Powered by RND
Écoutez Security Now (Audio) dans l'application
Écoutez Security Now (Audio) dans l'application
(48 139)(250 169)
Sauvegarde des favoris
Réveil
Minuteur
Sauvegarde des favoris
Réveil
Minuteur
AccueilPodcastsTechnologies
Security Now (Audio)

Security Now (Audio)

Podcast Security Now (Audio)
Podcast Security Now (Audio)

Security Now (Audio)

TWiT
ajouter
Steve Gibson, the man who coined the term spyware and created the first anti-spyware program, creator of SpinRite and ShieldsUP, discusses the hot topics in sec...
Voir plus
Steve Gibson, the man who coined the term spyware and created the first anti-spyware program, creator of SpinRite and ShieldsUP, discusses the hot topics in sec...
Voir plus

Épisodes disponibles

5 sur 10
  • SN 940: When Hashes Collide - Secure-wipe best practices, browser identity segregation, bye bye Twitter (X)
    Last week's news about evidence of LastPass vault decryption targeting cryptocurrency keys, and the UK's backing down on its encryption monitoring legislation. How hardware security modules (HSMs) allow cryptographic operations like code signing without exposing private keys. Browser identity segregation using multiple profiles rather than separate browsers. Requirements and best practices for securely wiping data from modern solid state drives. A countdown clock for the 32-bit UNIX time rollover in the year 2038. Steve's plan to move off Twitter and onto email lists for Security Now communication. A deep dive into cryptographic hash collisions, using fewer hash bits, and balancing anonymity with statistical meaning. Show Notes - https://www.grc.com/sn/SN-940-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: bitwarden.com/twit joindeleteme.com/twit promo code TWIT drata.com/twit
    19/09/2023
    2:06:00
  • SN 939: LastMess - Online Safety Bill, Microsoft Outlook breach details, auto brand data privacy
    UK government appears to back down on demands to break encryption in Online Safety Bill Microsoft reveals how China-based hackers acquired secret key used to breach Outlook accounts Multiple flaws allowed key to improperly leave highly secure environment Mozilla research finds all major auto brands fail on privacy protection Evidence suggests LastPass encrypted vault data is being decrypted Researchers tie $35M in crypto thefts to compromised LastPass accounts Brute force feasible on old low iteration count passwords Show Notes - https://www.grc.com/sn/SN-939-Notes.pdf Hosts: Steve Gibson and Jason Howell Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: cs.co/twit GO.ACILEARNING.COM/TWIT panoptica.app
    12/09/2023
    2:00:35
  • SN 938: Apple Says No - Topics coming to Android, Apple security research, browser extension vulnerabilities
    Steve provides an update on ValiDrive, his new freeware utility for testing USB drives. It identifies bogus mass storage drives and performance differences between drives. There has been another sighting of Google's Topics API, this time on Android phones. It allows apps to get information about users' interests based on recent app usage. Apple has opened up their iPhones to security researchers through their Security Research Device program since 2019. Researchers get access to customize kernels, entitlements, and other low-level features without compromising security. Research reveals vulnerabilities in browser extensions that allow them to steal plaintext passwords from a website's HTML source code. Even sites like Google, Facebook, Amazon, IRS, and Capital One are affected. Feedback from listeners on topics like Apple's stance on scanning iCloud data for CSAM, Microsoft's broken TLS timestamp implementation, using VirusTotal to check downloaded files, ReadSpeed limitations, and downloading malware for VirusTotal checks. Apple publicly shares a letter from a CSAM activist demanding they implement scanning to detect child abuse images in iCloud Photos. Apple responds clearly stating they will not compromise user privacy and security to do so. Show Notes - https://www.grc.com/sn/SN-938-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: drata.com/twit panoptica.app canary.tools/twit - use code: TWIT
    05/09/2023
    2:02:34
  • SN 937: The Man in the Middle - WinRAR v6.23, fake flash drives, Voyager2 antenna, Google Topics
    Picture of the Week: Steve shares a funny "what we say vs what we mean" image about tech support conversations. WinRAR v6.23 fixes: Steve explains that updating to the latest WinRAR is more important than initially thought, with two critical vulnerabilities being actively exploited by hackers since April to install malware. HTTPS for local networks: Responding to listener email, Steve agrees HTTP is fine for local network devices like routers but notes risks in larger corporate networks. Portable domains for email: Steve endorses a listener suggestion to purchase your own domain and use third-party services, retaining control if a provider shuts down. Google Topics and monopolies: Steve and Leo debate whether Topics favors large advertisers with greater reach to get user targeting data. Voyager 2 antenna analysis: A listener calculates the antenna beam width mathematically, showing 2 degrees off-axis may not be as remarkable as it sounded. Windows time settings: Steve clarifies the STS issue does not impact end users changing Windows clock settings, it's enterprise server-side. Unix time in TLS handshakes: The hosts discuss why Unix time stamps are sent but not required for TLS, tracing back to early nonce generation. Fake flash drives: Steve warns of a slew of fake high-capacity thumb drives flooding the market, explaining how SpinRite tests detected the flaw. Man-in-the-middle attacks: While agreeing HTTPS helps prevent malicious injection, Steve examines MITM attack practicality, arguing they are difficult for hackers to pull off. Show Notes - https://www.grc.com/sn/SN-937-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: kolide.com/securitynow canary.tools/twit - use code: TWIT Building Cyber Resilience Podcast
    29/08/2023
    2:09:45
  • SN 936: When Heuristics Backfire - OpenSUSE, SanDisk and Western Digital, 8Base, TSSHOCK
    OpenSUSE goes private. Android to get satellite comms. SanDisk and Western Digital in hot water. You're asking for it: YouTube children's privacy. Whoopsie! 8Base. Where the money is. The TSSHOCK vulnerability. BitForge. A Quantum resilient security key. Removed Chrome extensions notifications. HTTPS by default? WinRAR 6.23 final released. Closing the Loop. When Heuristics Backfire. Show Notes - https://www.grc.com/sn/SN-936-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: panoptica.app kolide.com/securitynow joindeleteme.com/twit promo code TWIT
    22/08/2023
    2:13:07

Plus de podcasts Technologies

À propos de Security Now (Audio)

Steve Gibson, the man who coined the term spyware and created the first anti-spyware program, creator of SpinRite and ShieldsUP, discusses the hot topics in security today with Leo Laporte. Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 20:30 UTC.
Site web du podcast

Écoutez Security Now (Audio), iWeek (la semaine Apple) ou d'autres radios du monde entier - avec l'app de radio.fr

Security Now (Audio)

Security Now (Audio)

Téléchargez gratuitement et écoutez facilement la radio.

Google Play StoreApp Store

Security Now (Audio): Podcasts du groupe