Security Now - 16k MP3

Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

After catching up with only a small bit of the week's security news, Leo and I discuss the recent revelation of a fundamental security flaw in the functioning of the WiFi WPA standard. WiFi Access Points, following the certification-mandated default configuration, allow an attacker to obtain network access within just a few hours.

Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

After catching up with just a bit of year-end security news, for their special holiday episode, Steve and Leo review their favorite Science Fiction books and movies, pulling the commentary they have previously scattered throughout many years into a single reference.

Tom and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

We had so much news this week that it squeezed out our show's planned topic of Google's new SDPY web browser protocol. So we'll tackle that early next year. In the meantime, Leo and Steve will discuss the news of this very active week!

Tom and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

After catching up with the week's news, Leo and I examine the operation of Mozilla's solution to the need for secure, reliable and easy-to-use establishment of online Internet identity known as: BrowserID. We also compare it with all of the other existing technologies and solutions we've discussed before.

Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

The day before recording this podcast in the studio with Leo, I attended an annual Internet privacy conference. After catching up with the week's security news, updates, and errata, I share what I saw and learned during the conference, including three VERY promising new privacy and authentication tools.

Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

After catching up with the week's news, Leo and I return this week to our "How the Internet Works" fundamentals series. We examine the challenges presented by "packet-based connections" to further understand the operation of the Internet's most popular and complex protocol: TCP.

Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

After catching up with the week's news, Leo and I return this week to our "How the Internet Works" fundamentals series. We examine the operation of the various attacks that have been made through the years against the Internet's most popular and complex protocol: TCP.

Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

After catching up with the week's security news, Steve and Leo examine the implications of a recent Internet-wide exploit known as BEAST: Browser Exploits Against SSL/TLS. They share the process used by the discoverers of an exploit for this long-known vulnerability and consider its implications.

Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

After catching up with just a bit of the past week's news, Leo and I explore the most mature potential replacement for the Internet's existing (and failing) "trust model" which has always been based upon the unequivocal trust of Certificate Authorities.

Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

After catching up with a week of the amazing news of the security breach of the DigiNotar certificate authority, Steve and Leo continue their "How the Internet Works" series with the first of several episodes describing the operation of the Internet's most used protocol: TCP.

Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

After catching up with the week's news, I explain my goals, development process, and operation of the "Off The Grid" paper-based encryption system I developed for use in encrypting website domain names into matching secure website passwords.

Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

After catching up with a busy week of security updates, and some miscellaneous fun security news, Tom & I return for the second installment of "How The Internet Works" with a look at the ICMP and UDP protocols.

Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

This week, after catching up with a collection of interesting security events, Leo and I take a close look at a recently discovered security coding error, examining exactly how and why it occurred, to understand how easily these kinds of mistakes can be made... and how difficult it can be to EVER find them all.

Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

This week, after catching up with our usual grab bag of Internet-related security and privacy news, including another Microsoft Patch Tuesday, Leo and I plow into the first of a series of forthcoming episodes, which will be spread out over time, describing the detailed technical operation of the ever-more-ubiquitous global Internet.

Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

This week, after catching up on the week's security and privacy news, Steve and Leo take a look at the state of Identity Management in Cyberspace with the U.S. Government's publication of its NSTIC - National Strategy for Trusted Identities in Cyberspace.

Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

This week, after catching up on the week's security and privacy news, Steve and Leo take a close look at "Ghostery," a highly recommended, multi-OS, multi-browser extension that reveals all of the tracking bugs and cookies websites are hosting to track us, and optionally allows them to be blocked.

Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

Steve shares something of a revelation about the true nature of passwords and why "password entropy" really doesn't matter as much as has long been believed. He explains, therefore, how it's possible for passwords to be both memorable AND impossible to crack at the same time.

Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

After catching up with the week's security and privacy news, we conclude our two-part series discussing the need for, and applications of, random and pseudo-random numbers. We discuss the ways in which a computer, which cannot produce random numbers, can be programmed to do an extremely good job.

Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

This week's security news and events took up so much time that we didn't have time to cover the entire topic of "Randomness" in security and cryptography. So we split the topic into two parts. This first week we open the topic and explain the background, problem and need. Week after next we'll plow into the solutions.

Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

After catching up with a number of extra-interesting security news of the week, Steve and Leo explore the recently raised suggestion that using a three word "pass-sentence" such as "I like tomatoes" would be MORE secure (and far more memorable) than "J4f6<2". Short sentences are certainly easier to remember... but more secure?

Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

After catching up with the past week's very busy security news, Leo and I closely examine the circumstances and repercussions surrounding the mid-March breach of the Comodo SSL certificate authority certificate signing system.

Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

After catching up with a great deal of security news and interesting computer industry miscellania, Steve shares everything he has recently learned from his extensive study into the new security and privacy features of IE9.

Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

After catching up with a very busy week of software updates and wide-ranging security news, Steve & Leo discuss the revelations documented in Symantec's comprehensive "Stuxnet Dossier."

Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

After catching up with the week's security updates and other security-related news, Leo and I discuss the many modes of operation of "Proxied Web Surfing" which are used to bypass firewalls and Internet filters, aid free speech, and alter the contents of web pages retrieved from the Internet.

Tom Merritt and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.

This week, after catching up with a busy "Patch Tuesday," Tom Merritt and I explore the fascinating crypto technology developed to create "BitCoin," the Internet's decentralized peer-to-peer completely private online currency exchange system.