Our weekly audio security column & podcast by Steve Gibson and Leo Laporte

TechTV's Leo Laporte and I take 30 to 90 minutes near the end of each week to discuss important issues of personal computer security. Sometimes we'll discuss something that just happened. Sometimes we'll talk about long-standing problems, concerns, or solutions. Either way, every week we endeavor to produce something interesting and important for every personal computer user.  You may download and listen to selected episodes from this page (see below), or subscribe to the ongoing series as an RSS "podcast" to have them automatically downloaded to you as they are produced. To subscribe, use whichever service you prefer . . .  Receive an automatic eMail reminder whenever a new episode is posted here (from ChangeDetection.com). See the section at the bottom of this page.  Send us your feedback: Use the form at the bottom of the page to share your opinions, thoughts, ideas, and suggestions for future episodes.  Leo also produces "This Week in Tech" (TWiT) and a number of other very popular podcasts (TWiT is America's most listened to podcast!) So if you are looking for more informed technology talk, be sure to check out Leo's other podcasts and mp3 files.  And a huge thanks to AOL Radio for hosting the high-quality MP3 files and providing the bandwidth to make this series possible. We use "local links" to count downloads, but all of the high-quality full-size MP3 files are being served by AOL Radio.

Episode Archive Each episode has SIX resources: High quality 64 kbps mp3 audio file Quarter size, bandwidth-conserving, 16 kbps (lower quality) mp3 audio file A web page with any supplementary notes A web page text transcript of the episode A simple text transcript of the episode Ready-to-print PDF (Acrobat) transcript   (Note that the text transcripts will appear a few hours later than the audio files since they are created afterwards.) For best results: RIGHT-CLICK on one of the two audio icons & below then choose "Save Target As..." to download the audio file to your computer before starting to listen. For the other resources you can either LEFT-CLICK to open in your browser or RIGHT-CLICK to save the resource to your computer.

Listener Feedback #226 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world application notes for any of the security technologies and issues we have previously discussed. 63 MB 15 MB 380 KB 15 KB 102 KB 178 KB

Listener Feedback #225 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world application notes for any of the security technologies and issues we have previously discussed. 58 MB 15 MB 342 KB 163 KB 98 KB 175 KB

A Mega News Week This first week of December brought us the early Christmas present of an amazing amount of interesting and important news. This entire episode is chockful of reports and discussion of everything that has happened during the past busy week in security and privacy. 58 MB 15 MB 500 KB 168 KB 95 KB 175 KB

Listener Feedback #224 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world application notes for any of the security technologies and issues we have previously discussed. 47 MB 12 MB 312 KB 136 KB 80 KB 149 KB

Listener Feedback #223 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world application notes for any of the security technologies and issues we have previously discussed. 54 MB 14 MB 365 KB 157 KB 92 KB 167 KB

Encryption: Law Enforcement's Whipping Boy Leo and I discuss a wide range of security news, Steve's feelings about the new iPad Pro, and lots of interesting bits of miscellany. We then revisit the newly controversial question of Internet encryption which has been raised with great emphasis after last week's terrorist attacks in Paris. 52 MB 13 MB 434 KB 155 KB 84 KB 160 KB

Listener Feedback #222 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world application notes for any of the security technologies and issues we have previously discussed. 62 MB 16 MB 330 KB 189 KB 107 KB 192 KB

Verifying iOS App Conduct Leo and I discuss a very busy week of interesting - and somewhat distressing - security and privacy news. Then we explore the fundamental problem with iOS application security enforcement which is going to take Apple some time to resolve. 59 MB 15 MB 391 KB 159 KB 94 KB 170 KB

Listener Feedback #221 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world application notes for any of the security technologies and issues we have previously discussed. 49 MB 13 MB 263 KB 146 KB 83 KB 155 KB

Doing It Wrong This week's podcast is titled "Doing It Wrong" because the week's news happened to include four unrelated examples of companies really getting security wrong. So Leo and I first catch up on the week's other news and miscellany. Then we take a look at four examples of security being done wrong. 39 MB 10 MB 316 KB 118 KB 66 KB 129 KB

Listener Feedback #220 In the wake of the news that LogMeIn is acquiring LastPass, Joe Siegrist, founder and CEO of LastPass, joins us to talk about the acquisition and what he hopes it means for the future of our favorite password manager. We then catch up with the week's news, and share and discuss 10 questions and comments from our listeners. 59 MB 15 MB 225 KB 154 KB 101 KB 179 KB

Breaches & Vigilante Worms9 With many massive Internet data breaches, and a prolific vigilante worm loose on the Internet, Leo and I spend a fun- and fact-filled podcast covering the past week's multitude of news. 47 MB 12 MB 381 KB 125 KB 76 KB 141 KB

Listener Feedback #219 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world application notes for any of the security technologies and issues we have previously discussed. 54 MB 14 MB 278 KB 185 KB 97 KB 182 KB

iOS Content Blockers Leo and I cover a busy past week of security news, then discuss the first week of iOS mobile web content filtering made possible by Wednesday's release of iOS v9. We take a close look at the initial set of content blocking apps available for iOS and Safari. 57 MB 14 MB 355 KB 153 KB 94 KB 170 KB

Disconnect Leo and I cover a relatively small bit of news of the week, including dispelling an unwarranted concern about LastPass being hacked. Then we converse with Patrick Jackson, co-founder and chief technology officer (CTO) of Disconnect, about his company's view of the web-tracking industry, its past and probable future. 43 MB 11 MB 175 KB 116 KB 76 KB 139 KB

Listener Feedback #218 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world application notes for any of the security technologies and issues we have previously discussed. 52 MB 13 MB 317 KB 157 KB 92 KB 168 KB

uBlock Origin Leo and I catch up with the week's major security events. We then examine the ecosystem of web page advertising by comparing it to other "opportunistic advertising" such as that appearing on public transportation, highway billboards, broadcast television commercials and other public venues - which consumers have no obligation to consume. I eschew the implication that visitors to a web page have an obligation to retrieve third-party content, over which the website has little or no control, which consumes bandwidth, reduces online privacy, hinders performance, and potentially exposes visitors to malicious exploitation. And I believe this remains true even when a visitor's retrieval of such despicable third-party content would generate much-needed revenue for the visited site. Finally, I review the many operational features of uBlock Origin, my chosen HTML firewall, which effectively returns control to web users. 44 MB 11 MB 370 KB 112 KB 73 KB 135 KB

Listener Feedback #217 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world application notes for any of the security technologies and issues we have previously discussed. 52 MB 13 MB 178 KB 144 KB 92 KB 166 KB

Security Is Difficult Leo and I catch up on another in a series of very busy weeks of security news. Then we discuss several recently written commentaries about the distressing state of online web advertising. 64 MB 16 MB 478 KB 203 KB 109 KB 198 KB

The Quest for Surfing Safety Leo and I catch up on a busy week of security news, and then we follow my ongoing search for a low-hassle solution for safely browsing the danger-filled World Wide Web. 48 MB 12 MB 266 KB 144 KB 76 KB 146 KB

The Win10 Privacy Tradeoff While Leo and I await the revelations from the ongoing annual Black Hat and DefCon conferences, the fallout from which we will doubtless be dissecting during upcoming weeks, we keep current with other security news and events. We then examine the change of philosophy embodied by Microsoft's Windows 10 and its many controversial spying "features." 57 MB 14 MB 213 KB 180 KB 100 KB 183 KB

HORNET: A fix for TOR? August’s annual DefCon and Black Hat conferences never fail to surprise, worry, and entertain. This year is no different. Though still two weeks off, reports of interesting security troubles are beginning to surface. This week Leo and I examine the week’s news and take a close look at a topic the Internet press got completely wrong: HORNET, a new design for an Internet Anonymity network. 50 MB 12 MB 277 KB 131 KB 81 KB 150 KB

Listener Feedback #216 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world application notes for any of the security technologies and issues we have previously discussed. 52 MB 13 MB 184 KB 178 KB 92 KB 172 KB

SQRL Revisited Security and privacy-related news keeps coming! So this week Father Robert and I will cover the past week's many interesting events. Then we revisit the much evolved and nearly finalized SQRL protocol to see how it has grown and matured during the 92 weeks since I first disclosed its concept during Podcast 424 with Tom. 64 MB 16 MB 284 KB 112 KB 95 KB 162 KB

A Crazy News Week! So much happened in the security and privacy worlds this past week that it will be everything Father Robert and I can do just to cover and discuss it all during a single podcast. So this is one of our pure news coverage and catch-up episodes. I'm sure it's going to be a blast! 58 MB 15 MB 306 KB 117 KB 96 KB 162 KB

Tor's Astoria Client After catching up with a lot of interesting security news, Father Robert and I take a look at recent research into improving the privacy delivered to users of the Tor network. Our conclusions are somewhat distressing. 68 MB 17 MB 326 KB 137 KB 117 KB 192 KB

Listener Feedback #215 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world application notes for any of the security technologies and issues we have previously discussed. 62 MB 15 MB 368 KB 183 KB 107 KB 192 KB

Mozilla's Tracking Protection Leo and I discuss the week's most interesting recent security events and a bit of miscellany. Then we examine the revelations about the current state of Internet user tracking arising from Mozilla's Firefox tracking protection instrumentation. 64 MB 16 MB 517 KB 205 KB 111 KB 199 KB

Listener Feedback #214 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world application notes for any of the security technologies and issues we have previously discussed. 54 MB 14 MB 1.1 MB 170 KB 95 KB 176 KB

Listener Feedback #213 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world application notes for any of the security technologies and issues we have previously discussed. 55 MB 14 MB 327 KB 208 KB 100 KB 190 KB

LOGJAM: Imperfect Forward Secrecy After covering the week's most significant security news, Leo and I closely examine the week's most significant news, a major new vulnerability in the Internet's TLS protocol known as “Logjam.” 46 MB 12 MB 359 KB 144 KB 77 KB 147 KB

Exploiting (Automobile) Keyless Entry After catching up with a busy week of security news, Leo and I take a close look at the surprisingly weak and insecure technology used for today's modern automotive keyless entry and engine start systems. We show how easily it may be bypassed... perhaps for as little as $17 on eBay. 56 MB 14 MB 385 KB 184 KB 97 KB 178 KB

Listener Feedback #212 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world application notes for any of the security technologies and issues we have previously discussed. 50 MB 12 MB 463 KB 175 KB 92 KB 172 KB

Law Enforcement Backdoors Leo and I catch up with the past week's most interesting security events and cover some miscellaneous tidbits. We then examine the carefully written testimony of two leading computer scientists who argue against the feasibility of incorporating encryption backdoors into commercial mobile and other device technologies. 51 MB 13 MB 1.5 MB 134 KB 84 KB 152 KB

Listener Feedback #211 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world application notes for any of the security technologies and issues we have previously discussed. 69 MB 17 MB 915 KB 225 KB 123 KB 220 KB

Great Firewalls & Cannons Leo and I catch up with the most interesting and significant security and privacy news of the week. Then we take a close look at what's known of the mechanisms China has developed - both filtering and offensive weaponry - to provide for their censorship needs and to potentially attack external Internet targets. 52 MB 13 MB 261 KB 134 KB 83 KB 150 KB

Listener Feedback #210 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world application notes for any of the security technologies and issues we have previously discussed. 59 MB 15 MB 890 KB 114 KB 100 KB 166 KB

The TrueCrypt Audit Leo and I catch up on a busy and interesting week of security events. Then we take a close look at the results of the just-completed second phase of the TrueCrypt audit, which focused upon the implementation of TrueCrypt's security and privacy guarantees. 51 MB 13 MB 707 KB 130 KB 83 KB 152 KB

Listener Feedback #209 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world application notes for any of the security technologies and issues we have previously discussed. 59 MB 15 MB 213 KB 178 KB 99 KB 181 KB

Windows Secure Boot Leo and I discuss the recent Pwn2Own hacking competition. We examine another serious breach of the Internet's certificate trust system and marvel at a very clever hack to crack the iPhone four-digit PIN lock. Then we take a close look at the evolution of booting from BIOS to UEFI and how Microsoft has leveraged this into their “Windows Secure Boot” system. We also examine what it might mean for the future of non-Windows operating systems. 45 MB 11 MB 348 KB 126 KB 73 KB 138 KB

Listener Feedback #208 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world application notes for any of the security technologies and issues we have previously discussed. 57 MB 14 MB 343 KB 195 KB 107 KB 195 KB

FREAK & RowHammer Leo and I catch up with several VERY interesting security events and stories of the week. Then we take a deep dive into two of the week's big security stories: FREAK and RowHammer. 48 MB 12 MB 209 KB 156 KB 81 KB 152 KB

Vehicle Hacking Leo and I discuss the week’s tamer-than-usual news; then we host a terrific interview of the team (recently featured on Sunday’s “60 Minutes”) who have been working with DARPA to address the challenge of hardening high-tech networked vehicles – autos and UAVs – against malicious hacking attacks. 48 MB 12 MB 196 KB 148 KB 88 KB 165 KB

Listener Feedback #207 Leo and I discuss the week's major security events, including the revelation of the Lenovo Crapware and the joint GCHQ/NSA Gemalto attack which rendered cellular phones insecure. Then we discuss questions and comments from listeners of previous episodes to tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world application notes for any of the security technologies and issues we have previously discussed. 59 MB 15 MB 385 KB 197 KB 103 KB 190 KB

HTTP/2 Leo and I catch up with several VERY interesting security events and stories of the week. Then we take a close look and a deep dive into the operation of the industry's first change in the official HTTP protocol in 15 years - the finalization and emergence of the HTTP/2 IETF specification which significantly streamlines web browser and web server interaction. 51 MB 13 MB 925 KB 107 KB 79 KB 139 KB

Listener Feedback #206 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world ‘application notes’ for any of the security technologies and issues we have previously discussed. 54 MB 13 MB 721 KB 166 KB 93 KB 167 KB

Tor: Not so Anonymous After catching up with a few important security events of the week, Leo and I revisit and dissect the anonymity promises of TOR in light of scores of academic papers which have questioned its anonymity guarantees. 34 MB 8.5 MB 501 KB 75 KB 51 KB 98 KB

Listener Feedback #205 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world ‘application notes’ for any of the security technologies and issues we have previously discussed. 44 MB 11 MB 91 KB 126 KB 76 KB 140 KB

Cryptographic Backdoors Following this slow week of security news, Leo and I first discuss the news surrounding how and why the U.S. was so sure that North Korea was behind the attack on Sony. Then we examine the cryptographic consequences of the British and U.S. governments' recent pronouncements that terrorist communications should not be allowed to remain secret. 30 MB 7.4 MB 1.2 MB 78 KB 50 KB 102 KB

The Enigma Leo and I first discuss a surprisingly busy week of security news; then, we take a careful walk through the history (it's not what you may think) and the detailed operation of “The Enigma Machine” which Germany used to encrypt their sensitive radio traffic during the Second World War. 55 MB 14 MB 519 KB 126 KB 85 KB 150 KB

Listener Feedback #204 Leo and I discuss the week's major security events and discuss questions and comments from listeners of previous episodes. We tie up loose ends, explore a wide range of topics that are too small to fill their own episode, clarify any confusion from previous installments, and present real world ‘application notes’ for any of the security technologies and issues we have previously discussed. 51 MB 13 MB 1.3 MB 173 KB 92 KB 171 KB

• Current Podcast Page
• Security Now 2022
• Security Now 2021
• Security Now 2020
• Security Now 2019
• Security Now 2018
• Security Now 2017
• Security Now 2016
• Security Now 2015
• Security Now 2014
• Security Now 2013
• Security Now 2012
• Security Now 2011
• Security Now 2010
• Security Now 2009
• Security Now 2008
• Security Now 2007
• Security Now 2006
• Security Now 2005

You can receive an eMail reminder whenever this page is updated with a new Security Now! episode. Click the "Monitor Changes" button to have the highly-regarded "Change Detection" web site monitor this page and send you a note when it changes. Monitor this page for changes:  (it's private by ChangeDetection) Security Now!, SpinRite Testimonials, and other Feedback: Please use GRC's Visitor & Listener FEEDBACK Page where you may easily submit any feedback for Security Now, SpinRite testimonials, suggestions for future Security Now topics or questions & comments for future Listener Feedback episodes. Thank you! https://www.grc.com/feedback

Gibson Research Corporation is owned and operated by Steve Gibson.  The contents of this page are Copyright (c) 2022 Gibson Research Corporation. SpinRite, ShieldsUP, NanoProbe, and any other indicated trademarks are registered trademarks of Gibson Research Corporation, Laguna Hills, CA, USA. GRC's web and customer privacy policy.