A listener calls out Bob’s 2008 prediction for a massive Mac trojan horse. Which didn’t happen…or did we just miss it by a hair? What happened?!? Why isn’t it the end of the world as the Mac fans know it? Also, Account Security Questions…aka “Know Your Customer” (KYC). Is this the best we security practitioners [...]Listen | Listen in your iPhone | Download | View full cache |
Security Hype 9.1-MD5 and SSL-A Public CA’s perspective - Voicemail line 1-866-527-6606You’ve read about the attacks against MD5/SSL, but what did the public CAs do? Ignore the hype and hear from a real CA what this attack meant and what lessons you can take away for future crypto vulnerabilities.
Bill and Bob discuss the hype behind “Internet Security is TOTALLY BROKEN now!” and “SSL IS DEAD!” We [...]Listen | Listen in your iPhone | Download | View full cache |
Security Hype 8.4 - Whitelisting?Bill and Bob briefly discuss the notion of whitelist: is this a feature you need to buy or should you it come with the OS?
Listen | Listen in your iPhone | Download | View full cache |
Security Hype 8.3-Security In the News - Voicemail line 1-866-527-6606In this episode, Bill and Bob debunk recent articles on computer security.
Gambling site brought to its knees by ‘unstoppable’ botnet -http://software.silicon.com/security/0,39024655,39170296,00.htm?r=11
Computer Users Expect More Mac Attacks -http://www.informationweek.com/security/showArticle.jhtml?articleID=206504189
Cyberthieves go phishing to rob banks -http://www.cnn.com/2008/TECH/02/12/cyber.thieves/index.html?eref=rss_topstories
State of the Malware Nation - http://b ... Listen | Listen in your iPhone | Download | View full cache |
Security Hype 8.2-Industry Predictions for 2008 - Voicemail line 1-866-527-6606Bill and Bob discuss what other people think are the information security trends for 2008.
Paul Kocher’s theory is that you don’t “win” at security, the best you can hope for is to be able to keep playing: a “stalemate” mentality versus a “checkmate” mentality. That’s a great theory, but Bill’s trying to figure out how [...]Listen | Listen in your iPhone | Download | View full cache |
Security Hype 8.1-Our Predictions for 2008 - Voicemail line 1-866-527-6606Show Notes for 8.1:
Shout-outs to:
Thank you to the mysterious and powerful Bill @ Apple for technical assistance
Thank you to Wil Becker (http://ironwil.net/blog/) for adding us to his blogroll - THANKS!
Bob’s sarcastic predictions:
Microsoft will claim that Vista will be the most secure OS EVAR!
Virtualization will prove to be a new shiny toy for malware authors. [...]Listen | Listen in your iPhone | Download | View full cache |
Security Hype 7.12-Vista UAC a year later, MiTM attacks at the office, Crypto Key Size Recommendations, Macs under attack - Voicemail line 1-866-527-6606How paranoid are you? keylength.com
What RSA keysizes are you using at your company? What is your guidance? Are you sticking with RSA or moving to ECC?
Macs are under attack (include link to new trojan house): http://machinist.salon.com/blog/2007/11/02/mac_trojan/
eweek article link
full disclosure versus responsible disclosure (link to resp. disclosure RFC)
mac versus windows updates: Windows does a better job [...]Listen | Listen in your iPhone | Download | View full cache |
Security Hype 7.11-Listener feedback, how do you tell if your network is being monitered, and new security in FireFox 3 - Voicemail line 1-866-527-6606.Bill and Bob address listener feedback on SiteKey and the security distinction between signature versus encryption. Bill’s Paypal securitykey arrived, and he reviews the activation process and tries it out for few days. Despite the fact that it won’t protect against phishing attacks, find out why he ended up deactivating it on his ebay account [...]Listen | Listen in your iPhone | Download | View full cache |
Security Hype 7.10-SecurityCartoon.com - Voicemail line 1-866-527-6606Bill and Bob interview Dr. Markus Jakobsson and Dr. Sukamol Srikwan, creators of SecurityCartoon.com. It’s not your ordinary comic strip: Over a year of research when into this innovative and friendly information security educational methodology. Learn the background on this effective security countermeasure and why everyone — especially information security professionals — need to pay [...]Listen | Listen in your iPhone | Download | View full cache |
Security Hype 7.9-How Netscape tried to keep ahead of the hackers. Voicemail line 1-866-527-6606.Bill and Bob invite Bob Relyea back to reminisce on Netscape’s early challenges to keep “strong crypto” out of the hands on “non US Domestic” persons, as declared by US Export Restrictions laws. The race was one! You’ll hear what Netscape crypto engineers did to try to stay ahead of the hackers, and the level [...]Listen | Listen in your iPhone | Download | View full cache |
RSS Feed
