This week we discuss the long-awaited end of Start Com & Start SSL, inside last week’s mac OS passwordless root account access and problems with Apple’s patches, the question of Apple allowing 3D facial data access to apps, Facebook’s new and controversial use of camera images, in-the-wild exploitation of one of last month’s patched Windows vulnerabilities, an annoying evolution in browser-based cryptocurrency mining, exploitation of Unicode in email headers, Google’s advancing protection for Android users, a terrific list of authentication dongle-supporting sites and services, Mirai finds another 100,000 exposed Zy XEL routers, Google moves to reduce system crashes, a bit of miscellany including another security-related Humble Bundle offering, and some closing-the-loop feedback from our terrific listeners.
For the other resources you can either LEFT-CLICK to open in your browser or RIGHT-CLICK to save the resource to your computer.This week we examine how Estonia handled the Infineon crypto bug; two additional consequences of the pressure to maliciously mine cryptocurrency; zero-day exploits in the popular v Bulletin forum system; Mozilla in the doghouse over “Mr.This week we discuss some ROCA fallout specifics, an example of PRNG misuse, the Kaspersky Lab controversy, a DNS security initiative for Android, another compromised download occurrence, a browser-based cryptocurrency miner for us to play with...and Google considering blocking them natively, other new protections coming to Chrome, an update on Marcus Hutchins, Microsoft's "True Play" being added to the Win10 fall creators update, some interesting "Loopback" from our terrific listeners...This week we discuss last Friday's passing of our dear friend and colleague Jerry Pournelle, when AI is turned to evil purpose, whether and when Google's Chrome browser will warn of man in the middle attacks, why Google is apparently attempting to patent pieces of a compression technology they did not invent, another horrifying router vulnerability disclosure -- including ten 0-day vulnerabilities, an update on the sunsetting of Symantec's CA business unit, another worrying failure at Comodo, a few quick bits, an update on my one commercial product Spin Rite, answering a closing the loop question from a listener, and a look at the Equifax fiasco.
Although there are an unbelievable FIVE “Sharknado” movies, this will be the first and last time we use that title for a podcast!, can stop sign graffiti be used to misdirect autonomous vehicles?, the final nail in the Wo Sign/Start Com coffin, why we need global Internet policy treaties, this week in "researchers need protection", a VPN provider who is doing everything right, Elcomsoft's password manager cracker, a bit of errata and miscellany...This week we have another update on Marcus Hutchins.We discuss the validity of Wiki Leaks documents, the feasibility of rigorously proving software correctness, and the fact that nearly half a million people need to get their bodies' firmware updated.Sometimes we'll talk about long-standing problems, concerns, or solutions. Receive an automatic e Mail reminder whenever a new episode is posted here (from Change Detection.com). Send us your feedback: Use the form at the bottom of the page to share your opinions, thoughts, ideas, and suggestions for future episodes.