconfigurations
Episode overview
10, 2023
Steve announces the release of his new freeware utility ValiDrive for detecting fake drive capacities. 23andMe claims a recent data breach exposed customer info due to credential .. show full overview
1x944
Abusing HTTP/2 Rapid Reset
Episode overview
17, 2023
ValiDrive release follow-up Passkeys exportability and phishing risk Passkeys for device verification like SSH keys Possibility of hobby browsers vs. production browsers Availability .. show full overview
1x945
The Power of Privilege
Episode overview
24, 2023
How fake drives continue to be sold on Amazon despite negative reviews Microsoft is discontinuing support for the VBScript language The 30-year old NTLM authentication protocol will .. show full overview
1x946
Citrix Bleed
Episode overview
31, 2023
What caused last week's connection interruption? Is it possible to create and maintain an Internet whitelist? What's the latest on LastPass vault decryptions? How do you know of a .. show full overview
1x947
Article 45
Episode overview
07, 2023
Microsoft announced storing their Azure keys in an HSM after previously losing control of a private signing key A quartet of new 0-day vulnerabilities in Exchange Server that Microsoft .. show full overview
1x948
What if a Bit Flipped?
Episode overview
14, 2023
Is your lack of privacy badgering you? And if so what can you do about it? What's the latest on last week's bombshell news of the EU's Article 45 in eIDAS 2.0? Who's lost how much .. show full overview
1x949
Ethernet Turned 50
Episode overview
21, 2023
Privacy and Funding Challenges Facing Signal Messaging App Loss of Advertisers for Twitter After Controversial Tweet by Elon Musk Ransomware Group Files SEC Complaint Against Breached .. show full overview
1x950
Leo turns 67
Episode overview
28, 2023
Adobe Flash Player Updater is (still) desperately trying to update Veracrypt password security Firefox moves to 120 with a bunch of very nice new features Do-Not-Track is back on .. show full overview
1x951
Revisiting Browser Trust
Episode overview
05, 2023
How masked domain owners can be unmasked through ICANN's new Registration Data Request Service (RDRS) WhatsApp's addition of Secret Code for extra privacy protection in Chat .. show full overview
1x952
Quantum Computing Breakthrough
Episode overview
12, 2023
The government collection of push notification metadata Facebook Messenger sets end to end encryption as the default Iran’s Cyber Av3ngers Cisco's Talos Top 10 cyber security exploits .. show full overview
1x953
“Active Listening”
Episode overview
19, 2023
Child protection legislation in the US Meta pushes back on the $200 billion FTC fine for COPPA violation Age verification on the internet Google moving from 3rd party cookies to .. show full overview
1x954
Best of 2023
Episode overview
26, 2023
Steve's Next Password Manager After the LastPass Hack CHESS is Safe Here Come the Fake AI-generated "News" Sites How Bad Guys Use Satellites Microsoft's "Culture of Toxic .. show full overview
1x955
The Mystery of CVE-2023-38606
Episode overview
02, 2024
SpinRite 6.1 update Pruning Root Certificates A solution to Schrodinger's Bowl DNS Benchmark and anti-virus tools Nebula Mesh SpinRite 7 is coming The Mystery of CVE-2023-38606
1x956
The Inside Tracks
Episode overview
09, 2024
More on Apple's hardware backdoor Russian Hacking of Ukranian cameras Russian hackers were inside Ukraine telecoms giant for months Things are still a mess at 23andMe CoinsPaid was .. show full overview
1x957
The Protected Audience API
Episode overview
16, 2024
What would an IoT device look like that HAD been taken over? And speaking of DDoS attacks Trouble in the Quantum Crypto world The Browser Monoculture Question about the Apple .. show full overview
1x958
A Week of News and Listener Views
Episode overview
23, 2024
Microsoft's Top Execs' Emails Breached in Sophisticated Russia-Linked APT Attack US Health and Human Services Breached Firefox vs “The Competition” Brave reduces its .. show full overview
1x959
Stamos on “Microsoft Security”
Episode overview
30, 2024
iOS to allow native Chromium and Firefox engines. An OS immune to ransomware? HP back in the doghouse over "anti-virus" printer bricking The mother of all breaches New "Thou shall .. show full overview
1x960
Unforeseen Consequences
Episode overview
06, 2024
CISA’s “Secure by Design” Initiative The GNU C Library Flaw Fastly CDN switches from OpenSSL to BoringSSL Roskomnadzor asserts itself Google updates Android’s Password .. show full overview
1x961
Bitlocker: Chipped or Cracked?
Episode overview
13, 2024
Toothbrush Botnet “There are too many damn Honeypots!” Remotely accessing your home network securely Going passwordless as an ecommerce site Facebook "old password" .. show full overview
1x962
The Internet Dodged a Bullet
Episode overview
20, 2024
Wyze breach Microsoft patch Tuesday fixes 15 remote code execution flaws Why are there password restrictions? The Canadian Flipper Zero Ban Security on the old internet Using Old .. show full overview
1x963
Web portal? Yes please!
Episode overview
27, 2024
Nevada attempts to block Meta’s end-to-end encryption for minors. A survey of security breaches Edge’s Super-Duper Secure Mode moves into Chrome DoorDash dashes our privacy Avast .. show full overview
1x964
PQ3
Episode overview
05, 2024
"Death, Lonely Death" by Doug Muir, about the decades-old Voyager 1 explorer Cory Doctorow's Visions of the Future Humble Book Bundle CTRL-K shortcut for search on a browser Direct .. show full overview
1x965
Passkeys vs 2FA
Episode overview
12, 2024
VMware needs immediate patching Midnight Blizzard still on the offensive China is quietly "de-American'ing" their networks Signal Version 7.0, now in beta Meta, WhatsApp, and .. show full overview
1x966
Morris The Second
Episode overview
19, 2024
Voyager 1 update The Web turned 35 and Dad is disappointed Automakers sharing driving data with insurance companies A flaw in Passkey thinking Passkeys vs 2fa Sharing accounts with .. show full overview
1x967
GoFetch
Episode overview
26, 2024
Apple vs U.S. DOJ G.M.’s Unbelievably Horrible Driver Data Sharing Ends Super Sushi Samurai Apple has effectively abandoned HomeKit Secure Routers The forthcoming “.INTERNAL” .. show full overview
1x968
A Cautionary Tale
Episode overview
02, 2024
A near-Universal (Local) Linux Elevation of Privilege vulnerability TechCrunch informed AT&T of a 5 year old data breach Signal to get very useful cloud backups Telegram to allow .. show full overview
1x969
Minimum Viable Secure Product
Episode overview
09, 2024
Out-of-support DLink NAS devices contain hard coded backdoor credentials Privnote is not so “Priv” Crowdfense is willing to pay millions Engineers Pinpoint Cause of Voyager 1 Issue, .. show full overview
1x970
GhostRace
Episode overview
16, 2024
An update on the AT&T data breach 340,000 social security numbers leaked Cookie Notice Compliance The GDPR does enforce some transparency Physical router buttons Wifi enabled button .. show full overview
1x971
Chat (out of) Control
Episode overview
23, 2024
What do you call “Stuxnet on steroids”?? Voyager 1 update Android 15 to quarantine apps Thunderbird & Microsoft Exchange China bans Western encrypted messaging apps Gentoo says “no” .. show full overview
1x972
Passkeys: A Shattered Dream?
Episode overview
30, 2024
GCHQ: No more default passwords for consumer IoT devices! What happened with Chrome and 3rd-party cookies? Race conditions and multi-threading GM "accidentally" enrolled millions into .. show full overview
1x973
Not So Fast
Episode overview
07, 2024
The vulnerability of GPS Is the sky falling on all VPN systems? Multi-user Passkeys, YubiKeys? The iCloud Keychain The UK and Google's Topics
1x974
Microsoft’s head in the Clouds
Episode overview
14, 2024
Picture of the Week. Most to least common 4-digit pins. Enhanced LORAN. Passkeys. Microsoft's Head in the Clouds.
1x975
312 Scientists & Researchers Respond
Episode overview
21, 2024
When you’re the biggest target... Searching for Search How long will a Windows XP machine survive unprotected on the Internet? Free Laundry VPNs and Firewalls Netgate SG1100 Ad .. show full overview
1x976
The 50 Gigabyte Privacy Bomb
Episode overview
28, 2024
The bigger problem with AI Overview https://udm14.com/ -and- https://tenbluelinks.org/ The horses have left the barn VPNs and Firewalls Email @ GRC Extension to fix Google .. show full overview
1x977
A Large Language Model in Every Pot
Episode overview
04, 2024
“Tornado Notes” Email @ GRC Have I Been Pwned? A new “supply chain” attack vector Another CA in the DogHouse ICQ to shutter its service Steve reviews “Déjà vu” Hide my .. show full overview
1x978
The rise and fall of code.microsoft.com
Episode overview
11, 2024
MS on Recall changes Thanks for the “Memory” New York Times (and Wordle) leak Apple’s own password manager app DJI drones on the defensive SlashData reveals some interesting .. show full overview
1x979
The Angle of the Dangle
Episode overview
18, 2024
CVE-2024-30078 “Recall” has been recalled Matthew Green on Apple’s Private Cloud Compute A WGET flaw with a CVSS of 10.0? Thou shall not Resolve! Email @ GRC Downloading email with .. show full overview
1x980
The Mixed Blessing of a Crappy PRNG
Episode overview
25, 2024
Expected follow-up on CVE-2024-30078 From Russia with Love An EU privacy agency complains about Google’s Privacy Sandbox? Email @ GRC Security Now SPAM? Orange Tsai needs .. show full overview
1x981
The End of Entrust Trust
Episode overview
02, 2024
The regreSSHion Bug 50BTC moved Voyager 1 Update Email @ GRC SyncThing DNS queries Recall The End of Entrust Trust
1x982
The Polyfill.io Attack
Episode overview
09, 2024
Entrust Responds Other major Certificate Authorities respond Passkey Redaction Attacks Syncing passkeys Port Knocking Fail2Ban The Polyfill.io Attack
1x983
A Snowflake’s Chance
Episode overview
16, 2024
Using Content Delivery Networks Safely The CDK Global Ransomware Attack The IRS and Entrust Polyfill.io fallout Microsoft's Behavior A Snowflake’s Chance
1x984
CrowdStruck
Episode overview
23, 2024
Cellebrite unlocks Trump’s would-be assassin’s phone. Cisco reported on a CVSS of 10.0 Entrust drops the other shoe Google gives up on removing 3rd-party .. show full overview
1x985
Platform Key Disclosure
Episode overview
30, 2024
Crowdstrike post-mortem PiDP-11 What Crowdstrike is fixing Marcus Hutchins on who is to blame Entrust’s Updated Info 3rd-Party Cookie Surprise Security training firm mistakenly .. show full overview
1x986
How Revoking!
Episode overview
06, 2024
Platform Key Disclosure Firefox’s 3rd-party Cookie mess The W3C Finally Weighs-in CrowdStrike Damages. GRC’s Email How Revoking!
1x987
Rethinking Revocation
Episode overview
13, 2024
Sitting Ducks DNS attack A Bad RCE in another Microsoft server SinkClose The CLFS.SYS BSoD IsBootSecure Rethinking Revocation
1x988
National Public Data
Episode overview
20, 2024
Revocation Update GRC’s next experiment Patch Tuesday “The Famous Computer Café” IsBootSecure GRC Email Working through WiFi Firewalls Transferring DNS OCSP attestation vs. TLS expiration Platform key expiration National Public Data
1x989
Cascading Bloom Filters
Episode overview
27, 2024
CrowdStrike Exec's "Most Epic Fail" Award Hardware backdoors discovered in Chinese-made key cards Counterfeit CISCO networking gear SpinRite Errata NPD breach updates from listeners Looking back at old SN episodes Cascading Bloom Filters
1x990
Is Telegram an Encrypted App?
Episode overview
03, 2024
Telegram puts End-to-End Privacy in the Crosshairs Free security logging is good for everyone CrowdStrike hemorrhaging customers Microsoft to meet privately with EDR (Endpoint .. show full overview
1x991
RAMBO
Episode overview
10, 2024
Offer to uninstall Recall was a bug, not a feature YubiKeys can be cloned Miscellany Is WhatsApp secure? Telegram vs Signal French elevators Freezing your credit The Quiet .. show full overview
1x992
Password Manager Injection Attacks
Episode overview
17, 2024
Windows Endpoint Security Ecosystem Summit Aging storage media does NOT last forever How Navy chiefs conspired to get themselves illegal warship Wi-Fi adam:ONE named the #1 best .. show full overview
1x993
Kaspersky exits the U.S.
Episode overview
24, 2024
The case of the exploding pagers and walkie-talkies “Ford seeks patent for tech that listens to driver conversations to serve ads” Another large chunk of personal data .. show full overview
1x994
Recall's Re-Rollout
Episode overview
01, 2024
The Linux remote code execution flaw The CRUCIAL importance of Domain Control Security Roskomnadzor strikes a discordant note VLC gets a security update Tor and Tails Merge Telegram .. show full overview
1x995
uBlock Origin & Manifest V3
Episode overview
08, 2024
Facebook’s parent Meta not hashing passwords A New, forthcoming PayPal default opts their users into merchant data sharing DDoS breaks another record Speaking of these ASUS .. show full overview
1x996
BIMI (up Scotty)
Episode overview
15, 2024
uBlock Origin to the rescue National Public Data files for bankruptcy Will the .IO top level domain be disappearing? Patch Tuesday Firefox under attack Miscellany Sci-Fi The .. show full overview
1x997
Credential Exchange Protocol
Episode overview
22, 2024
Did Chinese researchers really break RSA encryption? What did they do? What next-level terror extortion is being powered by the NPD breach data? The EU to hold software companies .. show full overview
1x998
The Endless Journey to IPv6
Episode overview
29, 2024
Apple proposes 45-day maximum certificate life. SEC fines four companies for downplaying their SolarWinds attack severity. Google adds 5 new features to Messenger including .. show full overview
1x999
AI Vulnerability Discovery
Episode overview
05, 2024
Google's record-breaking fine by Russia. (How many 0's is that?) RT's editor-in-chief admits that their TV hosts are AI-generated. Windows 10 security updates set to end next .. show full overview
1x1000
1000!
Episode overview
12, 2024
Did Bitwarden go closed-source? The rights of German security researchers are clarified. Australia to impose age limits on social media. Free Windows Server 2025 anyone? UAC wasn’t .. show full overview
1x1001
TBA
Episode overview
19, 2024
This episode has no summary.

Characters