Security Now

Subscribe to Security Now feed Security Now
Steve Gibson, the man who coined the term spyware and created the first anti-spyware program, creator of Spinrite and ShieldsUP, discusses the hot topics in security today with Leo Laporte. Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 20:30 UTC.
Updated: 6 hours 46 min ago

SN 659: Never a Dull Moment

Tue, 04/17/2018 - 19:56

This week we discuss AMD's release of their long-awaited Spectre variant 2 microcode patches, the end of Telegram messenger in Russia, the on-time arrival of Drupalgeddon2, Firefox and TLS v1.3, the new and widespread UPnProxy attacks, Microsoft's reversal on no longer providing Windows security updates without A/V installed, Google Chrome's decision to prematurely remove HTTP cookies, the Android "patch gap", renewed worries over old and insecure Bitcoin crypto, new attacks on old IIS, a WhatsApp photo used for police forensics, and an IoT vulnerability from our "you can't make this stuff up" department.

We invite you to read our show notes.

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Bandwidth for Security Now is provided by CacheFly.

Sponsors:

Categories: Podcasts, Technology

SN 658: Deprecating TLS 1.0 & 1.1

Tue, 04/10/2018 - 17:50

This week we discuss Intel's big Spectre microcode announcement, Telegram is not long for Russia, the US law enforcement's continuing push for "lawful decryption", more state-level net neutrality news, Win10's replacement for "Disk Cleanup", a bug bounty policy update, some follow-up to last week's Quad-1 DNS conversation, why clocks had been running slow throughout Europe... then a look at the deprecation of earlier version of TLS and a big Cisco mistake.

We invite you to read our show notes.

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Bandwidth for Security Now is provided by CacheFly.

Sponsors:

Categories: Podcasts, Technology

SN 657: ProtonMail

Tue, 04/03/2018 - 20:12

This week we discuss "DrupalGeddon2", Cloudflare's new DNS offering, a reminder about GRC's DNS Benchmark, Microsoft's Meltdown meltdown, the persistent iOS QR Code flaw and its long-awaited v11.3 update, another VPN user IP leak, more bug bounty news, an ill-fated-seeming new eMail initiative, Free electricity, a policy change at Google's Chrome store, another "please change your passwords" after another website breach, a bit of miscellany, a heart-warming SpinRite report, some closing the loop feedback from our terrific listeners, and a closer look at the Swiss encrypted ProtonMail service.

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Bandwidth for Security Now is provided by CacheFly.

Sponsors:

Categories: Podcasts, Technology

SN 656: TLS v1.3 Happens

Tue, 03/27/2018 - 20:25

The mess with US voting machines, technology's inherent security vs convenience tradeoff, the evolving 2018 global threat landscape, welcome news on the bug bounty front from Netflix and Dropbox, we have the interesting results of Stack Overflow's 8th annual survey of 101,592 developers, worrisome news on the US government data overreach front, some useful and important new web browser features, messenger app troubles, a CRITICAL Drupal updated coming tomorrow, some welcome news for DNS security & privacy, a bit of miscellany and a look at the just-ratified TLS v1.3.

We invite you to read our show notes.

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Bandwidth for Security Now is provided by CacheFly.

Sponsors:

Categories: Podcasts, Technology