This week we examine and discuss the appearance of new forms of Meltdown and Spectre attacks, the legal response against Intel, the adoption of new cybersecurity responsibility in New York, some...
This week we discuss today's preempted 2nd Tuesday of the month, slow progress on the Intel Spectre firmware update front, a worse-than-originally-thought Cisco firewall appliance vulnerability,...
This week we observe that the Net Neutrality battle is actually FAR from lost, ComputerWorld's Woody Leonard enumerates a crazy January of updates, "EternalBlue" is turning out to be far more...
This week we discuss continuing Spectre updates, how not to treat Tavis Ormandy, a popular dating app where you'd really hope for HTTPS but be surprised to find it missing, the unintended...
The Meltdown and Spectre vulnerabilities continue to dominate the week's news. So we'll first catch up with what's new there, then discuss the new Net Neutrality violation detection apps that are...
This week we discuss more trouble with Intel's AMT, what does Skype's use of Signal really mean, the UK's data protection legislation gives researchers a bit of relief, the continuing winding down...
This week, before we focus upon the industry-wide catastrophe enabled by precisely timing the instructed execution of all contemporary high-performance processor architectures... we examine a...
This week we discuss a new clever and disheartening abuse of our browser's handy-dandy username and password autofill, some recent and frantic scurrying around by many OS kernel developers, a...
In this special rebroadcast of Security Now from February 9, 2011, Steve Gibson explains, in detail, exactly how Bitcoin works.
Hosts: Steve Gibson and Leo Laporte
Guest: Tom Merritt
Download...
This week we examine how Estonia handled the Infineon crypto bug, two additional consequences of the pressure to maliciously mine cryptocurrency, 0-day exploits in the popular vBulletin forum...
This week we discuss the details behind the "USB / JTAG takeover" of Intel's Management Engine, a rare Project Zero discovery, Microsoft's well-meaning but ill-tested IoT security project, troubles...
This week we discuss the long-awaited end of StartCom & StartSSL, inside last week's macOS passwordless root account access and problems with Apple's patches, the question of Apple allowing 3D...
This week we discuss a new bad bug found in the majority of SMTP mailing agents, 54 high-end HP printers found to be remotely exploitable, more than 3/4ths of 433,000 websites are using vulnerable...
This week we discuss Windows having a birthday, Net Neutrality about to succumb to big business despite a valiant battle, Intel's response to the horrifying JTAG over USB discovery, another...
This week we discuss why Steve won't be relying upon Face ID for security, a clever new hack of longstanding NTFS and Windows behavior, the Vault8 WikiLeaks news, the predictable resurgence of the...
This week we discuss the inevitable dilution in the value of code signing, a new worrisome cross-site privacy leakage, is Unix embedded in all our motherboards? The ongoing application spoofing...
This week we examine the source of WannaCry, a new privacy feature for Firefox, Google's planned removal of HPKP, the idea of visual objects as a second factor, an iOS camera privacy concern, the...
This week we discuss some ROCA fallout specifics, an example of PRNG misuse, the Kaspersky Lab controversy, a DNS security initiative for Android, another compromised download occurrence, a...
This week, we examine ROCA's easily factorable public keys, the surprising prevalence of web-based cryptocurrency mining, some interesting work in iOS password dialog spoofing, Google's Advanced...
This week we take a look at a well-handled breach-response at Disqus, a rather horrifying mistake Apple made in the implementation of their APFS encryption (and the difficulty to the user of fully...