All the entries are in reverse cronological order. The list is meant to be read from bottom to top. So find the episode you are interested in and look at the tweets from Mr. Gibson above the episode title.
2019-10-15 20:32 - "CheckM8" - Security Now #736 Show Notes: http://bit.ly/2IRmReA
We cover a wide range of recent news ((no mention of ransomware!) and take a close look at the recently discovered and widely revealed unpatchable Apple Boot ROM exploit to Jailbreak most iDevices. [ Link to Twitter ]
2019-10-08 20:38 - "Makes Ya WannaCry" Security Now #735 Show Notes:
We cover the news of the past several weeks (more ransomware craziness), and we conclude by looking at a miracle that prevented the end of the world two years ago! [ Link to Twitter ]
2019-10-07 14:28 - The OWASP Gothenburg, Sweden chapter created a terrific video of my presentation there 10 days ago:
This video FULLY demonstrates and EXPLAINS SQRL to anyone who is interested. Share it with other techies! :) [ Link to Twitter ]
2019-10-03 16:45 - Back in the States from a great time talking about SQRL at OWASP groups in Dublin and Sweden. Now in Boston with Leo & Lisa for a fun panel discussion on the topic of Trends in Identity. [ Link to Twitter ]
2019-09-21 21:00 - "The Top 25 Bug Classes"
Security Now #733 Show Notes:
Another week of security craziness including some very interesting security findings from a summary of 4000 small businesses. :) [ Link to Twitter ]
2019-09-17 20:02 - "SIM Jacking" Security Now #732 Show Notes: http://bit.ly/2LyINNd
A surprising universal widespread privacy attack on all SIM-based phones, and a LOT of additional cool news of the week. :) [ Link to Twitter ]
2019-09-15 16:46 - It’s not clear to me what problem this solves. Yes, time of display & recording WOULD be verifiable. But an authentic pattern could simply be patched into any faked video by claiming the same time of recording. And false positive DeepFake verification would be worse than none. https://twitter.com/mcuban/status/1172627057081143297… [ Link to Twitter ]
2019-09-14 20:45 - Early Release of: "The Joy of Sync" Security Now #734, Show Notes: http://bit.ly/2LvFiXF
A bit of non-Sync discussion of the move toward DoH (DNS over HTTPS), then we look into the two terrific Sync solutions I have found and love! :) [ Link to Twitter ]
2019-09-09 19:51 - "DeepFakes" Security Now! #731
Show Notes: http://bit.ly/305jeXY
The most interesting news of the week followed by our first discussions on the podcast of the growing problem of "DeepFake" audio and video. :) [ Link to Twitter ]
2019-09-06 22:40 - Confirmed that the latest "Sync" client for Windows (v2.0.5), under Win7, no longer consumes excess RAM. Yay! "Sync" is my choice for the most cost effective client-side encrypted (TNO) cloud backup, with multi-machine directory sync & versioning. Full details in podcast #734. [ Link to Twitter ]
2019-09-06 15:32 - Excellent news from the @Sync guys at http://bit.ly/31MAgeO: The memory consumption I've been seeing on my Sync'd Win7 machines are/were caused by Win7's leaky old IE engine used for their UI. They're on it and should have it fixed shortly! Whew! [ Link to Twitter ]
2019-09-03 20:30 - "The Ransomware Epidemic"
Security Now! #730 Show Notes:
This week, rather than covering many small topics, we take some deeper dives into just a few topics... and most notably, the worrisome explosion of ransomware attacks. [ Link to Twitter ]
2019-09-03 18:52 - Thanks everyone. I'm settling on:
So dee' no kee bee
It's also fun to say. :) [ Link to Twitter ]
2019-09-03 16:46 - The latest ransomware to take off is known as "Sodinokibi" (aka REvil).
Does anyone have any idea how I should pronounce "Sodinokibi" for the podcast?
I have NO idea! <g> [ Link to Twitter ]
2019-08-30 19:42 - Update on secure file sync: I want to choose http://bit.ly/31MAgeO (@Sync) but it is badly leaking memory on all of my Win7 machines, so I'm unable to recommend it unless/until they fix this problem. I contacted them several days ago. Fingers crossed. [ Link to Twitter ]
2019-08-27 20:12 - "Next Gen Ad Privacy"
Security Now! #729 Show Notes:
We cover the week's most interesting and important news, check-in on SQRL and on my file sync journey, and then we examine a forthcoming formal, non-tracking, system for Internet advertising. [ Link to Twitter ]
2019-08-20 19:28 - "The KNOB is Broken" Security Now #728 Show Notes: https://www.grc.com/sn/SN-728-Notes.pdf…
Our usual round up of the past week's most significant security news. Lots of fun stuff for this first podcast of our 15th year, including coverage of the latest Bluetooth pairing security disaster. :| [ Link to Twitter ]
2019-08-19 22:06 - Slick trick for "native" folder syncing for http://Sync.com or DropBox: Move native folder under the cloud provider's folder, then use "mklink" command (or Mac/Linux equivalent) to create a Symlink to the original folder location. Works perfectly! :)
More details soon! [ Link to Twitter ]
2019-08-19 22:00 - RT @haral: Join us at OWASP OC's Thursday, Aug 22, dinner meeting. Steve Gibson from GRC is talking about SQRL - Secure Quick Reliable Logi… [ Link to Twitter ]
2019-08-19 21:53 - One problem with http://sync.com is no native Linux support. But I'm all Windows on the desktop. Everything else & mobile is covered. But that might be a deal breaker for some. [ Link to Twitter ]
2019-08-19 21:45 - So far I've experimented with Dropbox, ownCloud, nextcloud, SyncThing, http://sync.com and several others. (Got SyncThing to sync to the cloud, too!) I'll be doing a full feature and experience rundown for Security Now #734 on October 1st... after much more experimenting. [ Link to Twitter ]
2019-08-19 21:39 - Currently testing: 5GB free cloud folder/file instant sync with end-to-end TNO encryption, ability to securely share arbitrary file links, prior file version history (ransomware protection) optional offline storage to free up local space, transparent, using existing folders. [ Link to Twitter ]
2019-08-14 21:06 - FYI: I'm heading toward a hybrid solution with zero-cost or paid options, warrant-proof (TNO) cloud storage, optional archival non-local storage, file versioning, ransomware protection, fully cross-platform, and more. :) [ Link to Twitter ]
2019-08-13 20:04 - "Black Hat & Def Con" | Security Now! #727 Show Notes: https://www.grc.com/sn/SN-727-Notes.pdf…
Some of the news arising from the recently concluded annual Las Vegas hacking events, and a bunch of other interesting news, views and feedback. [ Link to Twitter ]
2019-08-06 20:20 - "Steve's File Sync Journey"
Security Now! #726 Show Notes: https://www.grc.com/SN/sn-726-notes.pdf…
Our typical grab bag of interesting security news. Then I share the result of my multi-month search for a reliable and transparent multi-site file-sync. [ Link to Twitter ]
2019-07-30 19:57 - "Urgent/11" Security Now #725 Show Notes: https://www.grc.com/sn/SN-725-Notes.pdf…
The episode =was= going to be titled "Your NAS is Grass!" ... until yesterday's news about 2 Billion VxWorks devices with CRITICAL Remote Code Execution flaws! Stay Tuned! :) [ Link to Twitter ]
2019-07-16 20:20 - "Encrypting DNS" Security Now! #723 Show Notes:
Our typical weekly roll-up of all the week's most interesting security and privacy news, and then a overview survey of the state of DNS Encryption for privacy and security. :) [ Link to Twitter ]
2019-07-09 20:07 - "Gem Hack & Ghost Protocol"
Security Now! #722 Show Notes: https://www.grc.com/SN/sn-722-notes.pdf…
This week we stumble over a number of instances where technology appears to be colliding with the status quo. How could DNS over HTTPS be controversial?? :-/ [ Link to Twitter ]
2019-06-18 20:11 - "Exim Under Siege" Security Now! #719 Show Notes: https://www.grc.com/sn/SN-719-Notes.pdf…
An extra-spiffy-good podcast today, I suspect, with lots of fun and interesting news. Exim, RAMBleed, Tavis Ormandy, BlueKeep, GandCrab, the new Linux SACK nightmare... and more! :) [ Link to Twitter ]
2019-06-04 20:18 - "The Nansh0u Campaign" Security Now #717 Show Notes: https://www.grc.com/sn/SN-717-Notes.pdf…
The anatomy of a powerful state-level attack, apparently now in the hands of amateurs. (And, of course, a bunch of additional interesting news.) [ Link to Twitter ]
2019-05-28 17:41 - How to obtain the new Windows 10 Feature Update 1903 without waiting:
This will download a small 5.9MB update trigger file from Microsoft. [ Link to Twitter ]
2019-05-14 20:13 - Android "Q" Security Now #715 Show Notes: http://bit.ly/2EbPX5T
We look at many significant Google I/O security and privacy announcements, the new "ZombiLoad" Intel Chip problem <sigh> and then the MAJOR progress Google is making with Android "Q". :) [ Link to Twitter ]
2019-05-07 21:05 - “Post-Coinhive Cryptojacking”
Security Now #713 Show Notes:
The way this podcast's topics came out, it might be called the web browser world update. Which is it say... lots of browser news! :) [ Link to Twitter ]
2019-04-30 19:59 - "Credential Stuffing Attacks"
Security Now! #712 Show Notes:
The strong economic incentives underlying the explosive growth of widespread automated username and password guessing... and the Dark Web. [ Link to Twitter ]
2019-04-23 19:52 - "DNSpionage" Security Now! #711 Show Notes: http://bit.ly/2VZNHFz
Lots of interesting news of the week and a look inside a multi-year sophisticated DNS hijacking campaign by a nation-state actor. [ Link to Twitter ]
2019-04-16 20:17 - "DragonBlood"
Security Now! #710 Show Notes:
The first (successful) attacks against the forthcoming WPA3 protocol which will be replacing our current WPA2. And a bunch of other news of the week. [ Link to Twitter ]
2019-04-09 20:13 - "URL "ping" Tracking" Show Notes: http://bit.ly/2D1f8Y7
The final browser capitulation to unblockable tracking of our actions and behavior across the Internet. But also lots of other less depressing news! :) [ Link to Twitter ]
2019-04-02 20:17 - "Android Security" (quotes not meant to demean: impressive results at Android's 10th birthday.) Security Now! #708 Show Notes: http://bit.ly/2CL6DR5
And a bunch of other news and follow-ups! :) [ Link to Twitter ]
2019-03-26 20:05 - "Tesla, Pwned" Security Now! #707
Show Notes: http://bit.ly/2CDMpII
Waaaay too much to talk about this week, including the results of last week's 3-day Pwn2Own competition. [ Link to Twitter ]
2019-03-19 19:50 - "Open Source eVoting" (DARPA)
Security Now #706 Show Notes:
A good assortment of interesting new and a few follow-ups on recent topics. Should be another useful couple of hours! :) [ Link to Twitter ]
2019-03-12 20:37 - "SPOILER"
Security Now #705 Show Notes:
Spectre meets RowHammer and the result is not good. And we also had a TON of interesting news this past week. So... another interesting podcast, I think. :) [ Link to Twitter ]
2019-03-05 21:32 - "Careers in Bug Hunting" Security Now! #704 Show Notes:
Looks like it's going to be another of our "how much can we cram into 2 hours" news-of-the-week podcast! :) [ Link to Twitter ]
2019-02-19 20:16 - "Authenticity on the Internet"
Security Now! #702 Show Notes:
An important topic this week: What happens when text generating AI bots roam the Internet freely posing and posting as humans? That day is closer than we think. [ Link to Twitter ]
2019-01-29 21:23 - "Browser Extension Security"
Security Now! #699, Show Notes:
A whole bunch of news and an urgent need to update two models of Cisco VPN router! [ Link to Twitter ]
2019-01-22 21:32 - Security Now! #698 "Which Mobile VPN Client?" Show Notes:
And lots of news, some errata, miscellany, listener feedback... and a fun main topic/question answered! [ Link to Twitter ]
2019-01-08 20:03 - Security Now! #695
"Here Comes 2019!" Show Notes:
A grab bag of the major news since our last podcast of 2018... with lots of fun and interesting stuff to discuss! [ Link to Twitter ]
2018-12-11 21:25 - "Internal Bug Discovery"
Security Now! #693 Show Notes:
Another very busy and interesting week of news, and some thoughts about how it matters who discovers a company's bugs. :) [ Link to Twitter ]
2018-12-04 21:02 - "GPU RAM Image Leakage"
Security Now! #692 Show Notes:
Residual web page textures left behind in GPU RAM leak where we're been... and... lots of additional interesting news of the week! :) [ Link to Twitter ]
2018-11-27 20:40 - "ECCploit" (pronounced "exploit" :)
Security Now! #691 Show Notes:
This was a light news week, but we have some interesting news, feedback, and a good topic to tear into. :) [ Link to Twitter ]
2018-11-20 20:26 - "Are Passwords Immortal?"
Security Now! #690 Show Notes:
Troy Hunt believes passwords are here to stay and I don't disagree. But at the same time I do think we need an alternative to be available and ready. :) [ Link to Twitter ]
2018-11-13 21:25 - "Self-Decrypting Drives"
Security Now! #689 Show Notes:
A deep dive into poor SSD Encryption implementation. And, as always, lots of other interesting news of the week. [ Link to Twitter ]
2018-11-08 23:24 - GRC'S DNS Spoofability Tests: Back online!
For any who have been missing those tests (which are unique in the world), the system is up and running once again. Sorry for the outage. I was unaware until recently. :) [ Link to Twitter ]
2018-11-06 21:37 - "PortSmash"
Security Now! #688 Show Notes:
A close look at this week's newly revealed troubles with a common processor feature... and much more! :) [ Link to Twitter ]
2018-10-30 20:10 - "Securing the Vending Machine"
Security Now! #687 Show Notes:
Following up on last week's crypto puzzler and, as always, plenty of other news of the past week. [ Link to Twitter ]
2018-10-23 20:16 - "Libssh's Big Whoopsie!"
Security Now! #686 Show Notes:
Lots of other interesting news and, at the end, a Security Now! design puzzler to think about until next week! :) [ Link to Twitter ]