Security Now (MP3)Author: TWiT
21 Nov 2018

Security Now (MP3)

Download, listen or watch all podcasts

Steve Gibson, the man who coined the term spyware and created the first anti-spyware program, creator of Spinrite and ShieldsUP, discusses the hot topics in security today with Leo Laporte. Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 21:30 UTC.

  • Listen

    SN 690: Are Passwords Immortal?

    Security Now (Audio)

    • All the action at last week's Pwn2Own Mobile hacking contest
    • The final word on processor mis-design in the Meltdown/Spectre era
    • A workable solution for unsupported Intel firmware upgrades for hostile environments
    • A forthcoming Firefox breach alert feature
    • The expected takeover of exposed Docker-offering servershe recently announced successor to recently ratified HTTP/2
    • 1.1.1.1 errata
    • The future of passwords: a thoughtful article written by Troy Hunt, the creator of the popular "Have I Been Pwned" web service

    We invite you to read our show notes.

    Hosts: Steve Gibson and Leo Laporte

    Download or subscribe to this show at https://twit.tv/shows/security-now.

    You can submit a question to Security Now! at the GRC Feedback Page.

    For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

    Sponsors:


  • Posted on 21 Nov 2018

    download
  • Listen

    SN 689: Self-Decrypting Drives

    Security Now (Audio)

    • Last month's Patch Tuesday, this month
    • A GDPR-inspired lawsuit filed by Privacy International
    • Check these two router ports to protect against a new botnet that's making the rounds
    • Another irresponsibly disclosed zero-day, this time in Virtual Box
    • CloudFlare's release of a very cool 1.1.1.1 app for iOS and Android
    • Microsoft's caution about the in-RAM vulnerabilities of the BitLocker whole drive encryption
    • A deep dive into last week's worrisome revelation about the lack of true security being offered by today's Self-Encrypting SSD drives.

    We invite you to read our show notes.

    Hosts: Steve Gibson and Leo Laporte

    Download or subscribe to this show at https://twit.tv/shows/security-now.

    You can submit a question to Security Now! at the GRC Feedback Page.

    For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

    Sponsors:


  • Posted on 14 Nov 2018

    download
  • Listen

    SN 688: PortSmash

    Security Now (Audio)

    • A close look at the impact and implication of the new "PortSmash" attack against Intel (and almost certainly other) processors.
    • The new "BleedingBit" Bluetooth flaws
    • JavaScript is no longer optional with Google
    • A new Microsoft Edge browser 0-day
    • Windows Defender plays in its own sandbox
    • Microsoft and SysInternals news
    • The further evolution of the CAPTCHA
    • The 30th anniversary of the Internet's first worm
    • A bizarre requirement of Ransomware
    • A nice new bit of security non-tech from Apple

    We invite you to read our show notes

    Hosts: Steve Gibson and Leo Laporte

    Download or subscribe to this show at https://twit.tv/shows/security-now.

    You can submit a question to Security Now! at the GRC Feedback Page.

    For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

    Sponsors:


  • Posted on 07 Nov 2018

    download
  • Listen

    SN 687: Securing the Vending Machine

    Security Now (Audio)

    More Zero-day exploits in Windows 10, publicly exposed Docker Engine APIs, Google's plan to fix Android, the DoD is expanding its existing "Hack the Pentagon" bug-bounty program to include hardware assets, the going rate for DDoS-for-Hire, and Steve has the answer to our vending machine conundrum from last week.

    We invite you to read our show notes.

    Hosts: Leo Laporte and Steve Gibson

    Download or subscribe to this show at https://twit.tv/shows/security-now.

    You can submit a question to Security Now! at the GRC Feedback Page.

    For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

    Sponsors:


  • Posted on 31 Oct 2018

    download
  • Listen

    SN 686: Libssh's Big Whoopsie!

    Security Now (Audio)

    This week a widely used embedded OS (FreeRTOS) is in the doghouse, as are at least eight D-Link routers which have serious problems most of which D-Link has stated will never be patched. We look at five new problems in Drupal 7 and 8, two of which are rated critical, trouble with Live Networks RTSP streaming server, still more trouble with the now-infamous Windows 10 Build 1809 feature update, and a long standing 0-day in the widely used and most popular plugin for jQuery. We then look at what can only be described as an embarrassing mistake in the open source libssh library, and we conclude by examining a fun recent hack and pose its solution to our audience as our Security Now Puzzler of the Week!

    We invite you to read our show notes.

    Hosts: Steve Gibson and Leo Laporte

    Download or subscribe to this show at https://twit.tv/shows/security-now.

    You can submit a question to Security Now! at the GRC Feedback Page.

    For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

    Sponsors:


  • Posted on 24 Oct 2018

    download

Follow Playlisto