 Primary Format :
Language :
Also Listed as:
City :
State/Province :
User Tags:
User Votes:
 RSS Feed
Website
People found this Podcast
Searching for:
View this Podcast on a Google Map. 
 Text Only listing of Security Hype Podcasts
 Methings.com listings of Security Hype Podcasts
If you like this podcast, you might also like:
|
View the full archive of Security Hype
Security Hype 8.4 - Whitelisting?Bill and Bob briefly discuss the notion of whitelist: is this a feature you need to buy or should you it come with the OS?
Listen | Listen in your iPhone | Download | View full cache |
Security Hype 9.1-MD5 and SSL-A Public CA’s perspective - Voicemail line 1-866-527-6606You’ve read about the attacks against MD5/SSL, but what did the public CAs do? Ignore the hype and hear from a real CA what this attack meant and what lessons you can take away for future crypto vulnerabilities.
Bill and Bob discuss the hype behind “Internet Security is TOTALLY BROKEN now!” and “SSL IS DEAD!” We [...]Listen | Listen in your iPhone | Download | View full cache |
Security Hype 9.2-Listener Feedback and Security Questions Voicemail line 1-866-527-6606A listener calls out Bob’s 2008 prediction for a massive Mac trojan horse. Which didn’t happen…or did we just miss it by a hair? What happened?!? Why isn’t it the end of the world as the Mac fans know it? Also, Account Security Questions…aka “Know Your Customer” (KYC). Is this the best we security practitioners [...]Listen | Listen in your iPhone | Download | View full cache |
Security Hype 7.1-SSL and phishable PayPal tokensBill and Bob discuss misinformation about SSL represented in the February issue of Popular Mechanics and from BEA technical documents. We also discuss why hackers aren’t concerned by PayPal’s announcement to issue One Time Password (OTP) tokens to protect their members: the hackers already know how to defeat them.
(Technical glitch: the 8-second gap in [...]Listen | Listen in your iPhone | Download | View full cache |
Security Hype 7.2-How banks encourage fraud, ways to reduce getting phished, first S/MIME discussionMany banks encourage phishing through their use of inconsistent user interfaces and the improper use of SSL, both putting their customers’ credentials at risk. Financial institutions invent their own email security schemes that are readily copied by hackers and provide no real security. Bill and Bob describe several examples of how bad web [...]Listen | Listen in your iPhone | Download | View full cache |
Security Hype 7.3-RSA 2007 Conference Roundup, Vendor SmackdownBob and Bill discuss their impressions of the RSA 2007 Security Conference. It seems to be getting less “technical” and more “business focused”, but Bill was underwhelmed. Bob notices that all the good security company names are taken. What were your thoughts of the conference, did you find it as helpful as previous years?In the [...]Listen | Listen in your iPhone | Download | View full cache |
Security Hype 7.4-OCSP, CRL, and Vista’s new SSL tricksBill and Bob catch up on listener feedback, then delve into more details about digital certificates. Certificates and private keys may become compromised before they expire. CRL and OCSP are two methods that applications and systems can verify the status of digital certificates. Microsoft Vista, for the first time, now performs certificate [...]Listen | Listen in your iPhone | Download | View full cache |
Security Hype 7.5-CreditCard Skimming, Setting up Secure EmailBill and Bob discuss credit card skimming, how is this risk different than exposing your CC number over the Internet? In this episode you’ll learn how to secure your email using FireFox and Thunderbird. You’re using 2048-bit RSA keys, right? And you’re backing up your digital certificates and private keys too, yes? Once you get [...]Listen | Listen in your iPhone | Download | View full cache |
Security Hype 7.6-SiteKey (not) broken and Mozilla’s radical Security UI ideaBill and Bob peel back the hype on “SiteKey is broken!” claims and find that it’s working as designed. SiteKey isn’t broken, but computer security user interface design IS broken. User’s don’t know how to evaluate when computer systems are behaving securely, and are struggling to stay safe on the Internet.
New MIT & Harvard research [...]Listen | Listen in your iPhone | Download | View full cache |
Security Hype 7.7-RSA Key hack revisited, AACS in depth with Bob RelyeaBob Relyea, a PKI and cryptographic engineer, joins Bill and Bob to discuss the recent RSA and AACS key compromises in depth.
In the news, we’ve been reading about how researchers have been able to factor a very large number which is 307 digits long. Bob Relyea helps us understand if these results help spell [...]Listen | Listen in your iPhone | Download | View full cache |
Security Hype 7.8-Bob Relyea AACS Part 2: Practical implications of key compromises. Voicemail line 1-866-527-6606Bill and Bob wrap up their interview with Bob Relyea who describes the practical implications to the AACS key compromise.
Bill recounts the story of the satellite pirates who were locked out by DirecTV in the middle of the Superbowl, sometimes called “Black Sunday”. DirecTV had been slowly downloading a pirate detection and lockout routine, [...]Listen | Listen in your iPhone | Download | View full cache |
Security Hype 7.9-How Netscape tried to keep ahead of the hackers. Voicemail line 1-866-527-6606.Bill and Bob invite Bob Relyea back to reminisce on Netscape’s early challenges to keep “strong crypto” out of the hands on “non US Domestic” persons, as declared by US Export Restrictions laws. The race was one! You’ll hear what Netscape crypto engineers did to try to stay ahead of the hackers, and the level [...]Listen | Listen in your iPhone | Download | View full cache |
Security Hype 7.10-SecurityCartoon.com - Voicemail line 1-866-527-6606Bill and Bob interview Dr. Markus Jakobsson and Dr. Sukamol Srikwan, creators of SecurityCartoon.com. It’s not your ordinary comic strip: Over a year of research when into this innovative and friendly information security educational methodology. Learn the background on this effective security countermeasure and why everyone — especially information security professionals — need to pay [...]Listen | Listen in your iPhone | Download | View full cache |
Security Hype 7.11-Listener feedback, how do you tell if your network is being monitered, and new security in FireFox 3 - Voicemail line 1-866-527-6606.Bill and Bob address listener feedback on SiteKey and the security distinction between signature versus encryption. Bill’s Paypal securitykey arrived, and he reviews the activation process and tries it out for few days. Despite the fact that it won’t protect against phishing attacks, find out why he ended up deactivating it on his ebay account [...]Listen | Listen in your iPhone | Download | View full cache |
Security Hype 7.12-Vista UAC a year later, MiTM attacks at the office, Crypto Key Size Recommendations, Macs under attack - Voicemail line 1-866-527-6606How paranoid are you? keylength.com
What RSA keysizes are you using at your company? What is your guidance? Are you sticking with RSA or moving to ECC?
Macs are under attack (include link to new trojan house): http://machinist.salon.com/blog/2007/11/02/mac_trojan/
eweek article link
full disclosure versus responsible disclosure (link to resp. disclosure RFC)
mac versus windows updates: Windows does a better job [...]Listen | Listen in your iPhone | Download | View full cache |
Security Hype 8.1-Our Predictions for 2008 - Voicemail line 1-866-527-6606Show Notes for 8.1:
Shout-outs to:
Thank you to the mysterious and powerful Bill @ Apple for technical assistance
Thank you to Wil Becker (http://ironwil.net/blog/) for adding us to his blogroll - THANKS!
Bob’s sarcastic predictions:
Microsoft will claim that Vista will be the most secure OS EVAR!
Virtualization will prove to be a new shiny toy for malware authors. [...]Listen | Listen in your iPhone | Download | View full cache |
Security Hype 8.2-Industry Predictions for 2008 - Voicemail line 1-866-527-6606Bill and Bob discuss what other people think are the information security trends for 2008.
Paul Kocher’s theory is that you don’t “win” at security, the best you can hope for is to be able to keep playing: a “stalemate” mentality versus a “checkmate” mentality. That’s a great theory, but Bill’s trying to figure out how [...]Listen | Listen in your iPhone | Download | View full cache |
Security Hype 8.3-Security In the News - Voicemail line 1-866-527-6606In this episode, Bill and Bob debunk recent articles on computer security.
Gambling site brought to its knees by ‘unstoppable’ botnet -http://software.silicon.com/security/0,39024655,39170296,00.htm?r=11
Computer Users Expect More Mac Attacks -http://www.informationweek.com/security/showArticle.jhtml?articleID=206504189
Cyberthieves go phishing to rob banks -http://www.cnn.com/2008/TECH/02/12/cyber.thieves/index.html?eref=rss_topstories
State of the Malware Nation - http://b ... Listen | Listen in your iPhone | Download | View full cache |
|
