Please login or sign up to post and edit reviews.
Security Now 937: The Man in the Middle
Publisher |
TWiT TV
Media Type |
audio
Categories Via RSS |
News
Tech News
Technology
Publication Date |
Aug 30, 2023
Episode Duration |
02:09:45
  • Picture of the Week: Steve shares a funny "what we say vs what we mean" image about tech support conversations.
  • WinRAR v6.23 fixes: Steve explains that updating to the latest WinRAR is more important than initially thought, with two critical vulnerabilities being actively exploited by hackers since April to install malware.
  • HTTPS for local networks: Responding to listener email, Steve agrees HTTP is fine for local network devices like routers but notes risks in larger corporate networks.
  • Portable domains for email: Steve endorses a listener suggestion to purchase your own domain and use third-party services, retaining control if a provider shuts down.
  • Google Topics and monopolies: Steve and Leo debate whether Topics favors large advertisers with greater reach to get user targeting data.
  • Voyager 2 antenna analysis: A listener calculates the antenna beam width mathematically, showing 2 degrees off-axis may not be as remarkable as it sounded.
  • Windows time settings: Steve clarifies the STS issue does not impact end users changing Windows clock settings, it's enterprise server-side.
  • Unix time in TLS handshakes: The hosts discuss why Unix time stamps are sent but not required for TLS, tracing back to early nonce generation.
  • Fake flash drives: Steve warns of a slew of fake high-capacity thumb drives flooding the market, explaining how SpinRite tests detected the flaw.
  • Man-in-the-middle attacks: While agreeing HTTPS helps prevent malicious injection, Steve examines MITM attack practicality, arguing they are difficult for hackers to pull off.

Show Notes - 937-Notes.pdf">https://www.grc.com/sn/SN-937-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit

You can submit a question to Security Now at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

This episode currently has no reviews.

Submit Review
This episode could use a review!

This episode could use a review! Have anything to say about it? Share your thoughts using the button below.

Submit Review