Sat, 27 May 2017 15:47:59 +0100 Wed, 15 Apr 2020 10:26:09 +0100 https://twit.tv/shows/security-now en-US This work is licensed under a Creative Commons License - Attribution-NonCommercial-NoDerivatives 4.0 International - http://creativecommons.org/licenses/by-nc-nd/4.0/ 14400 Technology Security http://twit.cachefly.net/coverart/sn/sn144audio.jpg https://twit.tv/shows/security-now 144 144 TWiT Steve Gibson discusses the hot topics in security today with Leo Laporte. Steve Gibson, the man who coined the term spyware and created the first anti-spyware program, creator of Spinrite and ShieldsUP, discusses the hot topics in security today with Leo Laporte. Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 20:30 UTC. Steve Gibson, the man who coined the term spyware and created the first anti-spyware program, creator of Spinrite and ShieldsUP, discusses the hot topics in security today with Leo Laporte. Records live at https://twit.tv/live every Tuesday. TWiT, Technology, Steve Gibson, Leo Laporte, security, spyware, malware, hacking, cyber crime, encryption false no Leo Laporte distro@twit.tv Wed, 28 Dec 2011 18:00:00 -0800 http://media.grc.com/sn/sn-333-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-333-lq.mp3 After catching up with just a bit of year-end security news, for their special holiday episode, Steve and Leo review their favorite Science Fiction books and movies, pulling the commentary they have previously scattered throughout many years into a single reference. Wed, 21 Dec 2011 18:00:00 -0800 http://media.grc.com/sn/sn-332-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-332-lq.mp3 Tom and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. Wed, 14 Dec 2011 18:00:00 -0800 http://media.grc.com/sn/sn-331-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-331-lq.mp3 We had so much news this week that it squeezed out our show's planned topic of Google's new SDPY web browser protocol. So we'll tackle that early next year. In the meantime, Leo and Steve will discuss the news of this very active week! Wed, 07 Dec 2011 18:00:00 -0800 http://media.grc.com/sn/sn-330-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-330-lq.mp3 Tom and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. Wed, 30 Nov 2011 18:00:00 -0800 http://media.grc.com/sn/sn-329-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-329-lq.mp3 After catching up with the week's news, Leo and I examine the operation of Mozilla's solution to the need for secure, reliable and easy-to-use establishment of online Internet identity known as: BrowserID. We also compare it with all of the other existing technologies and solutions we've discussed before. Wed, 23 Nov 2011 18:00:00 -0800 http://media.grc.com/sn/sn-328-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-328-lq.mp3 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. Wed, 16 Nov 2011 18:00:00 -0800 http://media.grc.com/sn/sn-327-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-327-lq.mp3 The day before recording this podcast in the studio with Leo, I attended an annual Internet privacy conference. After catching up with the week's security news, updates, and errata, I share what I saw and learned during the conference, including three VERY promising new privacy and authentication tools. Wed, 09 Nov 2011 18:00:00 -0800 http://media.grc.com/sn/sn-326-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-326-lq.mp3 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. Wed, 02 Nov 2011 18:00:00 -0800 http://media.grc.com/sn/sn-325-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-325-lq.mp3 After catching up with the week's news, Leo and I return this week to our "How the Internet Works" fundamentals series. We examine the challenges presented by "packet-based connections" to further understand the operation of the Internet's most popular and complex protocol: TCP. Wed, 26 Oct 2011 18:00:00 -0800 http://media.grc.com/sn/sn-324-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-324-lq.mp3 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. Wed, 19 Oct 2011 18:00:00 -0800 http://media.grc.com/sn/sn-323-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-323-lq.mp3 After catching up with the week's news, Leo and I return this week to our "How the Internet Works" fundamentals series. We examine the operation of the various attacks that have been made through the years against the Internet's most popular and complex protocol: TCP. Wed, 12 Oct 2011 18:00:00 -0800 http://media.grc.com/sn/sn-322-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-322-lq.mp3 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. Wed, 05 Oct 2011 18:00:00 -0800 http://media.grc.com/sn/sn-321-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-321-lq.mp3 After catching up with the week's security news, Steve and Leo examine the implications of a recent Internet-wide exploit known as BEAST: Browser Exploits Against SSL/TLS. They share the process used by the discoverers of an exploit for this long-known vulnerability and consider its implications. Thu, 29 Sep 2011 18:00:00 -0800 http://media.grc.com/sn/sn-320-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-320-lq.mp3 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. Thu, 22 Sep 2011 18:00:00 -0800 http://media.grc.com/sn/sn-319-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-319-lq.mp3 After catching up with just a bit of the past week's news, Leo and I explore the most mature potential replacement for the Internet's existing (and failing) "trust model" which has always been based upon the unequivocal trust of Certificate Authorities. Thu, 15 Sep 2011 18:00:00 -0800 http://media.grc.com/sn/sn-318-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-318-lq.mp3 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. Thu, 8 Sep 2011 18:00:00 -0800 http://media.grc.com/sn/sn-317-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-317-lq.mp3 After catching up with a week of the amazing news of the security breach of the DigiNotar certificate authority, Steve and Leo continue their "How the Internet Works" series with the first of several episodes describing the operation of the Internet's most used protocol: TCP. Thu, 1 Sep 2011 18:00:00 -0800 http://media.grc.com/sn/sn-316-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-316-lq.mp3 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. Thu, 25 Aug 2011 18:00:00 -0800 http://media.grc.com/sn/sn-315-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-315-lq.mp3 After catching up with the week's news, I explain my goals, development process, and operation of the "Off The Grid" paper-based encryption system I developed for use in encrypting website domain names into matching secure website passwords. Thu, 18 Aug 2011 18:00:00 -0800 http://media.grc.com/sn/sn-314-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-314-lq.mp3 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. Thu, 11 Aug 2011 18:00:00 -0800 http://media.grc.com/sn/sn-313-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-313-lq.mp3 After catching up with a busy week of security updates, and some miscellaneous fun security news, Tom & I return for the second installment of "How The Internet Works" with a look at the ICMP and UDP protocols. Thu, 04 Aug 2011 18:00:00 -0800 http://media.grc.com/sn/sn-312-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-312-lq.mp3 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. Thu, 28 Jul 2011 18:00:00 -0800 http://media.grc.com/sn/sn-311-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-311-lq.mp3 This week, after catching up with a collection of interesting security events, Leo and I take a close look at a recently discovered security coding error, examining exactly how and why it occurred, to understand how easily these kinds of mistakes can be made... and how difficult it can be to EVER find them all. Thu, 21 Jul 2011 18:00:00 -0800 http://media.grc.com/sn/sn-310-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-310-lq.mp3 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. Thu, 14 Jul 2011 18:00:00 -0800 http://media.grc.com/sn/sn-309-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-309-lq.mp3 This week, after catching up with our usual grab bag of Internet-related security and privacy news, including another Microsoft Patch Tuesday, Leo and I plow into the first of a series of forthcoming episodes, which will be spread out over time, describing the detailed technical operation of the ever-more-ubiquitous global Internet. Thu, 07 Jul 2011 18:00:00 -0800 http://media.grc.com/sn/sn-308-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-308-lq.mp3 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. Thu, 30 Jun 2011 18:00:00 -0800 http://media.grc.com/sn/sn-307-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-307-lq.mp3 This week, after catching up on the week's security and privacy news, Steve and Leo take a look at the state of Identity Management in Cyberspace with the U.S. Government's publication of its NSTIC - National Strategy for Trusted Identities in Cyberspace. Thu, 23 Jun 2011 18:00:00 -0800 http://media.grc.com/sn/sn-306-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-306-lq.mp3 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. Thu, 16 Jun 2011 18:00:00 -0800 http://media.grc.com/sn/sn-305-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-305-lq.mp3 This week, after catching up on the week's security and privacy news, Steve and Leo take a close look at "Ghostery," a highly recommended, multi-OS, multi-browser extension that reveals all of the tracking bugs and cookies websites are hosting to track us, and optionally allows them to be blocked. Thu, 09 Jun 2011 18:00:00 -0800 http://media.grc.com/sn/sn-304-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-304-lq.mp3 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. Thu, 02 Jun 2011 18:00:00 -0800 http://media.grc.com/sn/sn-303-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-303-lq.mp3 Steve shares something of a revelation about the true nature of passwords and why "password entropy" really doesn't matter as much as has long been believed. He explains, therefore, how it's possible for passwords to be both memorable AND impossible to crack at the same time. Thu, 26 May 2011 18:00:00 -0800 http://media.grc.com/sn/sn-302-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-302-lq.mp3 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. Thu, 19 May 2011 18:00:00 -0800 http://media.grc.com/sn/sn-301-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-301-lq.mp3 After catching up with the week's security and privacy news, we conclude our two-part series discussing the need for, and applications of, random and pseudo-random numbers. We discuss the ways in which a computer, which cannot produce random numbers, can be programmed to do an extremely good job. Thu, 12 May 2011 18:00:00 -0800 http://media.grc.com/sn/sn-300-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-300-lq.mp3 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. Thu, 05 May 2011 18:00:00 -0800 http://media.grc.com/sn/sn-299-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-299-lq.mp3 This week's security news and events took up so much time that we didn't have time to cover the entire topic of "Randomness" in security and cryptography. So we split the topic into two parts. This first week we open the topic and explain the background, problem and need. Week after next we'll plow into the solutions. Thu, 28 Apr 2011 18:00:00 -0800 http://media.grc.com/sn/sn-298-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-298-lq.mp3 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. Thu, 21 Apr 2011 18:00:00 -0800 http://media.grc.com/sn/sn-297-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-297-lq.mp3 After catching up with a number of extra-interesting security news of the week, Steve and Leo explore the recently raised suggestion that using a three word "pass-sentence" such as "I like tomatoes" would be MORE secure (and far more memorable) than "J4f6<2". Short sentences are certainly easier to remember... but more secure? Thu, 14 Apr 2011 18:00:00 -0800 http://media.grc.com/sn/sn-296-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-296-lq.mp3 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. Thu, 07 Apr 2011 18:00:00 -0800 http://media.grc.com/sn/sn-295-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-295-lq.mp3 After catching up with the past week's very busy security news, Leo and I closely examine the circumstances and repercussions surrounding the mid-March breach of the Comodo SSL certificate authority certificate signing system. Thu, 31 Mar 2011 18:00:00 -0800 http://media.grc.com/sn/sn-294-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-294-lq.mp3 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. Thu, 24 Mar 2011 18:00:00 -0800 http://media.grc.com/sn/sn-293-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-293-lq.mp3 After catching up with a great deal of security news and interesting computer industry miscellania, Steve shares everything he has recently learned from his extensive study into the new security and privacy features of IE9. Thu, 17 Mar 2011 18:00:00 -0800 http://media.grc.com/sn/sn-292-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-292-lq.mp3 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. Thu, 10 Mar 2011 18:00:00 -0800 http://media.grc.com/sn/sn-291-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-291-lq.mp3 After catching up with a very busy week of software updates and wide-ranging security news, Steve & Leo discuss the revelations documented in Symantec's comprehensive "Stuxnet Dossier." Thu, 03 Mar 2011 18:00:00 -0800 http://media.grc.com/sn/sn-290-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-290-lq.mp3 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. Thu, 24 Feb 2011 18:00:00 -0800 http://media.grc.com/sn/sn-289-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-289-lq.mp3 After catching up with the week's security updates and other security-related news, Leo and I discuss the many modes of operation of "Proxied Web Surfing" which are used to bypass firewalls and Internet filters, aid free speech, and alter the contents of web pages retrieved from the Internet. Thu, 17 Feb 2011 18:00:00 -0800 http://media.grc.com/sn/sn-288-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-288-lq.mp3 Tom Merritt and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. Thu, 10 Feb 2011 18:00:00 -0800 http://media.grc.com/sn/sn-287-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-287-lq.mp3 This week, after catching up with a busy "Patch Tuesday," Tom Merritt and I explore the fascinating crypto technology developed to create "BitCoin," the Internet's decentralized peer-to-peer completely private online currency exchange system. Thu, 03 Feb 2011 18:00:00 -0800 http://media.grc.com/sn/sn-286-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-286-lq.mp3 Tom Merritt and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. Thu, 27 Jan 2011 18:00:00 -0800 http://media.grc.com/sn/sn-285-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-285-lq.mp3 After catching up with the week's security updates and news, Leo and I examine the use of "code fuzzing" to locate functional defects in the web browsers we use every day. Surprisingly, every browser in use today can be crashed with this technique. Thu, 20 Jan 2011 18:00:00 -0800 http://media.grc.com/sn/sn-284-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-284-lq.mp3 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed. Thu, 13 Jan 2011 18:00:00 -0800 http://media.grc.com/sn/sn-283-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-283-lq.mp3 After catching up with the week's security and privacy news, Leo and I complete our analysis of the Bluetooth security by examining the history and current status of Bluetooth hacking exploits. We conclude with a set of recommendations for minimizing the Bluetooth attack surface. Thu, 06 Jan 2011 18:00:00 -0800 http://media.grc.com/sn/sn-282-lq.mp3 TWiT Technology Security false http://media.grc.com/sn/sn-282-lq.mp3 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world 'application notes' for any of the security technologies and issues we have previously discussed.