Firewalls Don't Stop Dragons Podcast

Security Is Hard

Listen Later

It’s really easy to complain about the sadly insecure state of many of our products and services, but the fact is that doing security right is hard – even when you’re trying to get it right. Part of the problem is that there are just so many things to secure, even on a single product or service. Today we’re going to discuss several recent security issues with popular products, and why getting it right can be such a daunting task.

In today’s show: a universal decryption key for all REvil ransomware victims prior to July 13th is now available; Microsoft patched a nasty security bug in all of its Windows OS versions, but it’s still being actively exploited (hint: patch now!); it was recently argued that WhatsApp’s end-to-end encryption has a “backdoor”, but I’ll explain why that’s not true; a home security system maker refuses to patch a bug that would allow an attacker to disable your system just by knowing (or guessing) your email address; ProtonMail is forced to alter its “no IP logging” marketing in the face of a recent incident involving a French activist’s account; new Mac malware has emerged that uses poisoned search results to trick its victims; and for my tip of the week, I’ll tell you about a new fourth credit bureau where you should freeze your credit report.

Article Links
  • Free REvil ransomware master decrypter released for past victims https://www.bleepingcomputer.com/news/security/free-revil-ransomware-master-decrypter-released-for-past-victims/ 
  • Recently reported Microsoft zero-day gaining popularity with attackers, Kaspersky says https://www.msn.com/en-us/news/technology/recently-reported-microsoft-zero-day-gaining-popularity-with-attackers-kaspersky-says/ar-AAOyUvR 
  • WhatsApp Fixes Its Biggest Encryption Loophole https://www.wired.com/story/whatsapp-end-to-end-encrypted-backups/ 
  • No, Facebook Isn’t Reading Your Private WhatsApp Messages. The Problem Is Much Worse https://www.inc.com/jason-aten/no-facebook-isnt-reading-your-private-whatsapp-messages-problem-is-much-worse.html 
  • Pwned! The home security system that can be hacked with your email address https://nakedsecurity.sophos.com/2021/09/02/pwned-the-home-security-system-that-can-be-hacked-with-your-email-address/  
  • ProtonMail Amends Its Policy After Giving Up an Activist’s Data https://www.wired.com/story/protonmail-amends-policy-after-giving-up-activists-data/ 
  • New Mac malware spreads via search results https://www.tomsguide.com/news/mac-malware-fake-iterm2
  • Tip of the week: https://firewallsdontstopdragons.com/freeze-you-credit-at-innovis-too/ 
    • Further Info
    • Become a Patron! https://www.patreon.com/FirewallsDontStopDragons 
    • Would you like me to speak to your group about security and/privacy? http://bit.ly/Firewalls-Speaker
    • Stay tuned for a new challenge coin promotion! https://firewallsdontstopdragons.com/get-your-official-challenge-coin/
    • Generate secure passphrases! https://d20key.com/#/ 
      • ...more
      View all episodesView all episodes
      Download on the App Store
      Firewalls Don't Stop Dragons PodcastBy Carey Parker
      • 4.9
      • 4.9
      • 4.9
      • 4.9
      • 4.9

      4.9

      64 ratings

      More shows like Firewalls Don't Stop Dragons Podcast

      View all
      Freakonomics Radio by Freakonomics Radio + Stitcher

      Freakonomics Radio

      32,005 Listeners

      WSJ What’s News by The Wall Street Journal

      WSJ What’s News

      4,339 Listeners

      Making Sense with Sam Harris by Sam Harris

      Making Sense with Sam Harris

      26,327 Listeners

      Security Now (Audio) by TWiT

      Security Now (Audio)

      2,010 Listeners

      Risky Business by Patrick Gray

      Risky Business

      372 Listeners

      Click Here by Recorded Future News

      Click Here

      418 Listeners

      Darknet Diaries by Jack Rhysider

      Darknet Diaries

      8,046 Listeners

      Your Undivided Attention by The Center for Humane Technology, Tristan Harris, Daniel Barcay and Aza Raskin

      Your Undivided Attention

      1,603 Listeners

      Techlore Surveillance Report by Techlore

      Techlore Surveillance Report

      105 Listeners

      The Ancients by History Hit

      The Ancients

      3,282 Listeners

      Hard Fork by The New York Times

      Hard Fork

      5,511 Listeners

      The Rest Is History by Goalhanger

      The Rest Is History

      15,271 Listeners

      Closed Network Privacy Podcast by Simon Walsh

      Closed Network Privacy Podcast

      20 Listeners

      The Peter Zeihan Podcast Series by Peter Zeihan

      The Peter Zeihan Podcast Series

      401 Listeners

      The 404 Media Podcast by 404 Media

      The 404 Media Podcast

      386 Listeners